Overview
We believe in transparency by default, and what a better way of communicating your information than using reporting dashboards (see Learn about Public or External Sharing to spread your data). However, there are countless reasons to restrict access to some information to just a certain part of your organization. With this in mind, Dashboard Hub provides an Advanced Restrictions mechanism. The way of implementing restrictions is going to sound familiar, since we mimicked Confluence’s page restrictions schema:
"Anyone can view and edit"
"Anyone can view, some can edit"
"Only specific people can view or edit"
You can access and change the dashboard restrictions from two places:
Click the lock icon 
at the top of any dashboard
Open the Dashboard settings window from the … More Actions menu
Remember to Save! After setting your restrictions, remember to click Save, or the changes won’t be kept.
Anyone can view and edit
Lock icon
This setting means that anyone in your Jira or Confluence instance is able to access the dashboard content:
Anyone can view the content
Anyone can edit the content.
The accesible content does not include the datasources. Datasources have their own access restrictions, you can read more in Learn about Datasources.
For those cases when you want everyone viewing your dashboard, but only specific users and/or groups editing it, then you have to select the next permission level Anyone can view, some can edit.
Anyone can view, some can edit
Lock icon
This setting means that anyone in your Jira or Confluence instance is able to view the dashboard content, but only some users/groups can edit it:
Anyone can view the content
Some users/groups can edit the content.
When you select this option, you are restricting who can edit the dashboard. But still anyone in your Jira or Confluence instance will be able to view the dashboard content.
Assign users and/or groups to edit
Type a user's name or a group into the search bar. You can add as many people and groups as needed.
Since anyone can already view the dashboard, the selected users and/or groups display a fixed “Can edit”.
Select Add to add them to the list.
Select Save to save the changes.
To remove someone or a group, click Remove next to their name.
If you still want to restrict specific people to even view your dashboard, select Only specific people can view or edit.
Only specific people can view or edit
Lock icon
This is the setting you want if you want to keep the page private or restricted to a subset of people who have access to the space. As soon as you select Only specific people can view or edit, the page will be locked down so that only you can view and edit it.
From there, you can choose to add specific people who you want to view or edit the page.
To assign specific people the ability to view or edit:
Type a user's name or a group into the search bar. (You can add multiple people and groups to the search bar.)
Select Can edit or Can view.
Select Add to add them to the list with the selected view or edit permission.
Select Apply to save the changes.
To remove someone or a group, simply click the Remove link next to their name.
Some other things to keep in mind
Instead of applying restrictions to individuals, you can use Confluence groups to save on typing out individual names. Learn how to create and update groups.
Confluence permissions are additive. This means that if someone is in two Confluence groups, and one group has permission to view a page while the other does not, that person will still be able to see the page because at least one of the groups they're in has permission to view it.
Confluence's permissions model is set up so that content can only be further restricted from whatever the container is set at. A page cannot have greater access than its container. This creates a ceiling of access. The ceiling for a given permission (view, edit, comment, etc.) could be the site, space, or a parent page, depending on where the restrictions are applied.
You can make certain spaces (or even your whole site) available to the public, which means that anyone on the internet would be able to access your content.
If a user doesn't have access to the page, they won't receive a notification when @ mentioned.
Admin key
As an admin, there may be times when you need to look at content that you haven’t been given permission to view. For example, you may need to unlock a restricted page or space created by an inactive user, or you may need to diagnose content access issues. Admin key allows site admins to access restricted content so they can address these needs.
Admin key is also only available on Confluence's premium plan.
How restricted are restrictions?
If your page has view restrictions, it won't display for anyone who doesn't have permission to view it, neither in the page tree, nor any macros. Unless someone else has specifically been given a link to your page, they won't know it exists.
Exceptions:
If someone has shared a link to a restricted page, or provided a link to it on another page that can be viewed, the link will have the title of the page as part of the URL. However, they won't be able to tell anything else about the page, including who created it, who has permissions, or when it was updated.
Space admins can view and change the restrictions on any content within their space.
Site admins can view and change the restrictions on any content within their site.
See also
-
-
-
Set Up a Wallboard — Set up your information radiator: A wallboard
-
Add and Configure Gadgets — Learn how to add and configure gadgets in dashboards
-
Learn about Datasources — Learn what datasources are, what types there are and why are they one of the key assets in dashboards
-
Add and Manage Datasources — Learn how to add and configure datasources
-
