Automatic Group Security Defaults (Version 5.3)

In Metric Insights, Groups allow an organization to assign certain Privileges and Permissions to a Group and then assign a cohort of Users to the Group.  For example, all Financial Analysts might be assigned to a Group that has the ability to access all Financial information across all Divisions and create objects using certain Data Sources and Data Collection Triggers.

Types of Groups

For all installs of Metric Insights, there is:

  • One and only one Default Group
  • One or more All Access Groups
  • One or more regular Groups

1. Default Group

When Metric Insights is first installed, the “Default” Group is created during the initial configuration process. Privileges and Permissions are selected as those that the organization want most every user to have.  

As of Release 5.3, a basic set of Privileges are automatically assigned to the Default Group:

  1. All of the Personal Settings grouping except "Create Folders"
  2. All of the Collaboration grouping
  3. All of the Viewer Access grouping
  4. Most of the Power User Content Security grouping but excludes all the "Allow Power User....to any User or Group" Privileges

All other Privileges and Permissions must be granted manually during configuration.

2. All Access Group

 

 

An "All Access" group allows its members to inherit View Access to all available elements, Dimensions, Dimension Values, and Categories.  Prior to Release 5.3, View Access to all Datasets was included but has been removed in 5.3.  

It also includes a set of basic Privileges:

  1. All of the Personal Settings grouping except "Create Folders"
  2. All of the Collaboration grouping
  3. All of the Viewer Access grouping
  4. Most of the Power User Content security grouping but excludes all the "Allow Power User....to any User or Group" Privileges

 

Although all members of this Group receive universal View Access to Elements, Categories and Dimensions, NONE of these are displayed on the corresponding tabs in the grids on either User or Group Editors.  Edit Access must be explicitly granted to an object and, once granted, the selected objects will appear on their respective tabs in related Grids.

If an All Access group is changed to a Regular Group, none of its Privileges are removed from the Group or its members.  All of its automatic Permissions are removed but any manually added Permissions are retained.

3. Regular Groups

A regular Group is created when “All access Group” is set to “no”.  Regular Groups are essentially “blank” with NO automatic Privileges or  Permissions.  Each "right" must be granted individually.  This allows maximum control of the functions that a Group’s members can perform and elements that the members can Use or View