New Topic
CommunityTopicIdeaSecurity
Following
photo
Eric Hagfors
Yellowfin Support Team
Assigned
Properties
Category Security
Product Version 7.3

How to hide parent org views from client org

Jonathan Allen shared this idea 5 years ago
Idea Logged

We use the parent/client org functionality of YF (7.3). We have inherited parent org views, but in many cases on certain clients should see those views. For parent org level reports, we are able to control sharing at the folder level, but it seems that the views are visible at the client org regardless of the report and folder sharing.

Is there a way to control which views a given client org sees from the parent org? If so, how can we set up those permissions?

2 I like this idea 0  

Replies (2)

photo
1
Eric Hagfors 5 years ago

Hi Jonathon,


Thanks for reaching out with your question. According to the wiki -


Public content that belongs to the Primary Org will also be visible to the Client Org tier, allowing the same content to be used across multiple clients.


So the behavior of being able to see Primary Org views at the client level is to be expected. If you are trying to restrict clients' access to the view, you can utilize the View Security control panel in the View Builder to create custom access rules. Folder security is not utilized in views. Access could also be controlled by creating a User Group and applying security settings there.

62abd5a4b9d0e5e1e1e0965689ef593f

Does these options provide a path to resolution?

Thanks,


Eric

Reply
photo
1
Jonathan Allen 5 years ago

Thanks for the response. We might be able to use this functionality. Ideally, we would want to restrict by client org rather than by user or user group.

photo
1
Eric Hagfors 5 years ago

Hi Jonathon,


I get where you are coming from. To answer the initial question:


Is there a way to control which views a given client org sees from the parent org? If so, how can we set up those permissions?

Yes, there is. Currently, you could define a client org as a user group, which can remediate this behavior, but requires an extra step of creating and configuring the user group.


1. in default org, create User Group - client org 1

7a9b41212219274c29a87df34a966ad6


2. add all desired YF roles as members of client org 1 User group - Content Creator, etcbd0c689c1dfe9751edd5fc07e12fbaea


3. in view builder security tab, define client org 1's access level8dd3925ac47b549f1fb6ef114b580f0e


Now, there is the possibility of streamlining this so that you would have the option to "add" client orgs in the same way you would add user groups, is this the type of enhancement for development you would be looking for?

Thanks,

Eric

photo
1
Jonathan Allen 5 years ago

Hi Eric, thanks for the more detailed example. Yeah we could create a user group that contains all users for a client org, but we still then have the step of maintaining the group membership. Your last suggestion of being able to use client orgs essentially as a dynamic user group is more along the lines of what I was thinking. If we could just pick and choose which client orgs should have access to which views it would solve a big issue for us.

photo
photo
1
Eric Hagfors 5 years ago

Hi Jonathan,


This idea has been logged for future product review.


At this point in time there is not ETA on this request, though if there is any change, we will post it here.

Reply
Leave a Comment
 
Attach a file