The following is a list of security functions available in Yellowfin and their associated definitions. They have been grouped into sub sections to assist you to identify how and when these functions are used.
The available roles that you see on your Yellowfin instance will depend on your Yellowfin Suite license. If you do not see a role, then ensure that you have the proper license for it.
Function | Description |
---|---|
General | |
Report Access CRUD | Allows users to log in to Yellowfin and view, edit, create, and delete reports. |
User Profile | Allows users to update their user profile. |
Draft Content List | This option has been replaced with other functionality in Yellowfin 9 and is currently not in use. |
Favorites | Allows users to add reports to their favorites list. |
Export Report Settings | Allows users to define the export settings for a report through the save menu, rather than relying on the system default. |
Export Reports to CSV | Allows users to export report results to CSV. |
Export Reports to TXT | Allows users to export report results to TXT. |
Error Email Link | Does not show a link to send an email on the error page when something goes wrong. |
Error Stacktrace | Shows a stack trace on the error page when something goes wrong. |
Export Reports and Dashboards to DOC | Allow users to export content items to DOC. |
Export Content to PDF | Allow users to export content items to PDF. |
Export Reports and Dashboards to XLS | Allow users to export content items to XLS. |
Bookmarks and Snapshots | Allows users to create and use bookmarks and snapshots. |
Hide Print on Reports & Dashboards | Hides the Print option on the Report and Dashboard pages. |
External Content | Allows users to embed content from external reporting tools. This lets you embed live reports from Tableau, Qlik, and PowerBI, directly into Yellowfin. |
Dashboard | |
Personal Dashboard CRUD | Gives users access to the dashboard page, and allows them to create their personal dashboard, visible only to them. |
Hide Dashboard Maximize Report | Hides the maximize option on dashboard reports. |
Hide Dashboard Report Menu | Hides the drop-down menu on reports on the dashboard. |
Refresh Dashboard Reports | Allows users to set a refresh period on Dashboard reports. |
Public Dashboards CRUD | Allows users to create and edit Public dashboards. |
Disable Add Existing Tab | Prevents users from adding existing tabs from the Browse Page or the Pre-Built Tab option to their dashboard. |
Show Draft Dashboards | Checking this box shows other users' draft dashboards (if access has been granted to the published version). Unchecking this box hides all draft dashboards from other users. A user can always see their own draft dashboards regardless of this setting. Note that a dashboard can only ever have one draft. If one user has created a draft, no other user can create a draft, but they may be able to view and edit the draft that another user has created. See below for a full description. When this checkbox is checked:
When this checkbox is unchecked:
|
Code Mode | Allows users to edit dashboard in Code Mode. |
Broadcast Dashboards | Allows users to broadcast dashboards on a one-off or scheduled basis. |
Subscribe to Dashboard Broadcasts | Allows users to subscribe to — and unsubscribe from — existing dashboard broadcasts. |
Browse | |
Hide Browse Page | Hides the report browse page. |
Hide Advanced Report Search | Hides the advanced search on the report list page. |
Hide Columns Option (Browse Page) | Hides the columns option on the report list page. Users will not be able to change the columns displayed. |
Hide Report Details (Browse Page) | Hides the report details on the report list page. |
Approval Administration | Allows users to see outstanding report approvals |
Draft Public Reports | Allows users to see draft versions of public reports created by other users. |
Hide Data Sources | Disable browsing by Data Sources on the Browse page. |
Report Builder | |
Report Types | Allows users to create freehand SQL reports, and Jasper reports. |
Public Reports CRUD | Allows users to create and edit public reports. |
Versioned Reports | Allows users to archive report result sets, dependent on Content Category Version History settings. |
Sub Queries | Allows users to create sub query reports. |
Ad Hoc Reports | Allows users to create Ad Hoc reports. |
Access Filter | Allows users to set or change the access filter on reports. |
Related Content | Allows users to set up co-display, drill down and drill through functionality. |
CSV Reports | Allows users to write reports based on CSV files. |
Advanced CSV Functionality | Allows users to perform advanced operations on CSV reports such as selecting the data source. |
Custom Query Filters | Allows users to create user prompt drop down filters populated by custom SQL queries. |
