If you are trying to do something in ThoughtSpot, and cannot access the screens to accomplish it, you may not have the correct privileges. In this case, you should contact your administrator and explain what you want to accomplish. Your administrator may be able to grant you additional privileges.
Privileges in ThoughtSpot
Here are the privileges that the administrator sets, and the capabilities they enable:
- Can administer ThoughtSpot
- Can manage Users and Groups and has view and edit access to all data. Users with this privilege can also download a saved Answer.
- Can upload user data
- Can upload their own data from the application's Data page using Actions > Upload data.
- Can download data
- Can download data from search results and pinboards.
- Can share with all users
- Can see the names of and share with users outside of the groups the user belongs to. Members of groups with this privilege can also share with groups marked as NOT SHARABLE.
- Can manage data
- Can create worksheets and views. Can create Embrace connections.
Note that to edit a worksheet or a view created by another user, you must have the **Edit** permission on that object, and it must be shared with you. - Can use experimental features
- Can access trial and experimental features that ThoughtSpot makes available to early adopters.
- Can invoke Custom R Analysis
- Can access R scripts to further explore search answers. Includes options to invoke R scripts on visualizations, create and share custom scripts, and share the results of R analysis as answers and pinboards.
- Can schedule pinboards
- Can create and edit Pinboard schedules for other users and groups. Without this privilege, users can only create Pinboard schedules for themselves.
- Has SpotIQ privilege
- Can use the SpotIQ feature.
If this privilege is not enabled for the user, but Insights are enabled on the cluster (this is off by default), they can still see "Did you know" SpotIQ insights on the ThoughtSpot home page. - Can administer and bypass RLS
Users in groups with this privilege (directly or through group inheritance):
- Are exempt from row-level security (RLS) rules.
- Can add/edit/delete existing RLS rules.
- Can check or uncheck Bypass RLS on a worksheet.
Your installation configuration may enable or disable the availability of this privilege. By default, it is enabled. Administrators or groups with the privilege Can administer ThoughtSpot can grant this privilege.
- Cannot create or update Pinboads
Users are limited to viewing and exploring curated Pinboards (and Answers). They cannot copy, edit, download, or share them.
This privilege is designed to support embedded implementations, and it is behind a flag.
See Granular access to Pinboards for a deeper discussion of this privilege, and an implementation example.
Combining user privileges
The following table shows the intersection of user privilege and ability:
|
Create/Edit WS
|
Create View
|
Create Embrace Connection
|
Modify Col. Props.1
|
Upload Data
|
Download Data
|
Share within Group
|
Share with all users
|
Manage RLS rules
|
CrUD Relationships
|
Read Relationships
|
See Hidden Cols
|
Join with Upload Data
|
Schema Viewer
|
Use Scheduler
|
Use Auto-Analyze
|
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
Can administer ThoughtSpot | Y | Y | Y | Y | Y | Y | Y | Y | Y | Y2 | Y | Y | Y | Y | Y | Y |
Can upload
user data |
N | N | N | N | Y | N | Y | N | N |
Y3
|
Y4
|
N | N | N | N | N |
Can download data
|
N | N | N | N | N | Y | Y | N | N | N |
Y4
|
N | N | N | N | N |
Can manage data
|
Y | Y | Y | Y | Y | N | Y | N | N |
Y4
|
Y4
|
Y5
|
Y | N | N | N |
Can share with
all users |
N | N | N | N | N | N | Y | Y | N | N |
Y4
|
N | N | N | N | N |
Has SpotIQ privilege
|
N | N | N | N | N | N | N | N | N | N |
Y4
|
N | N | N | N | Y |
Can Administer and Bypass RLS
|
N | N | N | N | N | N | N | N | N | Y | N | N | N | N | N | N |
None | N | N | N | N | N | N | Y | N | N | N |
Y4
|
N | N | N | N | N |
Table notes:
|