Skip to main content
Pentaho Documentation

Use Pentaho Repository Access Control

You can control access to your repository by locking files, establishing connection security, and restricting folder permissions.

Lock and Unlock Jobs and Transformations

You can lock or unlock jobs and transformations.  Locking and unlocking jobs and transformations protect them from being edited by other users.

Lock a Job or Transformation

To lock a job or transformation, complete these steps.

  1. In the Browse tab in the Repository Explorer window, right-click the job, or transformation and select Lock.
  2. Enter the notes in the Lock Notes window that appears.
  3. Click OK.  The job or transformation icon changes to show a padlock.

The lock status icons are updated on each PDI client only when the Repository Explorer is accessed. If you want to refresh lock status in the Repository Explorer, exit and access it again.  Also, select more than one file, hold down the CTRL or SHIFT keys as you select the folders, jobs, or transformations. 

lockicon.png

View Lock Notes

To view notes that were entered when the job or transformation was locked, do these things.

  1. In the Browse tab in the Repository Explorer window, right-click the job, or transformation and select Lock Notes.
  2. The lock note appears in a pop up window. 
  3. Click OK to dismiss the note.

Unlock a Job or Transformation

To unlock a job or transformation, complete these steps.

  1. In the Browse tab in the Repository Explorer window, right-click the job, or transformation and select Lock.
  2. The icon for the job or transformation returns to normal; the padlock icon disappears.

To select more than one file, hold down the CTRL or SHIFT keys as you select the folders, jobs, or transformations.

Access Connection, Security, and Cluster Information

In addition to managing content such as jobs and transformations, click the Connections tab to manage (create, edit, and delete) your database connections in the Pentaho Repository. See Managing Connections for more information about connecting to a database.

Click the Security tab to manage users and roles. Pentaho Data Integration comes with a default security provider. If you do not have an existing security such as LDAP or MSAD, you can use Pentaho Security to define users and roles. You must have administrative privileges to manage security. For more information, see the section called Setting Up User Security.

permissions.png

You can manage your slave servers (Pentaho and Carte instances) by clicking the Slaves tab. See Setting Up a Slave Server for instructions.

Click the Partitions and Cluster tabs to manage partitions and clusters. See Create a Cluster Schema for more information.

Set Folder-Level Permissions

The following table explains the permissions settings for Pentaho Repository content and folders:

Type

Value

Read

If set, the content of the file or contents of the directory will be accessible. Allows execution.

Manage Access Control

If set, access controls can be changed for this object.

Write

If set, enables read and write access to the selected content.

Delete

If set, the content of the file or directory can be deleted.

You must assign both Write and Manage Access Control to a directory in order to enable the selected user to create subfolders and save files within the folder.

You can assign any of these permissions to files and folders stored in a Pentaho Repository. Setting permissions manually overrides inherited permissions if the access control flags allow.

Perform the following steps to set folder-level permissions:

  1. Open the Repository Explorer (Tools > Repository > Explore).
  2. Navigate to the folder to which you want permissions set and click to select it.

    The folder must appear in the right pane before you can set permissions.

  3. In the lower pane, under the Permissions tab, disable Inherit security settings from parent.
  4. Click Add to open the Select User or Role dialog box.
  5. Select a user or role to add to the permission list. Use the yellow arrows to move the user or role in or out of the permissions list. Click OK when you are done.
  6. In the lower pane, under the Access Control tab, enable the appropriate Permissions granted to your selected user or role. 

    If you change your mind, use Delete to remove users or roles from the list.

  7. Click Apply to apply permissions.