Min/Max default filter values | Allows users to set default values for cached filters to the minimum and maximum cached value. |
Disable Cached Filter Values | Disables users from caching report filter values. |
SSRS Reports | Allows users to create SSRS Reports. |
Allow Freehand SQL Calculated Fields | Allows users to create Freehand SQL Calculated Fields in reports. |
Disable Freehand SQL Calculated Fields Injection Check | Allows users to skip the default checking of injection tokens within Freehand SQL calculated fields, such as excess whitespace ("SELECT ", " FROM ") and unexpected semi-colons and double-dashes. This checkbox should be left unchecked for users to maximise system security (to avoid exposure to SQL injection attacks). Only check this box for a user role when absolutely required, and ensure that your back-end database connection has the minimum required permissions on it. |
JavaScript Charts | Allows users to switch on the JavaScript chart creation functionality in the report builder. (Learn more about this here.) |
Save To Disk Broadcast | Allows users to schedule broadcasts to the server’s local disk. |
Report Menu | |
Share Private Content | Allows users to share private reports with other users. Note that if disabled, private reports cannot be shared with anyone. |
Broadcast Reports | Allows users to broadcast reports on a one off or scheduled basis. |
Distribute Reports | Allow users to distribute reports on dashboard tabs to other users. |
Email Reports | Allows users to send an adhoc email copy of a report. |
Hide Open Report | Hides the open report menu item. |
Hide Report Details (Report Menu) | Hides the report details item on the report menu. |
Hide SQL | Hides report SQL from users. |
Multicast Reports | Allows users to broadcast reports to external users. |
Multicast Access Filter Reports | Allows users to broadcast reports with access filters to external users. The credentials of the user who creates the broadcast will be used to send the report to external users. |
Hide Report Refresh | Hides the report refresh menu item. |
Hide Embed Links | Removes links to embed reports and dashboards using the Javascript API. |
Hide External Links | Removes external direct links to reports and dashboards. |
Storyboard | |
Distribute Storyboards | Allows users to distribute Storyboards to other users. |
Email Storyboards | Allows users to send an ad-hoc email copy of a Storyboard. |
Storyboards CRUD | Allows users to view, create, edit or delete Storyboards. |
Storyboard Admin | Allows users to edit and delete any private or public Storyboard. |
Public Storyboards | Allows users to make a Storyboard public. |
Storyboard Global Filters | Allows users to set global filters on Storyboards. |
Collaboration | |
Hide Comments | Hides the comment functionality from Reports, Storyboards, and Dashboards. |
Annotations CRUD | Allows users to Create, Read, Update, or Delete. |
Timeline | Allows users to access their timeline. |
Connections | Allows users to connect to other users through their timeline. |
Discussion Topics CRUD | Allows users to browse and contribute to discussion topics. |
Collaboration Admin | Allow users full administration access to discussion streams, comments, and tasks both public and private. |
Activity Stream | Allows users to access the activity stream. |
Enable Tasks | Allows users to see and be assigned tasks. |
Personal Tasks | Allows users to create and assign tasks to themselves. |
Public Tasks | Allows users to create and assign tasks to themselves and others. |
System Task Admin | Allows users to approve or reject the completion of system tasks. |
Configuration | |
Configuration | Allows users to modify Yellowfin site parameters. |
Configure Logon ID | Allows users to specify how users are authenticated. |
Configure Page Format | Allows users to configure the page layout (integration settings, etc). |
Configure Support Email | Allows users to set the support email address. |
Header/Footer Admin | Allows users to edit the header and footer on their system. |
Administration | |
Content Super User | This role function is only visible when the Allow Content Super User setting is enabled within the Admin Console. A super user can view and delete content across the board, overriding any other config settings related to viewing and managing content. This includes the XML export of private content. Therefore, any user roles given this function have full access to all content, whether private or public, within an organisation. When this function is included in a user role, the role cannot be deleted. Remember, changes at the role level won't take effect for a user until their next successful login. |
Approval Admin | Allows users to manage outstanding content approvals without having to be specified as the approver. |
