As part of the introduction of the new Reports, we are converting existing saved Advanced and Gremlin searches into reports. Next, we are granting users a dedicated report permission based on their user role and dashboard permissions.

Reports makes it possible for everyone with access to a report to see the same data regardless of their workspace permission.

Table Of Contents:


Reports And Migration Highlights

The migration will take place as part of the launch of Reports. The following changes will take place after the release of reports:

Reports

  • Reports can be created using Advanced Search or Gremlin Search in the Report Builder.

  • Only users with admin or writer user roles can create reports. Users with the read-only role are not able to execute Advanced Search queries anymore as they can't create reports.

  • Everyone with access to a report sees the same data regardless of their workspace(s) permissions.

  • Users with the admin, writer or read-only user role can drill-down Gremlin dashboard widgets. Previously, only admin users were able to drill-down Gremlin widgets.

  • The Reporting Overview page and the Dashboards sidebar navigator have been removed and replaced with quick filter buttons in the asset manager in the Home page.

Migration

  • Saved searches will be converted into reports.

  • Dedicated report permissions will be assigned based on user roles.

  • Users with the writer and read-only user roles will:

    • Gain access to the correct search results in reports that they did not create and are used in at least one dashboard they have access to.

    • Lose access to reports that they did not create and are not used in at least one dashboard they have access to.

  • Converted reports with no workspace(s) defined will continue to work exactly as before. However, it won’t be possible to save any changes unless a workspace is selected.

What Is A Report

A report in Ardoq is where you can:

  • Build queries to:

    • Find components or references of a certain type or with specific field values using Advanced Search.

    • Analyze the relationships between the components in your graph data model, and their properties using Gremlin Graph Search.

  • Invite key stakeholders to a report and keep control of who has access to the data

  • Assign dedicated report permissions and manage what users can do

  • Calculate aggregated data in just a few clicks

With reports, you can decide what data to share and with who, and eliminate data silos. Access to the queried workspaces– having admin, writer or read-only workspace permissions– is not required to see the correct search results in the report.

Report Permissions

When adding people to a report, you will be prompted to assign them a report permission. Report permissions do not have any effect on the report data users can see. They simply work together with the user roles to help you manage what users can do in a given report.

Ardoq user roles and report permissions

Report permissions:

  • Admin report permission. Users with the admin report permission can update the report query, add and remove people from the report, update report permissions, and delete the report provided they have read-only permissions on the workspaces the report queries.

  • Writer report permission. Users with this report permission can update the report query provided they at least have read-only permission on the underlying workspace(s). They cannot add or remove people in the report, nor update report permissions.

  • Read-only report permission. Users with the read-only report permission can only see your report search results.

👉 Visit the "How To Create A Report" KB article to see a detailed breakdown of what each permission enables users to do.

Assigned Report Permissions On Converted Reports

Report permissions will be assigned to users based on their user role. Please know that:

  • The migration will take place as part of the launch of Reports.

  • Having access to a report, dashboard or workspace means having a permission on a specific report, dashboard or workspace.

User role

Admin report permission

Writer report permission

Read-only report permission

Admin

On all converted reports whether they created it or not

N/A

N/A

Writer

On converted reports they created

N/A

On converted reports that are used in at least one dashboard they have access to

Read-only

N/A

N/A

On converted reports that are used in at least one dashboard they have access to

Users with the:

  • Admin user role will be assigned the admin report permission on all converted reports .

  • Writer user role will be assigned the admin report permission on converted reports they created.

    Ardoq report permissions
  • Writer and read-only user roles will be assigned the read-only report permission on reports that are used in at least one dashboard they have access to. In other words, a dashboard they have been granted admin, writer, or read-only dashboard permissions.

Ardoq read-only report permission

How Does The Migration Impact The Search Results Users Can See?

Reports enable everyone with access to a report to see the correct data regardless of their workspace permissions.

Users with the admin user role have access to all workspaces in the organization. Thus, they are currently able to see correct search results and will continue to see the correct data after the migration.

On the other hand, users with the writer or the reader user role are currently not able to see the correct search results on searches that query workspaces that they do not have access to. After the migration, these users will gain access to the correct data. In the case users do not have access to any of the workspaces the search queries, they will lose access to the report.

1. Users who will gain access to the correct data.

Users with the writer or reader user role who will be granted the read-only report permission will see the correct search results after the migration.

For example, “Saved search 1” queries Workspace A and Workspace B and it is used in Dashboard A.

  • The search results on “Saved search 1” throw a total of 50 components between Workspace A (40 components) and Workspace B (10 components).

  • John who has the writer user role and Lucy who has the read-only user role do not have access to Workspace A but do have access to Workspace B. They also have access to Dashboard A.

  • Currently, when opening “Saved search 1”, John and Lucy only see there are a total of 10 components because they don’t have access to Workspace A. Thus, the search results do not show the 40 components that live in Workspace A.

  • After the migration:

    • “Saved search 1” will be converted into “Report 1”.

    • John and Lucy will be granted the read-only report permission because they have the writer and reader user roles accordingly, and “Report 1” belongs to a dashboard they have access to (Dashboard A).

    • When opening “Report 1”, John and Lucy will see there are 50 components in total.

Ardoq read-only report permission

👉 Before the migration happens, we recommend removing users or Permission Groups from the dashboards that use searches they shouldn't be able to drill down or to open from the asset manager (Home page).

2. Users who will lose access to the report.

Users with the writer or reader user role who don’t have access to at least one dashboard a report is used in will lose access to the converted report.

For example, “Saved search 2” is used in Dashboard B only.

  • John who has the writer user role and Lucy who has the reader user role do not have access to Dashboard B.

  • Currently, John and Lucy are able to see “Saved search 2” in the asset manager (Home Page). They may or may not be able to see the search results depending on their workspace permissions.

  • After the migration:

    • “Saved search 2” will be converted into “Report 2”.

    • John and Lucy won’t be able to see “Report 2” in the asset manager because they have no access to Dashboard B.

Ardoq Reports before vs. after

👉 After the migration, provided that you are the creator of the report or have admin report permissions, we recommend to go through the reports and assign permissions where it's relevant.

Additionally, converted reports that are not used in any dashboard will continue to be accessible by the creator and users with the admin user role.

For example, Steve created “Saved search 3” and it is not used in any dashboard. After the migration:

  • “Saved search 3” will be converted to “Report 3”.

  • Maria who has the admin user role will continue to see “Report 3” in the asset manager, and will be granted the admin report permission.

  • Steve will continue to see “Report 3” in the asset manager and will be assigned the admin report permission because he is the creator of the report.

  • John who has the writer user role and Lucy who has the reader user role won’t longer see “Report 3” in the asset manager because they did not create “Report 3” and it is not used in any dashboard that they have access to.

Ardoq report permissions

Assigned Workspaces On Converted Reports

A report requires at least one workspace to be selected, so the query analyzes each of them.

  • Advanced Search converted reports will inherit the workspace(s) of the components returned by the search.

  • Gremlin Search converted reports will inherit the workspace(s) of the components returned by the search or the workspaces with components that have references to the workspace defined in the query.

If no workspace is found, the converted report will be left without a defined workspace. They will continue to work exactly as before but it won’t be possible to save any changes to the report if no workspace is selected when editing the report.

If you have any questions, reach out via our website or by using the in-app chat. 💬 We're happy to help.

Did this answer your question?