Overview
A data permission group is a selection of data that can be accessed by whomever the data permission is applied. You can use either your own or our data filters to create a new data permission group.
How does a restricted data permission differ from a user role?
A user role defines which functionality and pages the user has access to whereas a data permission defines which data they can interrogate. So a user role will define whether a user can create a report, and a data permission will define which data can be seen in that report
How can I tell if I have a restricted data permission?
There is no way (for now) to see if you have a data permission restriction on your account. However, a good indication is that the volume of responses on values you do not have permission for will be at zero for a specific filter. So if there is a filter drop-down showing a lot of responses for some values and zero for all the others, it could indicate that you have a data permission applied to your account. If in doubt, please contact your administrator as they will be able to find this out for you
How to create a new data permission group?
You can create a new data permission group either by starting from scratch or by duplicating an existing role
Starting from scratch
Go to the settings page, then click on ‘User Management’ and navigate to the ‘Data Permissions’ section (if you don’t see the option, it may not be enabled on your account or you may not have access to it)
Click on the ‘Add new’ button
Type in the name you want to give the new data permission group
Duplicating an existing role
Choose an existing role you want to duplicate, this can be a custom or a default role
Click on the 3 dots of that role and select [Duplicate]
Type in the name you want to give the new data permission group
Applying filters to your data permission
Add the filters to apply to this permission group
If a filter is not selected the user will not have any restrictions applied based on that filter
If a filter is selected, the user will only have access to the data that is associated with the values selected within the filter
Save the permission
How to apply a restricted data permissions to another user
You can apply a data permission group to a user either on the Data Permissions page or the Users page.
Users page → Select the user you want to assign a data permission to, click on their current data permission and choose the data permission group from the drop-down menu
Data Permissions page → Choose the data permission group you want to apply, click on the “Users” dropdown, and select the user to whom you want to assign the data permission group.
Users can only be assigned ONE data permission group. They will automatically be unassigned from their previous data permission group
Who can change/assign a data permission group?
Any ‘Admin’ user or any user with a custom role that has the ‘Manage User Settings’ permission enabled
Does a data permission group apply to a single project or across all projects?
As data permissions use filters from your own data-set, which varies by project, a data permission is only applicable to that project.
How does having a restrictive data permission affect users?
Viewing shared reports
You will see the same format of report, but you will only see the data that you have access to so it could look different and show different data depending on whether it is using data that the user does not have permission to view.
Setting up workflows
You can set up a workflow for any data, but you will only receive outputs for data that you have the correct data permission for.
If someone else creates a workflow and includes your email, the output will only have the data you have the correct permission for, however if the workflow action is sending the output to a shared tool (Slack etc.) then any in-app rendering will comply with the creators data permissions. However if the user with a data permission restriction clicks on the link, they will only see data they have access to.
Sharing reports/dashboards internally
Any data permission restrictions that are applied to your account will not be applied to anothers, they will see a report with a filter added that replicates your data permissions
E.g. you have access to “Region” = “North West” OR “North East” and you share a report internally, when others open that report, they will see the report with a filter (Region MATCH ANY “North West”, “North East”)
Sharing reports externally
Sharing your reports externally will share them exactly how you see them, unless they are a Chattermill user, have access to that project and are signed in, in which case they will view the report in-app meaning their own data permission (or lack of) will be applied
How many data permission groups can I create?
Our Enterprise Customers can create up to 10 different data permissions per project. Contact our Customer Support Team if you need more.