Table Visibility Permissions

Table visibility can be set on import or after a table has been created. Visibility impacts permissions concerning individual table metadata (existence of a table, and a listing of its columns), listings of all tables that a user has access to see and also access to table data. The outline and chart below describe the user types and operations for table visibility.


User Types

Authenticated: all tables are owned by one Account and that Account controls access to Private tables based on Group based permissions. “Authenticated Users” which means Users with membership in either the Viewer, Editor or Admin group under the relevant Account. Servers can have multiple Accounts and Users may be granted access to different groups in different Accounts on the same Server.

Viewer: Can list and view private table meta data, and row data for tables in that account.

Editor: all permissions of viewer plus the ability to create, edit and delete tables for tables in that account.

Admin: all permissions of Editor plus the ability to manage permissions for tables in that account.

Root User: can perform any operation on any Account.

Non Authenticated: a non authenticated user is a user who either (a) is not logged in at all or (b) a logged in user who does not have access to the resource (ie is not granted membership to a Viewer, Editor or Admin group under the Account controlling the table.).


Operations

List All Tables: Metadata requests for listings of all tables are automatically filtered by the user’s credentials. For guest users with no credentials only Public tables (and not unlisted or private) show up in the listings. For logged in User's Private and Unlisted tables owned by accounts for which they are Authenticated are also included in their listings.

Metadata by ID: Metadata requests for an individual table by ID return data for one table. All users may request Metadata by ID for both Public and Unlisted tables. Private table metadata may be requested only by authenticated users.

Table Row Data: Any operation using table row data is restricted for Private tables and may only be accessed by Users with Authenticated Viewer or greater access to that table. Public and Unlisted Table Row data may be viewed by any user. Table row data protections cover any operations that utilizes table data. For example operations like Querying Data, Drawing Image Tiles, or Creating Alert Notifications all require Authentication if the table is Private but not if the table is Public or Unlisted.

Altering Tables: For any type of table (Public, Private or Unlisted) Operations that alter tables like creation, editing, deleting require Editor or Admin access, and operations that alter permissions require Admin access for that account.
 

Table Persmissions
Permission Value Description
Public Visible and usable to the entire public
PublicUnlisted Hidden in the accounting interface but still usable for mapping
Private Protected, hidden and only usable to users explicitly given permission

Examples

Private: Metadata Listings, Metadata fetches by ID and row data for Private tables can only be viewed by Authenticated Users. For example, if Table A is Private and is owned by Account X then only users with Viewer, Editor or Admin permission on Account X.

Unlisted: Metadata Listings, for Unlisted tables can only be viewed by Authenticated Users. For example, if Table A is Private and is owned by Account X then only users with Viewer, Editor or Admin permission on Account X. Unlisted tables are useful when you want all users to be able to access data, but you don’t want the metadata to show up in autocomplete UI or to be otherwise discoverable by users in listings of all tables. This behavior is similar to online photo galleries that allow sharing albums without authentication. Any user with the Table ID can view the table, but users can’t search for and discover the table on their own.

Public: Public tables allow all users to view Metadata Listings, view Metadata fetches by ID and view Row Data.