Permissions in the Grepr platform
This page is a reference to the permissions available in the Grepr platform. These permissions are assigned to users based on the user’s role:
- Organization-level roles: Admin and Member
- Team-level roles: Leader and Member
A user can be assigned both an organization-level role and a team-level role. For example, an organization Member can also be a team Leader, giving them view access organization-wide and edit access to their team’s resources.
You can also create custom roles with a specific subset of Grepr platform permissions. To learn more about roles, including custom roles, see Manage users in the Grepr platform.
At both the organization and team levels, there are two types of permissions:
- View: Grants read-only access to specified resources.
- Edit: Grants edit permissions over specified resources, including creating, editing, and deleting those resources.
Resources in the Grepr platform include your organization, vendor, and storage integrations, datasets, templates, users, teams, and jobs.
The following sections provide more details on permissions in the Grepr platform and the permissions for each role type.
Available permissions in the Grepr platform
This table lists all available permissions for organization and team-level roles:
| Permission | Resource | Scope |
|---|---|---|
| Edit | Organization settings | Organization |
| View | Organization settings | Organization or Team |
| Edit | Integrations | Organization or Team |
| View | Integrations | Organization or Team |
| Edit | Jobs | Organization or Team |
| View | Jobs | Organization or Team |
| Edit | Users | Organization |
| View | Users | Organization or Team |
| Edit | Teams | Organization or Team |
| View | Teams | Organization or Team |
| Edit | Templates | Organization or Team |
| View | Templates | Organization or Team |
| Edit | Datasets | Organization or Team |
| View | Datasets | Organization or Team |
Permissions by role
The following are the permissions granted to each role type in the Grepr platform:
- Organization Admins have full control over all resources in the organization, including all team-scoped resources.
- Organization Members have view-only permissions to all resources in the organization.
- Team Leaders have edit permissions for all resources scoped to their specific team or teams. This includes permissions to create and edit jobs, integrations, templates, and datasets assigned to the team. Team Leaders can also view all organization resources, but only edit resources scoped to their team or teams.
- Team Leaders have edit permissions for all resources scoped to their specific team or teams. This includes permissions to create and edit jobs, integrations, templates, and datasets assigned to the team. Team Leaders can also view all organization resources but only edit resources scoped to their team or teams.
- Team Members have view-only permissions to resources scoped to their specific team or teams. A Member can view resources assigned to the team, run backfill jobs, and query logs, but does not have permission to create or edit resources, such as jobs, integrations, templates, or datasets, assigned to the team.
- Teams can be granted access to resources, such as integrations, datasets, or templates, scoped at the organization level. When a team is granted access to a resource, team Leaders have edit permissions on the resource, and team Members have view-only permissions. However, to create or edit a job, such as a pipeline, a team Leader must have view permissions on all the integrations and datasets used by the job. For example, if a job is assigned to the
DevOpsteam, but the team hasn’t been granted access to an integration used in the job, aDevOpsteam Leader cannot edit or run the job. - To create a dataset, you must have edit permission on the integration the dataset belongs to.
For each resource in the Grepr platform, this table shows the specific permissions granted to each role type at both the organization and team levels:
| Permission | Resource | Access Scope | Organization Admin | Organization Member | Team Leader | Team Member |
|---|---|---|---|---|---|---|
| View | Organization Settings | Organization | ✅ | ✅ | ✅ | ✅ |
| Edit | Organization Settings | Organization | ✅ | ❌ | ❌ | ❌ |
| View | Users | Organization | ✅ | ✅ | ✅ | ❌ |
| Edit | Users | Organization | ✅ | ❌ | ❌ | ❌ |
| View | Teams | Organization | ✅ | ✅ | ✅ | ❌ |
| Edit | Teams | Organization | ✅ | ❌ | ❌ | ❌ |
| View | Integrations | Organization | ✅ | ✅ | ❌ | ❌ |
| Edit | Integrations | Organization | ✅ | ❌ | ❌ | ❌ |
| View | Datasets | Organization | ✅ | ✅ | ❌ | ❌ |
| Edit | Datasets | Organization | ✅ | ❌ | ❌ | ❌ |
| View | Jobs | Organization | ✅ | ✅ | ❌ | ❌ |
| Edit | Jobs | Organization | ✅ | ❌ | ❌ | ❌ |
| View | Templates | Organization | ✅ | ✅ | ✅ | ❌ |
| Edit | Templates | Organization | ✅ | ❌ | ❌ | ❌ |
| View | Teams | Team | ✅ | ✅ | ✅ | ✅ |
| Edit | Teams | Team | ✅ | ❌ | ✅ | ❌ |
| View | Integrations | Team | ✅ | ✅ | ✅ | ✅ |
| Edit | Integrations | Team | ✅ | ❌ | ✅ | ❌ |
| View | Datasets | Team | ✅ | ✅ | ✅ | ✅ |
| Edit | Datasets | Team | ✅ | ❌ | ✅ | ❌ |
| View | Jobs | Team | ✅ | ✅ | ✅ | ✅ |
| Edit | Jobs | Team | ✅ | ❌ | ✅ | ❌ |
| View | Templates | Team | ✅ | ✅ | ✅ | ✅ |
| Edit | Templates | Team | ✅ | ❌ | ✅ | ❌ |
Organization roles vs. team roles
This table describes the difference between organization-level and team-level roles. Users can have both types of roles:
| Organization roles | Team roles | |
|---|---|---|
| Scope | Entire organization | A specific team |
| Types | Admin, Member, or Custom Roles | Leader or Member |
| Examples | - Admin: Full access to all resources and settings. - Member: View organization resources. - Custom role, such as “Developer”: Specific permissions like “view all jobs, edit templates”. | - Leader: Manage team members, create team-scoped integrations. - Member: View team resources. |