Administration of your organization

Organization

An organizationis the name given to a customer account in Serenytics. It gathers all your users and objects (i.e. Datasources, Automations and Dashboards) in a single place.

Users

There are four types of users in Serenytics:

  • Viewer

    A viewer can only read dashboards in the Serenytics Viewer app (using the URL https://app.serenytics.com/viewer). He can't create or modify dashboards or any object in Serenytics.

  • Business Analyst

    A Business Analyst can also read dashboards. He can also create and modify dashboards. He can't create new datasources nor access the automations. Usually, a Business Analyst is not a data specialist. He uses already prepared data sources to create and share his own dashboards.

  • Studio

    A Studio user has all the rights in the Serenytics studio app (URL https://app.serenytics.com/studio) but the admin rights. He can create/modify Datasources, Dashboards and Automations. But he has no access to the admin menu.

  • Admin

    A admin user has all the rights (he has the rights of a Studio user plus the admin rights). Through the admin menu, he can manage users and their permissions.

Groups

User groups let you share a dashboard to a group of users in the Viewer application. This simplifies the dashboard sharings, especially when a user arrives in a team or leaves it.

See section Sharings to know how to share a dashboard with a group. Please note that groups are only used to share dashboards to users in their Viewer application. Sharing studio objects (datasources, dashboards and automations) is achieved with studio permissions (see section below).

Studio Permissions

In the Serenytics Studio, rights on the 3 types of objects (Datasources, Dashboards and Automations) are handled by folders. For example, a studio user can have a permission on a folder of datasources named 'Production data'. This means he will be able to modify and use the datasources of this folder.

Permissions can be modified only by an Admin user. A Admin user can give to himself all the permissions he wants. To avoid overloading the interface of an Admin user, newly created folders by other users are not automatically given permissions to admin user.

Warning

In Serenytics, sharing a dashboard to Viewer users is handled in the dashboard options, not in the admin menu. See the documentation here: Dashboard sharing

Note

In Serenytics, a dashboard does not belong to someone. It belongs to the organization and is situated within a folder. And users have (or haven't) permissions on this folder. By default, when a user creates a new folder, he has the most powerful permissions on this folder.

Permissions on Datasources folders

  • Permission Can use in dashboards

    If a user has this permission, he can use the folder datasources in his dashboards. For example, he can add widget querying data on these datasources. This permission does not let him modify the configuration or the formulas of a datasource. This permission is well adapted to share datasources folder to Business Analyst.

  • Permission Can edit formulas

    If a user has this permission on a datasources folder, he also can modify the formulas of this folder datasources. This permission can be used to share datasources to Studio users, or to let a Business Analyst modify formulas of a datasource.

  • Permission Can edit config and delete

    If a user has this permission on a datasources folder, he can do all the modifications on this folder datasources.

Permissions on Dashboards folders

  • Permission Can view and edit

    If a user has this permission on a dashboard folder, he can open and modify its dashboards. But he can't delete the dashboards of this folder.

  • Permission Can delete

    If a user has this permission on a dashboard folder, he can modify (even delete) the dashboards of this folder.

Sharing a dashboard to Viewers

To share a dashboard to allow Viewers to read it (i.e. in the Viewer application), this is achieved in the dashboard options (see Dashboards sharings). It is not achieved using the Studio permissions.

Editing a dashboard without the permission on its datasources

It is possible to have permission to open a dashboard, but some of it sources might be in folders where the user has no permission. When this happens, the dashboard will refuse to load and a message will display the list of folders permissions required to edit this dashboard.

Permissions on Automations folders

  • Permission Can edit, run, delete

    If a user has this permission on an automation folder, he can create/delete/edit/run the automations in this folder.

Specific case of the Home folders

For each one of the 3 Serenytics object types (i.e. Datasources, Dashboards, Automations), a user has a Home folder. A Home folder is specific in the way that it can't be shared to other users. Only its owner can use it. It is a sandbox folder dedicated to tests. Home folders don't appear in the permissions menu and an admin user can't share these dashboards to other users. This means the admin user cannot share a Home folder to himself to see its content.

Objects lifecycles

Deletion of a Viewer user

The user will be removed from the list of dashboards he could access before (in the Viewer app).

Deletion of a Studio/Business Analyst/Admin user

All the folder's permission of this user are deleted. Only permissions are deleted, not the underlying objects.

If the user was set as run-as-user for some automations, this run-as-user will be undefined for these automations. See Run as user field for automations for more details about this field.

Orphan folders

If a user is the only one to have a permission on a folder, when you delete this user, you create an orphan folder. An orphan folder is a folder with existing content, but no one in the organization has permission on this folder, and thus not one sees nor uses it. To solve this issue, the admin can easily detect these orphan folders in the permission menu, and give permission on this folder to other users (or himself to check the content of these folders).

Home folders of a deleted user

When a user is deleted (e.g. John.Doe@serenytics.com), his Home folders are renamed Old home folder for deleted user LOGIN (e.g. Old home folder for deleted user John.Doe@serenytics.com). After this step, they become classical folders and can be managed like any other folder by the admin user. To see this renamed folders, it may be required to reload your browser after the user deletion.

Deletion of a folder of object (i.e. of Datasource, Dashboards or Automation)

A folder can only be deleted when it is empty. If it contains objects, the deletion will be refused.

Deletion of a DataSource

A data source can only be deleted if it is not used in the organization (neither in a dashboard, as a key in a join datasource or in an automation).

Deletion of a datasource used in a Python script

A datasource can be used as input or output of a Python script. When you delete a datasource, Serenytics checks if its unique identifier (i.e. uuid) appears in the source code of a Python script. If it does, the deletion will be refused. Keep in mind that if you access this datasource in a Python script by its name (which is a bad practice), the deletion will be accepted and your script broken.

Deletion of a Dashboard

There is no side effect in deleting a dashboard.

Deletion of an automation

An automation can be deleted if it is not triggered by a chain task.

Deletion of a formula of a datasource

If the formula is used within another formula, its deletion will be refused. If the formula is used in a dashboard of the organization, its deletion will be refused. If the formula is used as the join key of a join, its deletion will be refused. If the unique identifier of the formula appears in the source code of a Python script, its deletion will be refused.