Repository Roles
When you create a repository, matching pairs of Repository Roles that have identical names are created in the Repository Permission Management and the User Management. The Repository Permission Management roles and the User Management roles have been merged into Repository Roles to meet BI Services requirements. A Repository Role is consistent, if a role with the same name exists on Repository Permission Management and User Management level:
| Role | Permissions | Protection | Migration/Changes |
|---|---|---|---|
| Supreme Administrator | Total Control | Yes | Empty User Management role created |
| User Management Link Administrator | Administer User Management Link | Yes | Empty User Management role created |
| Repository Administrator |
Administer Repository Create Application Administer User Management Link Administer Users and Groups |
Yes |
User Management role is renamed Joined with User Management role Administer Assigned to Create Application and Administer User Management Link |
| Application Creator | Create Application | Yes |
Empty User Management role created Original role name Project Creator is renamed |
| Change Password | Change Password | Yes |
Empty Repository Role created Original role Edit Password is renamed |
| Designer User | Use BI Designer | Yes | Empty User Management role created |
| Studio User |
Empty User Management role created Not visible in BI Services and on-premise environment |
||
| Farm Administrator |
Administer Farm Administer Log View Log |
Yes |
Created Visible in BI Services environment |
| Log Administrator |
Administer Log View Log |
Yes |
Created Visible in BI Services environment |
| Log Viewer | View Log | Yes |
Created Visible in BI Services environment |
Existing repositories are migrated according to these rules:
- The User Management role Administer is renamed to Administer Repository to match the Repository Permission Management role so that they are joined. The role will is not assigned to additional permissions. The role assignments to users and groups will not be changed as these roles are still separated in on-premise environments.
- The Project Creator role is renamed to Application Creator.
- The Edit Password role is renamed to Change Password.
- All Repository Permission Management roles are amended by User Management roles of same name without assigned permissions and vice versa.
- Farm Administrator, Log Administrator, and Log Viewer roles are created anew, both as Repository Permission Management and User Management roles.
Repository Roles are protected according to these rules:
- All built-in Repository Roles are protected in newly created repositories including their permission assignments.
- In migrated repositories only the roles Farm Administrator, Log Administrator, and Log Viewer including their permission assignments are protected.
- Role assignments to users and groups are not protected.
For further details, see these topics: