Teneo Developers

User permissions

The user permissions define how users access the different functionalities and data and what they can do within Teneo. In the Teneo Platform, Studio user permissions and access roles for Log Data are all managed in Teneo Manager.

When a new user is added to Teneo Manager, this user becomes a regular user, which can be described as a user with the "lowest" level of permissions, allowing to access Teneo Studio as described further in the below section.

A regular user can then be granted more permissions which can be handled at two levels: User level and Group level. The permissions available for User level and Group level are the same with the difference that any user/all users assigned to a group inherit the permissions granted to the group while permissions granted at User level are only applied to the selected user; more details about Users and Groups are available here.

Teneo Studio

Regular User

A regular user has access to Teneo Studio and the solutions contained in the Studio account, but solutions are displayed read only unless the user is the owner of the solution. A Studio user can be the owner of a solution either by creating the solution or by being added as owner to an existing solution (learn more). The below table intents to outline the available functionalities in Teneo Studio for a regular user depending if the user is or not the solution owner.

Area - FunctionalityRegular user Not solution ownerRegular user Solution ownerComment
Access Studio
Open solution
Edit/add documentsread-only access
Edit solution propertiesread-only accessQuality control requires separate permission
Resourcesread-only access
OptimizationSuggestions ✔ Classifier ✕ Log Data ✕ Class Performance ✕Suggestions ✔ Classifier ✕ Log Data ✕ Class Performance ✔Access to Classifier and Log Data require separate permissions
Add content / ExportAdd Content ✕ Import Lexical Resource ✕ Export language configuration ✕ Export ✕Add Content ✔ Import Lexical Resource ✕ Export language configuration ✕ Export ✕Import Lexical Resource, Export language config and Export require separate permissions
Auto-testread-only access
PublishCreate Publish environment ✕ Publish to file ✕ Publish to production ✕ Modify Publish environment ✕Create Publish environment ✕ Publish to file ✕ Publish to production ✕ Modify Publish environment ✕Create Publish environment, Publish to file, Publish to production and Modify Publish environment require separate permissions
Class Managerread-only access
Trigger Orderingread-only access
History / Stable versionread-only access
Branching Include/Excluderead-only access
Recycle Bin Restore documentsread-only access
Tryout Test inputs on latest/stable versions (includes viewing debug info/input/paths/etc.)

User permissions

Teneo Manager defines the following user permissions related to Teneo Studio which can be granted to the (regular) user for access to the functionalities; please note that some of the functionalities which the permissions refer to are currently only available in Teneo Studio Desktop.

PermissionAllows to...Comment
Teneo adminCreate publish environment Import libraries Manage CLU Settings
Global (user)Edit all solutionsA global (user) has access to all solutions in the environment including editing permissions for all the solutions, i.e., the Global permission provides the same options as the "Regular user - Solution owner" described in the table in the above section, with the only difference being that the Global user doesn't need to be the solution owner
ExporterExport solutions
Export IP setupExport input processors of a solution
Publish to filePublish to war fileRequires both Global and Publish to file permissions
Publish to productionPublish to productionAllows to publish either the Stable or the Latest version of the solution to a production environment
Modify Publish EnvironmentModify existing publish environmentRequires both Global and Modify Publish Environment permissions
Modify Quality settingsModify the Quality Control setting related to the publishing workflow (Solution Properties)Requires both Global and Modify Quality settings permissions
Modify Account SettingsManage CLU SettingsUsers with this permission may manage the CLU Settings of the account, note that the CLU credentials cannot be read by any user neither in Teneo Studio frontend nor via the API (independently if this permission is granted or not)
Export as libraryExport a solution in library formatRequires both Exporter and Export as library permissions
View librariesOpen a document (read-only) from an assigned library
Delete librariesDelete a library in the Studio accountRequires either Teneo Admin or Global and Delete libraries
Link LDSsLink LDS to solutionUser must be solution owner, have Teneo Admin or Global permission and Link LDS permission

Log Data Sources

Access to data is for many companies a sensitive matter and therefore, within Teneo, specific permissions - or access roles - must be granted for a user to be able to handled and/or access log data; this means that a regular user cannot access log data unless the user (or a group the user belongs to) has specific access roles granted for this purpose. Teneo Manager defines a series of access roles for Log Data as outlined in the below table.

PermissionAllows to...
AugmenterThe user can manage augmenters, i.e., add new augmenters, import/export, perform pending actions, etc.
DataThe user may manipulate data, i.e. manage existing saved results
ExportThe user may export data sets
ImporterThe user may import log data, i.e. allows to synchronize the log data in the backstage of the Log Data window
SysAdminThe user may administrate the system; i.e. run queries, synchronize log data, manage augmenters, saved results and solutions for Engine matching
TQLThe user may run queries; i.e. allows to run queries in the Log Data window and provides access to the results in the Classifier

For more information, please see the Teneo Manager page.

Shared Queries

Shared queries are shared at Log Data Source level which means that only users with access to the specific Log Data Source are able to see them; furthermore, the ability to create, edit, run, delete, and/or publish any shared queries depends on the assigned access role(s) of the user as well as whether the user is solution owner or not or if the user is Global.
The below table provides an overview of the allowed actions for shared queries based on the access role, note that the below table assumes the user is either Global user or Solution owner.

Access roleAllows to...
AugmenterCreate Shared Queries
DataCreate, Edit, Delete and Publish Shared Queries
ExporterNot applicable
ImporterCreate Shared Queries
SysAdminCreate, Edit, Run, Delete and Publish Shared Queries
TQLCreate, Edit and Run Shared Queries Note: A regular user, not solution owner, with TQL access role can also Run Shared Queries