Work Item permission relations
In TrendMiner, the relationship between a user and an item determines which permissions apply and which actions the user can perform.
Permission precedence
When determining the applicable permission for a user on a specific item, all permission relations are evaluated equally. The permission with the highest level takes precedence, ensuring the user receives the maximum access level granted through any relationship.
The permission levels, in descending order of precedence, are:
Owner
Write
Read
Ownership in TrendMiner comes with specific characteristics that set it apart from other permission levels.
Only one user can be the owner of an item, and this permission cannot be shared with others. When you save an item in your home folder, you automatically become the owner of that item.
As the owner, you have full control over the item, including the ability to manage its visibility and assign permissions to other users.
"Does the user have a direct relationship with the item?"
Direct permissions are explicitly assigned to a user by the Owner of the item. These are granted on a per-item basis and allow for either Write or Read permission.
Direct relations are established through the share action in the application.
"Does the user have a relationship with a primary dependency of the item?"
If a user has Read or Write permission on a parent item, they automatically inherit Read permission on its underlying (dependent) items. This supports contextual navigation and analysis across linked items while respecting ownership boundaries.
Items can be related to each other through two types of relationships: Saved relations and Temporary relations.
Saved Relations are persistent links between items that are stored as part of the item’s definition.
Temporary Relations exist only in the context of a current configuration and are not saved with the item.
When an item is shared with Write permission, only the Saved relations are included in the share. This means the recipient not only receives Write permission to the shared item but also inherits Read permission to any items connected through Saved Relations.
For example, if a Dashboard is shared with Write permission, and that dashboard contains a TrendHub view, which in turn includes a Fingerprint, the recipient will have Write permission on the dashboard, Read permission on the linked TrendHub view, and Read permission on the associated Fingerprint. This ensures that users can access all essential components required to work with the shared item.
Monitors are not work items. They cannot be shared directly and can only be executed by the owner of the searches or fingerprints on which the monitor is based.
However, the current status of a monitor can be shared indirectly via a dashboard. Thanks to the item-to-item relationship, a user with whom the dashboard is shared can still view the monitor’s status.
If the user clicks on the monitor tile, the clickthrough opens a new TrendHub view that loads the related search or fingerprint. Access to this search is granted through the item-to-item chain: from the dashboard, to the monitor, to the search, where the user receives Read permission on the search.