Tomáš Gajdoš
05/25/2023, 7:12 AM/api/v1/entities/workspaces/B/analyticalDashboards
returns the dashboards inherited from A, but the request to /api/v1/entities/workspaces/{workspaceId}/analyticalDashboards/{dashboardId}
returns 404. Once you give the user the VIEW permission for the dashboard using the /managePermissions
endpoint, the user can load the dashboard. However, the user can see the edit and share buttons, but in reality, the user cannot save changes or share the dashboard.
We think the user shouldn’t be able to see the dashboards in the list, nor the edit or share buttons, when they don’t have the rights to do that.Moises Morales
05/25/2023, 9:59 AMTomáš Gajdoš
05/25/2023, 10:10 AM{
"hierarchyPermissions": [],
"permissions": []
}
You have a dashboard X in A, with 0 permissions:
// GET /api/v1/actions/workspaces/A/analyticalDashboards/X/permissions
{
"userGroups": [],
"users": []
}
Workspace B (child of A) permissions:
{
"hierarchyPermissions": [],
"permissions": [
{
"assignee": {
"id": "manage",
"type": "userGroup"
},
"name": "MANAGE"
}
]
}
The user is assigned to manage
group. If you make a request, with the user’s token to /api/v1/entities/workspaces/B/analyticalDashboards
, you get X in the response.Tomáš Gajdoš
05/25/2023, 10:11 AM/api/v1/entities/workspaces/B/analyticalDashboards/X
returns 404.Moises Morales
05/25/2023, 12:09 PMWorkspace.MANAGE
hierarchyPermission to the workspace where the dashboard is native to, or to its parent workspace (if the workspace is part of a workspace hierarchy). If you’re working with an old version of GoodData CN, it is recommend to updgrade it to avoid issues like this. I have reached out to you via DM to gather more detailsTomáš Gajdoš
05/29/2023, 8:46 AMTomáš Gajdoš
05/29/2023, 8:51 AMJan Rehanek
05/29/2023, 10:54 AMJan Rehanek
05/29/2023, 11:06 AMgooddata/gooddata-cn-ce:latest
however does not have this behavior anymore, so I would it say it has been hotfixed properly.
Can you please check which version you’re using, to be 100% sure?Tomáš Gajdoš
05/29/2023, 11:15 AMselectCanEditDashboardPermission
selector offers. The native UI also shows the share button and selectCanShareDashboardPermission
returns true, but trying to share results in an error. But I presume that would be fixed in the patch. I’ll report back once we upgrade. Thanks again!Jan Rehanek
05/29/2023, 11:15 AMJan Rehanek
05/31/2023, 7:49 AMTomáš Gajdoš
05/31/2023, 7:50 AMTomáš Gajdoš
06/01/2023, 9:48 AMselectCanEditDashboardPermission
selector still returns true even though the Manage user cannot edit the dashboard, but only save it as new.Jan Rehanek
06/01/2023, 10:18 AMselectCanEditDashboardPermission
selector? I am not sure what the intended behaviour here is or if there’s a better way.Tomáš Gajdoš
06/01/2023, 10:58 AMJan Rehanek
06/01/2023, 11:03 AMJan Rehanek
06/01/2023, 11:04 AMTomáš Gajdoš
06/01/2023, 11:08 AMJan Rehanek
06/01/2023, 11:27 AMJan Rehanek
06/01/2023, 12:03 PMProductboard
06/01/2023, 12:28 PMJan Rehanek
06/02/2023, 11:47 AMTomáš Gajdoš
06/05/2023, 7:00 AM