Permission management includes data object management and row-level permission management.

Data objects include data sources, datasets, worksheets/workbooks, dashboards, and data portals. Data object management can be classified into management of data objects in a personal space and in a workspace.

Row-level permission control

Not all fields in the dataset require row-level permission control. Select fields for row-level permission control based on your needs. Select fields for row-level permission control based on your needs.

The list only displays 500 member values under the field. If the number of member values under the field exceeds 500, and some members cannot be searched but actually exist, these members can be manually added to the list.

In the dialog box of selecting members from the member list, a special member called All exists. If you assign the member to an organizational unit member, this member is not restricted by row-level permissions on the field, no matter the number of members of the field increases or decreases in the future.  After you select the “All” member option for this field, selection of other member options of this field has no restriction effect.

The settings greatly reduce the workload of the permission administrator to maintain special organizational unit members who have relatively higher permissions.

Manage data object in a workspace

In a workspace, the system supports data objects sharing and publishing.

Share data objects in a workspace
Worksheets/workbooks,  dashboards, and data portals can be shared.  Shared files can be accessed by other users in read-only mode, and they cannot be modified, deleted, or saved as another files.
  • Only the creator of a file and the workspace manager can share data objects.
  • If the share function is set as disabled, all files in the workspace cannot be shared.
  • Data objects can be shared only within the workspace. Currently, data objects cannot be shared with Alibaba Cloud accounts out of the organizational unit.

By default, all files in a workspace can be viewed by workspace members in the workspace.

Files in a workspace can be shared to an organizational unit member who is not in the workspace. The member to whom the file is shared can view the file in personal workspace.

Public data objects in a workspace

A public data object can be accessed by all people on the Internet through its link. Therefore, we recommend that you do not publish data objects that contain business data.

Manage data objects in a personal workspace

Only the creator can modify or delete the data objects in personal workspace.

Share data objects in a personal workspace
Worksheets/workbooks,  dashboards, and data portals can be shared.  Shared files can be accessed by other users in read-only mode but cannot be modified, deleted, or saved as another files.
  • Only the creator of the data objects can share the data objects.
  • Only Alibaba Cloud Quick BI users can be shared.

The member to whom the file is shared can view the file in Personal Workspace.

Make data objects public in a personal workspace

A public data object can be accessed by all people on the Internet through its link. Therefore, we recommend that you do not publish data objects that contain business data.