Hi,
Seriously evaluating Gooddata as our Data Viz ...
# gooddata-platformg
Gregory Benko-Prieur
01/09/2022, 6:28 PMHi,
Seriously evaluating Gooddata as our Data Viz Layer partner and I just encountered a MAJOR problem:
Here's the issue:
1. I created 5 workspace for each of our individual client
2. I created a dashboard in client #1 & client #2
3. I embedded the dashboard of client #1 in client #1's dedicated portal on our side via URL embed
4. I embedded the dashboard of client #2 in client #2's dedicate portal on our side via URL embed
5. Then, absolutely, out of left field, when I connect myself client #1 or client #2's portal on our side, I get access to THE LAST WORKSPACE I VISITED IN THE GOODDATA UI. So if I visit client #2 in GoodData, then, when I open client #1's portal, I access the dashboard of client #2. I even created a new workspace for client #3, and even though I didn't share a link, I can access client #3 in the portal of client #1.....
Absolutely terrible behaviour which absolutely breaks the trust in multitenancy here. Can someone explain what is happening?
j
Jiri Macinka
01/10/2022, 7:47 AMHi Gregory,
we are very pleased that you are trying out the GoodData platform. Let’s take a look at your problem.
If I understand the nature of your problem correctly, you wish to manage multiple workspaces for multiple clients and you need to be sure the data of each client are securely separated. Alternatively, manage their rights and data accesses.
Our platform is very flexible and you can set different access rights for different clients.
You have to identify which data from your Data Source go into which client’s workspace. This is different from data permissions which are applied to workspace users.
You can find more information in our documentation where everything is described.
https://help.gooddata.com/doc/enterprise/en/workspace-and-user-administration/multitenancy-on-the-gooddata-platform
How to manage users, data access, workspace data, etc. see this link:
https://help.gooddata.com/doc/enterprise/en/workspace-and-user-administration
GoodData Enterprise
Multitenancy on the GoodData Platform - Gooddata Enterprise
Everything you want to know about our platform
https://help.gooddata.com/doc/enterprise/en/workspace-and-user-administration/multitenancy-on-the-gooddata-platform
GoodData Enterprise
Workspace and User Administration - Gooddata Enterprise
Everything you want to know about our platform
https://help.gooddata.com/doc/enterprise/en/workspace-and-user-administration
Jiri Macinka
01/10/2022, 7:49 AMPlease, let me know if this helps or if you need anything else.
j
Jiri Zajic
01/10/2022, 5:46 PMHello @Gregory Benko-Prieur, if you created those workspaces under a single user (Admin?) with a single set of credentials, it shouldn't be a surprise that this user you can access all of them.
The correct approach is to keep your client's data separated so that there is technically no way that client #1 could see data from client #2. @Jiri Macinka already shared links on how to do that.
p
Philippe Hébert
01/11/2022, 12:02 AMHi!
I'm working with @Gregory Benko-Prieur, and I can confirm we set up the dashboards using the same Admin account and accessed the embedded dashboard using said admin account.
This being said, we are both of the opinion that the sharing link of a dashboard should only expose said dashboard; nothing more.
We both also believe that a link that shares a single dashboard should not have navigation embedded to access other dashboards that are accessible by the user.
Is there a way to create share a share link for a dashboard that exposes only said dashboard, and nothing more, irrespectively of the permissions of the person logging in to access it?
j
Jiri Zajic
01/11/2022, 12:13 AMHello @Philippe Hébert! Thanks for getting back to us. I believe I understand your arguments, please let me try to explain 🙂
As for hiding the dashboard navigation, this is a very common request by our users, so we implemented a set of URL parameters to configure some of the embedding capabilities. Once you append
?showNavigation=falsep
Philippe Hébert
01/11/2022, 12:21 AMHey @Jiri Zajic!
Yes I think that would indeed help, but I don't think this would entirely solve the issue.
The behaviour described by Gregory resulted in the embed showing the latest dashboard Gregory had accessed rather than the dashboard linked in the sharing link, which to me sounds more like a bug than a feature
j
Jiri Zajic
01/11/2022, 12:28 AMThis being said, we are both of the opinion that the sharing link of a dashboard should only expose said dashboard; nothing more.I agree. And I'm sorry you experienced something that almost broke your trust in multitenancy. Hopefully you'll find the following lines explanatory enough to regain your belief in GoodData's unquestionable security. Your user was Admin who had access to all 3 workspaces. It is a "feature" of our platform that when user returns to the domain without specifying a workspace he/she will be redirected to the last visited workspace (provided he/she still has permissions to view it). This is most likely what happened to you. On a similar note, when you don't specify the dashboard in your embedded URL, a first dashboard in the list will be rendered (provided the user still has permissions to view it). If you make sure that your embedded link contains the workspace id and also the dashboard id, this should never happen. From what I understand about your use-case, your link should look something like this (please note the keyword
/embedded/<https://my.domain.com/dashboards/embedded/workspace/><workspace-id>/dashboard/<dashboard-id>?showNavigation=falseJiri Zajic
01/11/2022, 12:39 AMIt is vital to understand that all these frontend features and configurations are only for user convenience and do not represent the SECURITY aspect of our platform.
You can easily imagine that a hacker (or even skilled user) would be able to obtain the link of an embedded dashboard and alter it; they could turn on showNavigation=true, they could try to brute-force identifiers of others dashboards, etc.
At the end of the day it always boils down to the fact that your client's data are stored in a separated data containers (=workspaces) and that each user has only permissions to access certain workspaces.
This is a bullet proof and absolutely secure setup we've been using since forever. To test this, I would suggest you to invite different users (different email addresses) to certain workspaces and then log out and log in as one of the users and see that he/she truly only gets access to the workspaces he/she was previously invited to, and not to any other workspaces.
Jiri Zajic
01/11/2022, 12:40 AMShould you still have any doubt or questions, please stop by at any Office Hours we host regularly: https://community.gooddata.com/events. My colleagues or I will be happy to answer all your questions and address all your concerns during a Zoom call.
p
Philippe Hébert
01/11/2022, 5:38 PMHi @Jiri Zajic!
If you make sure that your embedded link contains the workspace id and also the dashboard id, this should never happen.Aaaah! You should have started with that 😅 Thank you for the extra information regarding the separation between workspace+user security and sharing - with that information in hand it is clear that in order to get the best outcome in every situation, we should both update our link and also provide dedicated users to our clients, said users having only access to their workspaces (not that we weren't planning to do so). That way, when we demo with our admin account, the dashboard displayed is the one specified in the link, and when the user accesses the interface with their account, they can only gain access to their own dashboard. I'll pass the message along to Gregory and we'll test it in our setup to see the outcome. I'll get back to you as soon as it is done.
🙃 1
🙏 2
j
Jiri Zajic
01/11/2022, 6:19 PMCorrect! 🙂 Glad we cleared that out. Good luck with your POC and please reach out should you need anything else from us.
🙏 1