Discoverable Search Feature Overview
Overview
By default, the only content that appears for a user in Digital Hive is the content that the user would see if they logged into the BI system(s) as themselves. In other words, Digital Hive will not expose content to a user that they are not already permitted to see. While this level of access security is desirable to most organizations, there are some companies that want to promote self-service. In this scenario, users would see that content exists, even if they don't have access to it, but will not be able to execute the report or dashboard.
The premise, is that if a user requires access to a report, but can't see that it exists, how would they ever know to request access? Or even worse, if they are not aware of the existence of the report, they may be inclined to create a new version of the report, needlessly adding to the ever growing list of reporting assets, or they may submit a heldesk ticket to have a new report creating. Again, not only adding to the list of reporting assets, but also adding to the IT backlog.
When a user browses content, all items that they don't have access to appear with a lock icon. In the image below, this user has acess to the Digital Hive PowerBI workspace (blue folder) but does not have access to the Office of CTO workspace.
Even though the user doesn't have access to the Office of CTO workspace, if the user drills into the Office of CTO, all content within will show with a lock icon as well (if the user doesn't have access to that content either). This is because the workspace is NOT executable, so the user can drill into objects below the workspace.
Drilling into the workspace exposes the Dashboards and Reports folders, which the user does not have access to so the lock icon is displayed. Drilling into the Reports folder will expose the contents for that folder.
When a user clicks on the Digital Hive Salesforce report, because it's a launchable object, the user will not be able to run the report. Instead, a customizable message will appear, similar to the following image.
Similar to the browing experience, the locked items appear in the search results when a user performs a search.
Included in the 2024.2 release is a new facet type, called Access, that allows a user to filter out objects based on whether they currently have access to the content. For example, using the previous search results, a user wants to see just the content that they currently don't have access to, so they select the Locked facet, and the search results are refined.
If report names contain sensitive information, like a report called Next Quarter Layoffs for example, consider renaming the report before enabling the Discoverable Search feature. Although users won't be able to execute the Next Quarter Layoffs report, because they don't have access to it, they will be able to see that the reports exist and could assume that layoffs are imminent.
Enabling Discoverable Search
In version 2024.2, a mechanism was added that will display all Digital Hive content that have been indexed, regardless of access permissions that a user has to the content. Here are the steps to leverage this:
- In Services, stop Digital Hive - node1
- In File explorer, navigate to DigitalHive\app\node1\tomcat\conf
- Edit theia.properties in a text editor
- Change the elasticsearch.security.filter=true to elasticsearch.security.filter=false which will enable Discoverable Search
- Change the elasticsearch.security.noAccessMessage=No access by replacing 'No access' with a value that will be shown to users when they try to access locked content.
- Save the changes to the theia.properties file
- In Services, start Digital Hive - node1
Related Articles
Digital Hive Architecture Overview
Overview Digital Hive is a lightweight, web-based application that is both easy to install as well as to maintain and manage. Other than the Microsoft C++ redistributable (https://www.microsoft.com/en-ca/download/details.aspx?id=40784), there are no ...Search Management Interface
Getting to the Search Management Interface 1. Click your avatar and select Manage Digital Hive 2. Click Content then click Search 3. Note the new search and indexing features All Searchable Folders You are able to see all folders that are searchable. ...Digital Hive Installation and Configuration Overview
Overview This article serves as a collection of all the steps required to install and configure the Digital Hive solution. Prerequisites Digital Hive can be installed on either Windows or Linux based systems. From a server sizing perspective, the ...Unable to Explore Digital Hive Content
Question When using the Explore Content interface to browse the Digital Hive content, a message stating "Something went wrong" and a Try Again button is displayed How do I resolve this? Answer This issue is usually a result of Elasticsearch being ...Digital Hive Designer Elements Used for Authoring Hives
Overview Digital Hive provides a very robust, zero code, authoring experience that enables authors to create visually stunning and impactful end user applications, called Hives. As part of the authoring process, there are different elements that can ...