top

The following is a list of security functions available in Yellowfin and their associated definitions. They have been grouped into sub sections to assist you to identify how and when these functions are used.

The available roles that you see on your Yellowfin instance will depend on your Yellowfin Suite license. If you do not see a role, please check that you have the proper license for it.


Function

Description

General


Report Access CRUD

Allow users to log in to Yellowfin and view, edit, create, and delete reports.

User Profile

Allow users to update their user profile.

Draft Content List

Shows a list of draft content on the Dashboard and Browse pages.

Favorites

Allow users to add reports to their favorites list.

Export Report SettingsAllows users to define the export settings for a report through the save menu, rather than relying on the system default.

Export Reports to CSV

Allow users to export report results to CSV.

Error Email LinkDoes not show a link to send an email on the error page when something goes wrong.
Error StacktraceShows a stack trace on the error page when something goes wrong.

Export Reports and Dashboards to DOC

Allow users to export content items to DOC.

Export Content to PDF

Allow users to export content items to PDF.

Export Reports and Dashboards to XLS

Allow users to export content items to XLS.

Bookmarks and Snapshots

Allows users to create and use bookmarks and snapshots.

Hide Print on Reports & DashboardsHides the Print option on the Report and Dashboard pages.
External ContentAllows users to embed content from external reporting tools. This lets you embed live reports from Tableau, Qlik, and PowerBI, directly into Yellowfin.

Dashboard


Personal Dashboard CRUD

Gives users access to the dashboard page, and allows them to create their personal dashboard, visible only to them.

Hide Dashboard Maximize Report

Hide the maximize option on dashboard reports.

Hide Dashboard Report Menu

Hide the drop-down menu on reports on the dashboard.

Refresh Dashboard Reports

Allow users to set a refresh period on Dashboard reports.

Public Dashboards CRUD

Allows users to create and edit Public dashboards.

Disable Add Existing Tab

Prevents users from adding existing tabs from the Browse Page or the Pre-Built Tab option to their dashboard.

Show Draft Dashboards

Checking this box shows other users' draft dashboards (if access has been granted to the published version). 

Unchecking this box hides all draft dashboards from other users. A user can always see their own draft dashboards regardless of this setting. 

Note that a dashboard can only ever have one draft. If one user has created a draft, no other user can create a draft, but they may be able to view and edit the draft that another user has created. See below for a full description.

When this checkbox is checked:

  • User B can still create drafts from User A's published dashboard (that User A has given User B access to edit).
  • User B can view any drafts that User A has created (if User A has given User B access to a dashboard).
  • User A can always see User B's drafts of User A's dashboards. User A remains the owner of these drafts and can edit them at any time.
  • If User A edits User B's draft of User A's dashboard, User B can still see the draft.

When this checkbox is unchecked:

  • User B can still create drafts from User A's published dashboard (that User A has given User B access to edit).
  • User B can not view any drafts that User A has created (even if User A has given User B access to a dashboard).
  • User A can always see User B's drafts of User A's dashboards. User A remains the owner of these drafts and can edit them at any time.
  • If User A edits User B's draft of User A's dashboard, User B can still see the draft.

Browse


Hide Browse Page

Hide the report browse page.

Hide Advanced Report Search

Hide the advanced search on the report list page.

Hide Columns Option (Browse Page)

Hide the columns option on the report list page. Users will not be able to change the columns displayed.

Hide Report Details (Browse Page)

Hide the report details on the report list page.

Approval Administration

Allow users to see outstanding report approvals

Draft Public Reports

Allow users to see draft versions of public reports created by other users.

Report Builder


Report Types

Allow users to create freehand SQL reports, and Jasper reports.

Public Reports CRUD

Allow users to create and edit public reports.

Versioned Reports

Allows users to archive report result sets, dependent on Content Category Version History settings.

Sub Queries

Allow users to create sub query reports.

Ad Hoc Reports

Allows users to create Ad Hoc reports.

Access Filter

Allow users to set or change the access filter on reports.

