As usual I’ve been exploring, this time with security and working out a standard for securing content in Yellowfin. I thought I’d share a quick overview in case you’re thinking about how it works for your instance. There’s four parts for content security which makes it straight forward to manage on-going, once you’ve done the initial setup.
Users – http://wiki.yellowfin.com.au/display/USER71/Users
Like all other systems, users are an account per individual logging into Yellowfin. Each person should have a unique username and each user requires a license.
Roles – http://wiki.yellowfin.com.au/display/USER71/Roles
This is how you determine the permissions the user has overall in Yellowfin, although content permissions can be specified later in content categories. These roles specify whether a person is read-only, editor or administrator and custom roles can be set-up if you want to specify in more detail.
User Groups – http://wiki.yellowfin.com.au/display/USER71/User+Groups
This is the simplest way to group users. I’d suggest grouping by business unit or at least to the level you want to secure content to. E.g. ‘HR Report Readers’, ‘Finance Report Creators’ etc. This makes it really simple when you’re adding permissions to Content Categories, just bring in the group and manage the users through them.
Content Categories – http://wiki.yellowfin.com.au/display/USER71/Content+Categories
This is the method for securing specific content, normally by a business unit or by any means you want to keep your content separate between users. Within a Content Category you can specify whether a user, role or group can access the content and the level of access they get.
Putting it as simply as I can, the method I’ve found for easy on-going maintenance is; a USER gets assigned a ROLE, one or more ROLES get added to a GROUP and GROUPS are assigned to the CONTENT CATEGORIES with their level of access specified. That means that when you set someone up, all you have to do is assign a role and the rest cascades through.
CONTENT CATEGORY > GROUP > ROLE > USER
If you’re after more info on each of the four parts, the links above should provide some guidance. If you have a different method that works for you, I’d be interested in hearing the alternatives.
Keep exploring! Daniel.