Community

Prevent users from viewing content shared with My Organization

1097
3
12-05-2019 11:03 AM
KieranClark
by
Occasional Contributor
‎12-05-2019 11:03 AM

Here is my use case:

I have an operations Dashboard set up to display a bunch of data to a client outside of our company. We have viewer licenses for them. They need to be able to view all the data in the associated map layers in order for the Dashboard to be functional. However, we do not want them to be able to view all the layers and survey results in the Contents tab. We don't mind them seeing their data, but we're trying to keep the backend processes opaque.

Currently, I have custom groups and a user role set up such that when they click the "My Groups" tab under "Content" it only shows the dashboard. This is great, and eventually what we want to restrict their view to. However, clicking "My Organization" still displays all the individual layers/features used to populate the dashboard. This is what I would like to remove, but I don't see a way around it as if the feature is not shared with them it doesn't appear in their Dashboard view.

Hopefully I've made this clear, but please ask any clarifying questions if I haven't explained something well enough.

0 Kudos
3 Replies
by Anonymous User
Not applicable
‎02-25-2020 06:16 PM

Hi Kieran Clark‌, thanks for providing the detailed use case here. There is not a custom role that can accomplish this at the moment, nor a setting in the security tab. Would the functionality you want be accurately characterized by "provide a custom role that disables viewing certain item types in the Content page, even if these items are shared with the user to give them access to the data in a Web Map or App."

In the meantime, a workaround might be to unshare the items with the organization and share them with the group only, but filter the default item view in the group to app. That way the end user would have to actively clear the filter to see the feature layers, and they wouldn't show up in the organization tab. 

Hope that helps,

-Peter

Tags (1)
0 Kudos
StevenJaques
by
New Contributor II
‎10-20-2022 12:58 PM

I have the exact same scenario.  Is creating a separate Organization the only way to achieve this?

Clubdebambos
by
Occasional Contributor III
‎10-21-2022 01:44 AM

Hi @KieranClark 

This may or may not suit, we implement a strategy where we create custom roles for all users and remove the ability to see organisational data (except for admins) for all. Users can only see what is shared with them in a Group. We also create custom views of feature services where necessary, filtering by location and attributes, and limiting certain fields in the view, so some users only see the portion of the data they are required to see. The views are a separate feature service that update when the parent service is updated. You could use the views in your dashboards instead of the original feature service. 

A view is a bit of an odd term here as its not just for viewing, you can enable editing on a view that syncs back to the parent feature service. Its deemed a different view of the data. 

Link Create hosted feature layer views

The ArcGIS Python API is also a great resource to set them up. 

~ learn.finaldraftmapping.com