Dashboards have special granular view and edit permissions that are managed from the
Sharing pane. Access control lists (ACLs) apply to most widgets that are added to
- Users with any role can create dashboards, share dashboards that they own with users and
groups, and edit dashboards if they have been given edit permissions. Users with any role can
restrict access by role to any dashboard that they have created. The user also needs whatever
roles are necessary to access the specific data on the dashboards.
- Users without a role can view dashboards that have been shared with them, but cannot create
or edit dashboards.
- Users with pa_admin and pa_power_user roles can manage users, groups, and roles on any
dashboard that they can edit.
- Users with the dashboard_admin or admin role can edit and manage users, groups, and roles
for any dashboard. Admin and dashboard_admin users can also change a dashboard owner at any
- Only a dashboard owner and users with the dashboard_admin or admin role can delete that
- The ability of
users to share responsive dashboards may be limited by the administrator. For more
information, see Responsive dashboard properties.
Note: The columns Visible to, Groups, Users, and Requires Roles only apply to
non-responsive dashboards. The values in these columns do not apply to responsive dashboards.
Widget ACLs apply when that widget is added to dashboards (except for Performance Analytics widgets). If a user can
view a dashboard but does not have ACLs to view one of its widgets, an empty widget placeholder
is displayed. ACLs do not apply to data visualizations that aggregate data, such as pie or bar
reports. ACLs always apply to list data that is displayed in widgets. Rows in a list that a user
does not have access to are not displayed.
Note: ACLs are not applied to Performance Analytics widgets that are added to
dashboards. Any user who can view a dashboard can view all its Performance Analytics widgets. Performance Analytics widgets can only be added
to dashboards by users with the pa_power_user, pa_admin, and admin roles.
The Restrict to role field on the dashboard properties form and
dashboard group permissions may have an impact on dashboard permissions. The dashboard owner, and
users with pa_power _user, pa_admin, or admin roles can change dashboard properties. Users with
the pa_power_user, pa_admin, and admin roles can change dashboard group permissions.
For example, when you add a pie report widget with 36 records to a dashboard, users who
can access to that dashboard and that report can view the report of all 36 records. However, if a
user drills down into the list view for that widget, only the records the user is allowed to
access are visible.