Thanks for the reply.
For the first question I am looking for some varying levels of granularity for user permissions and object-level permissions (e.g. dashboards). Perhaps the problem is with understanding some of the descriptors on Privileges and how to most easily apply on an object-scale (user, group, dashboard/project). Most of our dashboards will be VIEW-ONLY reports, with the option of save as/share (pdf, excel).
Whatever happened to simple READ, WRITE, EXCUTE? That is essentially what i am trying to prvide here.
Note, I am at this from the perspective of the System Admin as well as a dashboard developer.
1) VIEW-ONLY USER: Lock a user down so they cannot do anything to anything they are allowed to view. Essentially the user is a VIEW ONLY users, regardless of dashboard privileges or groups the user might be in that may have privileges.
2) VIEW-ONLY DASHBAORD: Lock down a dashboard so that it cannot be altered unless the user is a power user or a developer.
3) VIEW-ONLY PROJECT. Lock down a project so that it cannot be altered unless the user is a power user or a developer.
Does this all come across with an export/import? If so I imagine I have to include all the users, groups and the project/dashboards? I recently learned that notifications don’t come across during that process so I’m hoping I don’t have to recreate permissions from TEST to PROD.