Dashboard permissions can be set in several different locations.

Before you begin

When you find problems with permissions on responsive dashboards, you can review permissions on the Dashboard Sharing panel, group permissions, and dashboard properties.

Role required: dashboard_admin, pa_admin

Procedure

  • Check the permissions on the Dashboard Sharing pane.
    The dashboard owner, users with the dashboard_admin or admin role, and users with the pa_power_user or pa_admin role who can edit the dashboard can perform this step.
  • Review the permissions of the group to which the dashboard belongs.

    Dashboard group permissions do not show up in the dashboard Sharing panel.

    Users with the dashboard_admin, admin, pa_power_user, or pa_admin role can perform this step.
  • Compare the dashboard and dashboard group permissions.

    If permissions are specified on a dashboard, the permissions on the dashboard group are overridden and no do not apply.

    Users with the dashboard_admin, admin, pa_power_user, or pa_admin role can perform this step.
  • On the dashboard properties form, review the roles specified in the Restrict to roles field.

    Only users with one of the roles specified in this field can view the dashboard.

    The dashboard owner, users with the dashboard_admin or admin role, and users with pa_power_user or pa_admin roles who can edit the dashboard can perform this step. Other users who can edit the dashboard can view this field but cannot edit it.

Dashboard permissions scenarios

Permissions on dashboards can be complicated. If you set a permission on a dashboard group, for example, permissions set on a dashboard within that group override it. This matrix shows what is visible based on various combinations of permissions.

Example

The Dashboard permissions scenarios table uses these abbreviations:
Note: Users with admin and dashboard_admin roles have full permissions on all dashboards.

Example

The default permissions for a dashboard group are pa_admin and pa_power_user. If a permission, such as itil, is specified on the dashboard group, this permission is added to the default permission. Permissions on individual dashboards override the dashboard group permission.

Solving issue with edit permissions on responsive dashboards

Users with edit permissions on a responsive dashboard may also need edit permissions on another dashboard that the tab is used in.

Before you begin

Role required: admin

About this task

A dashboard is shared with a user with edit permissions. On some tabs, the user cannot add widgets. When the user selects Add widgets, nothing happens. The same user is able to add widgets to other tabs and dashboards. The cause for the problem is related to how the affected dashboard tab was created. If the dashboard tab was created in a non-responsive dashboard and the tab is linked to another dashboard tab, the affected user needs editing permissions on this other linked dashboard.

Procedure

  1. Navigate to the affected dashboard.
  2. From the context menu , select Dashboard Properties.
  3. Select Launch Dependency Assessment.
    The results show the dashboard and all the tabs used by the dashboard.
  4. Select the affected tab.
  5. From the context menu , choose Show Used By.
    The result shows the dashboards where the tab appears.
  6. Open the other dashboard that uses the affected tab.
  7. Edit sharing permissions on that dashboard and to give edit access to the affected user.

Result

The affected user can now edit the dashboard tab on the responsive dashboard.

Solving issues with shared dashboards in non-global scopes

Dashboards in scoped applications may not be visible to non-admin users. Non-admin users may not be able to view the dashboard or the widgets on the dashboard don't load.

Before you begin

Role required: admin of the associated scoped application.

About this task

Users may see the message 'Dashboard hasn't been shared with user' or 'This dashboard is restricted to the following roles,' without a list of roles.

Procedure

  1. Navigate to All > sys_properties.list.
  2. Set the system property glide.security.scoped_administration.honor_global_acl to true.
    If this property is already set to true, no update is necessary.
  3. As application administrator, switch the scope to the scope the dashboard was created in.
  4. Navigate All > sys_scoped_admin_acl_inheritance.list.
  5. (Optional) If reports have the same issue, create records for these tables:
    • Reports [sys_report]
    • Report Users and Groups [sys_report_users_groups]
  6. Create records for these tables:
    • Dashboard [pa_dashboards]
    • Portal Page [sys_portal_page]
    • Tabs [pa_tabs]
    • Dashboard Permissions [pa_dashboards_permissions]