Import | Allows users to import content from XML files. |
Export | Allows users to export content to XML files for backup or transfer to another system. |
Folder Access | Allows users to configure report categories. |
System Information | Allows admin users to view system information. |
License Management | Allows users to view Yellowfin licence details and upload new license files. |
Create and Edit Tags | Allows users to create and edit tags used in discussions. |
Client Organisation Management CRUD | Allows users to set up and manage client organisations. |
Filter Period Management | Allows users to choose which Predefined Date Filters are available. |
Translate Content | Allows users to translate user entered data on dashboards, reports and views. |
Themes CRUD | Allows users to manage Storyboard Themes. |
Geometry Pack Management | Allows users to import and delete GeoPacks. |
Background Execution Management | Allows users to view the current background execution queue, cancel current queries, and force start queued items. |
View and Field Categories | Allows users to manage View and Field Categories from the Admin Console. |
Org Reference Codes | Allows users to manage Org Reference Codes from the Admin Console. |
Plugin Management | Allows users to manage plugins including Third Party Source Connections, JDBC Drivers, and Advanced Functions. |
Save Corporate Images | Allows users to upload and edit corporate images within the Image Manager. |
Data Sources & Views | |
Data Sources CRUD | Allows users to create, edit, and delete data source connections. |
OLAP | Allows users to connect to OLAP data sources. |
Data Source Admin CRUD | Allows users to create, edit, and delete all data sources regardless of security restrictions. |
Source Filters | Allows users to create data source filters. |
Database Views CRUD | Allows users to create, edit, and delete Yellowfin views. |
Freehand SQL Views | Allows users to create Freehand SQL views. |
Show Draft Views | Allows users to see views being edited by other users. |
Stored Procedures | Allows users to create views against stored procedures. |
Force Clone Views | Removes the option to edit existing views directly - users are forced to clone views to edit them. |
Hide DBMS Messages | Replaces error messages from DBMS with generic messages. |
Create CSV Table | Allows users to create CSV tables within a view. |
Composite Views | Allows users to create Composite Views. |
Data Transformations | Allows you to access the Data Transformation module. |
Skip Schema Check | Bypasses schema check when using CheckSchemaForUser functionality. |
Report as a Datasource | Allows reports to be written against the results of another report. |
User Administration | |
User Management CRUD | Allows users to create, edit, and delete user accounts. |
Group Management CRUD | Allows users to create, edit, and delete user groups. |
Roles Management | Allows users to create, edit, and delete security roles. |
Hide profile password | Removes the password reset option in My Profile. |
Disable profile email change | Stops users from changing their email address in My Profile. |
Hide profile User ID | Removes the User ID option in My Profile. |
Named User | Allows a user to bypass concurrent logon limitations. |
Restrict Visible Roles | Restricts the Roles that are visible to a user when adding new users and groups. |
Web Services | |
Web Services | This function is required for a user account that will be used to log in to Yellowfin web services. |
Disable Mobile Access | Stops a user from accessing reports via a native mobile application. |
Augmented Data Discovery | |
Assisted Discovery | Allows you to access the Smart Analysis button in the report builder. |
Instant Insight | Allows you to access the Auto Analyze option on charts. |
Instant Insight Settings | Allows you to access the insight setting button in the view builder. |
Signals | |
Signals Consumer | Allows users to receive and explore Signals. |
Configuration | Allows users to configure Signal analysis settings in the View Builder. |
Distribute Signals | Allows users to share Signals. |
Story | |
Story CRUD | Allows users to view, create, edit or delete Stories. |
Distribute Story | Allows users to share a published Story. |
Story Admin | Allows users to edit and delete any private or public Stories. |
Mobile | |
Disable Mobile Access | Stops users from accessing any Yellowfin mobile apps, if selected. |
Mobile Self Invite | Allows users to invite themselves to log into the mobile app through the onboarding method. |
Mobile Admin | Allows admin users to access the Mobile Access Management page to manage all mobile users via the Yellowfin platform. |
Other | |
Subscribe to Broadcast | Allows users to subscribe to report broadcasts. |