RBAC FAQs

Understanding Finout’s Roles, Permissions, and User Groups.

What is the significance of having an admin role in terms of data access?
Admin roles do not automatically grant universal data access. An admin who is not part of any group will not have access to any data. In Finout’s RBAC system, being part of specific groups determines access to data, not just the role title itself.
How can I set up a user or group to have access to all data within Finout?
To ensure a user or group has access to all data, they must be included in every relevant group. Alternatively, you can create a group with Discretionary Access Control (DAC) rules that explicitly grant access to every organizational unit or dataset you wish to include, ensuring comprehensive access.
Is it possible to have an “admin” group that sees everything? How does it work?
Yes, you can create an “admin” group with comprehensive access by ensuring it’s part of every necessary group or by setting DAC rules that grant access to all organizational units or datasets. This setup will allow the admin group to see everything across the platform.
Can we set up a read-only group that has access to all data?
Similar to creating an admin group with full access, a read-only group can be established by ensuring it has DAC rules for every organizational unit or dataset. This setup would grant read-only access to all data across the platform to members of this group.
Who has access to dashboards in Finout, and how is data visibility controlled?
In Finout, all users have access to all dashboards, as the platform does not yet support Access Control Lists (ACL) for dashboard accessibility. However, the visibility of data within these dashboards is governed by data access permissions tied to the groups a user is part of. This ensures that while users can view any dashboard, the data displayed is filtered according to their group memberships and the specific permissions those groups have.
Can read-only users modify dashboards in Finout?
No, read-only users cannot edit dashboards in Finout. While they have access to view all dashboards, their permissions are limited to viewing data only. This restriction is in place to prevent unauthorized modifications to dashboards, ensuring that only users with the appropriate permissions can make changes.
If a user belongs to multiple SAML groups that have corresponding groups in Finout, will Finout assign the user to all of these matching groups?
Yes, if a user belongs to multiple SAML groups that have corresponding groups in Finout, Finout will assign the user to all of these matching groups.

PreviousEdit Group Users and SAML Groups NextEndpoints

Last updated 7 months ago

Was this helpful?

RBAC FAQs

Understanding Finout’s Roles, Permissions, and User Groups.

What is the significance of having an admin role in terms of data access?
Admin roles do not automatically grant universal data access. An admin who is not part of any group will not have access to any data. In Finout’s RBAC system, being part of specific groups determines access to data, not just the role title itself.
How can I set up a user or group to have access to all data within Finout?
To ensure a user or group has access to all data, they must be included in every relevant group. Alternatively, you can create a group with Discretionary Access Control (DAC) rules that explicitly grant access to every organizational unit or dataset you wish to include, ensuring comprehensive access.
Is it possible to have an “admin” group that sees everything? How does it work?
Yes, you can create an “admin” group with comprehensive access by ensuring it’s part of every necessary group or by setting DAC rules that grant access to all organizational units or datasets. This setup will allow the admin group to see everything across the platform.
Can we set up a read-only group that has access to all data?
Similar to creating an admin group with full access, a read-only group can be established by ensuring it has DAC rules for every organizational unit or dataset. This setup would grant read-only access to all data across the platform to members of this group.
Who has access to dashboards in Finout, and how is data visibility controlled?
In Finout, all users have access to all dashboards, as the platform does not yet support Access Control Lists (ACL) for dashboard accessibility. However, the visibility of data within these dashboards is governed by data access permissions tied to the groups a user is part of. This ensures that while users can view any dashboard, the data displayed is filtered according to their group memberships and the specific permissions those groups have.
Can read-only users modify dashboards in Finout?
No, read-only users cannot edit dashboards in Finout. While they have access to view all dashboards, their permissions are limited to viewing data only. This restriction is in place to prevent unauthorized modifications to dashboards, ensuring that only users with the appropriate permissions can make changes.
If a user belongs to multiple SAML groups that have corresponding groups in Finout, will Finout assign the user to all of these matching groups?
Yes, if a user belongs to multiple SAML groups that have corresponding groups in Finout, Finout will assign the user to all of these matching groups.

PreviousEdit Group Users and SAML Groups NextEndpoints

Last updated 7 months ago

Was this helpful?