Can you set Diagram read/write permissions by role?

Hi yes this is possible today. You will need to contact support and or your customer success manager to go into advance configuration, under bookmarks and allow RO read only access to diagrams. There is currently no way to create a new diagram, and say for RO users they can read but R-test can read and update. If your use case is simply RO can only read all diagrams, this is possible. If it’s specific diagrams this is not possible today. 

My apologies, but I’m not 100% sure I follow.  Are you saying this isn’t something an ADMIN cannot setup, but will need to configure via the LeanIX team?

I appreciate your clarity.

Hi ​@justinharclerode, 

Why isn’t this a standard permission an Admin could grant to Roles? Isn’t it just possible to have it added to the standard permissions? It is more likely to be in your roadmap, I’d presume? 🤔
 

​@justinharclerode 
Maybe related:
Can i grant or remove permissions to diagrams as part of an automation?  (Script)?
Are there such documented?

I cannot find it in the help documentation.

Thanks in advance.

You won’t find this in the documentation (or if it is, please send it over!!)

Each diagram has the permissions node attached to it. Check the Bookmarks in Pathfinder, under the permitted users

the PATCH option available only allows to update the owner of the diagram. I believe to change the viewers you may need to use a PUT and swap the permittedUserIds collection.

I have tried but got a 403 permission error then. Perhaps there is some authorization grant required (e.g. account admin). ​Perhaps 🤔@Thomas Schreiner could chime in  

Thank you ​@Fab - Yes found the same.

It took some work to realize that diagrams are “bookmarks” :
Bookmarks | SAP Help Portal

This opens the door to grant/monitor group-based permissions for a subset of diagrams/reports/dashboards (today LeanIX only allows controlling access to either ALL or NONE of them).  Maybe one day it will become a roadmap item….