Related Content

Allow users to set up co-display, drill down and drill through functionality.

CSV Reports

Allow users to write reports based on CSV files.

Advanced CSV Functionality

Allow users to perform advanced operations on CSV reports such as selecting the data source.

Custom Query Filters

Allow users to create user prompt drop down filters populated by custom SQL queries.

Min/Max default filter values

Allows users to set default values for cached filters to the minimum and maximum cached value.

Disable Cached Filter Values

Disable users from caching report filter values.

SSRS Reports

Allows users to create SSRS Reports.

Allow Freehand SQL Calculated Fields 

Allows users to create Freehand SQL Calculated Fields in reports.
Disable Freehand SQL Calculated Fields Injection CheckAllows users to skip the default checking of injection tokens within Freehand SQL calculated fields, such as excess whitespace ("SELECT ", " FROM ") and unexpected semi-colons and double-dashes. This checkbox should be left unchecked for users to maximise system security (to avoid exposure to SQL injection attacks).  Only check this box for a user role when absolutely required, and ensure that your back-end database connection has the minimum required permissions on it.
JavaScript ChartsAllows users to switch on the JavaScript chart creation functionality in the report builder. (Learn more about this here.)

Report Menu


Broadcast Reports

Allow users to broadcast reports on a one off or scheduled basis.

Distribute Reports

Allow users to distribute reports on dashboard tabs to other users.

Email Reports

Allow users to send an adhoc email copy of a report.

Hide Open Report

Hide the open report menu item.

Hide Report Details (Report Menu)

Hide the report details item on the report menu.

Hide SQL

Hide report SQL from users.

Multicast Reports

Allow users to broadcast reports to external users.

Multicast Access Filter Reports

Allows users to broadcast reports with access filters to external users. The credentials of the user who creates the broadcast will be used to send the report to external users.

Hide Report Refresh

Hide the report refresh menu item.

Hide Embed Links

Removes links to embed reports and dashboards using the Javascript API.

Hide External Links

Removes external direct links to reports and dashboards.

Storyboard


Distribute StoryboardsAllows users to distribute Storyboards to other users.
Email StoryboardsAllows users to send an adhoc email copy of a Storyboard.

Storyboards CRUD

Allows users to view, create, edit or delete Storyboards.

Storyboard Admin

Allows users to edit and delete any private or public Storyboard.

Public Storyboards

Allows users to make a Storyboard public.

Storyboard Global Filters

Allows users to set global filters on Storyboards.

Collaboration


Hide CommentsHides the comment functionality from Reports, Storyboards, and Dashboards.

Annotations CRUD

Allow users to Create, Read, Update, or Delete.

Timeline

Allows users to access their timeline.

Connections

Allows users to connect to other users through their timeline.

Discussion Topics CRUD

Allows users to browse and contribute to discussion topics.

Collaboration Admin

Allow users full administration access to discussion streams, comments, and tasks both public and private.

Activity StreamAllows users to access the activity stream.
Enable TasksAllow users to see and be assigned tasks.
Personal TasksAllow users to create and assign tasks to themselves.
Public TasksAllow users to create and assign tasks to themselves and others.
System Task AdminAllow users to approve or reject the completion of system tasks.

Configuration


Configuration

Allow users to modify Yellowfin site parameters.

Configure Logon ID

Allow users to specify how users are authenticated.

Configure Page Format

Allow users to configure the page layout (integration settings, etc).

Configure Support Email

Allow users to set the support email address.

Header/Footer AdminAllows users to edit the header and footer on their system.

Administration


Content Super User

This role function is only visible when the Allow Content Super User setting is enabled within the Admin Console. A super user can view and delete content across the board, overriding any other config settings related to viewing and managing content. This includes the XML export of private content. Therefore, any user roles given this function have full access to all content, whether private or public, within an organization.

When this function is included in a user role, the role cannot be deleted. Remember, changes at the role level won't take effect for a user until their next successful login.

Approval AdminAllows users to manage outstanding content approvals without having to be specified as the approver.

Import

Allow users to import content from XML files.

Export

Allow users to export content to XML files for backup or transfer to another system.

Folder Access

Allow users to configure report categories.

System Information

Allow admin users to view system information.

License Management

Allow users to view Yellowfin licence details and upload new license files.

Create and Edit Tags

Allow users to create and edit tags used in discussions.

Client Organisation Management CRUD

Allow users to set up and manage client organisations.

Filter Period Management

Allow users to choose which Predefined Date Filters are available.

Translate Content

Allows users to translate user entered data on dashboards, reports and views.

Themes CRUD

Allows users to manage Storyboard Themes.

Geometry Pack Management

Allows users to import and delete GeoPacks.

Background Execution ManagementAllows users to view the current background execution queue, cancel current queries, and force start queued items.
View and Field CategoriesAllows users to manage View and Field Categories from the Admin Console.
Org Reference CodesAllows users to manage Org Reference Codes from the Admin Console.
Plugin ManagementAllows users to manage plugins including Third Party Source Connections, JDBC Drivers, and Advanced Functions.

Data Sources & Views


Data Sources CRUD

Allow users to create, edit, and delete data source connections.

OLAP

Allow users to connect to OLAP data sources.

Data Source Admin CRUD

Allow users to create, edit, and delete all data sources regardless of security restrictions.

Source Filters

Allow users to create data source filters.

Database Views CRUD

Allow users to create, edit, and delete Yellowfin views.

Freehand SQL ViewsAllow users to create Freehand SQL views.

Show Draft Views

Allow users to see views being edited by other users.

Stored Procedures

Allow users to create views against stored procedures.

Force Clone Views

Removes the option to edit existing views directly - users are forced to clone views to edit them.

Hide DBMS Messages

Replaces error messages from DBMS with generic messages.

Create CSV Table

Allow users to create CSV tables within a view.

Composite Views

Allows users to create Composite Views.

Data TransformationsAllows you to access the Data Transformation module.
Skip Schema Check

Bypass schema check when using CheckSchemaForUser functionality.

The CheckSchemaForUser functionality, when enabled, runs a schema test to check if a user has permission to access tables and columns referenced by a Yellowfin report or view. 

If the Skip Schema Check function is enabled for a user, this test is bypassed, granting them access to the content. This is ideal in situations where column or table names get changed or are deleted after view creation, and the user is no longer permitted to access them. With this role, a user can access and update the column/table name at the view. 

Note that this role function is only operational if the CheckSchemaForUser functionality is enabled.


Report as a DatasourceAllows reports to be written against the results of another report.

User Administration


User Management CRUD

Allow users to create, edit, and delete user accounts.

Group Management CRUD

Allow users to create, edit, and delete user groups.

Roles Management

Allow users to create, edit, and delete security roles.

Hide profile password

Removes the password reset option in My Profile.

Disable profile email change

Stops users from changing their email address in My Profile.

Hide profile User ID

Removes the User ID option in My Profile.

Named User

Allows a user to bypass concurrent logon limitations.

Restrict Visible Roles

Restricts the Roles that are visible to a user when adding new users and groups.

Web Services


Web Services

This function is required for a user account that will be used to log in to Yellowfin web services.

Disable Mobile Access

Stops a user from accessing reports via a native mobile application.

Augmented Data Discovery
Assisted DiscoveryAllows you to access the Smart Analysis button in the report builder.
Instant InsightAllows you to access the Auto Analyze option on charts.
Instant Insight SettingsAllows you to access the insight setting button in the view builder.
Signals
Signals ConsumerAllows users to receive and explore Signals.
Configuration

Allows users to configure Signal analysis settings in the View Builder.

Distribute SignalsAllows users to share Signals.
Story
Story CRUDAllows users to view, create, edit or delete Stories.
Distribute StoryAllows users to share a published Story.
Story AdminAllows users to edit and delete any private or public Stories.
Other
Subscribe to BroadcastAllows users to subscribe to report broadcasts.


top