# Permissions

As the **owner** of a data source (DS), you can grant access permissions to other users within your organization.

Permissions can be assigned to:

* **Members** with the [Editor](https://docs.jmapcloud.io/en/jmap-cloud-portal/introduction/roles#editor) or [Viewer](https://docs.jmapcloud.io/en/jmap-cloud-portal/introduction/roles#viewer) role;
* **Groups**;
* **API keys**.

Each role has different levels of access.

<table data-header-hidden><thead><tr><th width="181"></th><th></th></tr></thead><tbody><tr><td>Editor</td><td><p><strong>Owner</strong></p><p>This permission, the broadest, allows the user to:</p><ul><li><strong>grant access permissions</strong> to members of the organization,</li><li><strong>delete</strong> the DS. </li></ul><p>The SDS must have at least one owner.</p></td></tr><tr><td>Editor</td><td><p><strong>Modify</strong></p><p>This permission allows the user to <strong>modify</strong> the DS settings<strong>.</strong></p></td></tr><tr><td>Viewer</td><td><p><strong>View</strong></p><p>For the user with the VIEWER role, this permission, combined with the <strong>Extract Features</strong> permission, allows the user to <strong>view</strong> SDS data in a cartographic application (such as JMap NG). <br>For a user with the EDITOR role, this permission allows the use to <strong>view</strong> the DS in JMap Cloud Portal and <strong>use</strong> it in projects.</p></td></tr><tr><td>Viewer</td><td><strong>Extract Features (Spatial DS)</strong><br>This permission allows the user to <strong>extract</strong> features from the SDS and, combined with the <strong>View permission</strong>, allows  to <strong>view</strong> SDS features in a cartographic application (such as JMap NG).<br><br><strong>Extract Data (Non spatial DS)</strong><br>This permission allows the user to <strong>extract</strong> data from the DS and, combined with the <strong>View permission</strong>, allows  to <strong>view</strong> DS data in a cartographic application (such as JMap NG).</td></tr><tr><td>Viewer</td><td><strong>Create Features (Spatial DS)</strong><br>This permission allows the user to <strong>create</strong> features in the SDS in a cartographic application (such as JMap NG).<br><br><strong>Insert Data (Non spatial  DS)</strong><br>This permission allows the user to <strong>insert</strong> data to the DS in a cartographic application (such as JMap NG).</td></tr><tr><td>Viewer</td><td><strong>Edit Geometries (Spatial DS)</strong><br>This permission allows the user to <strong>edit the geometry</strong> of SDS features in a cartographic application (such as JMap NG)</td></tr><tr><td>Viewer</td><td><strong>Edit Attributes (Spatial DS)</strong><br>This permission allows the user to <strong>edit the attributes</strong> of SDS features in a cartographic application (such as JMap NG).<br><br><strong>Update data</strong> <strong>(Non spatial  DS)</strong><br>This permission allows the user to <strong>modify the values</strong> of DS <strong>fields</strong> in a cartographic application (such as JMap NG).</td></tr><tr><td>Viewer</td><td><strong>Delete Features (Spatial DS)</strong><br>This permission allows the user to <strong>delete</strong> features from the SDS in a cartographic application (such as JMap NG).<br><br><strong>Delete data</strong> <strong>(Non spatial  DS)</strong><br>This permission allows the user to <strong>delete</strong> data from the DS in a cartographic application (such as JMap NG).</td></tr></tbody></table>

## Granting Permissions

Permissions follow a hierarchical structure:

* **Owner** includes both **Edit** and **View** permissions;
* **Edit** automatically includes **View**;
* **Viewer** role-based permissions are at the base of the hierarchy and always include **View**.

**Steps to grant permissions:**

1. Click the <img src="https://content.gitbook.com/content/9n1KCuTyIKwSpZcPcC6l/blobs/8m4xvrMS418SV0cyQWNm/menu.png" alt="" data-size="line"> icon next to a DS, then select **Permissions**.\
   The permissions management interface will open, displaying:
   * the name of the DS;
   * the list of members, groups, and API keys with their current permissions.
2. To add a new user:
   * Open the dropdown list in the **Add a member** field;
   * Select a **member**, **group**, or **API key** (one at a time).\
     The selected name appears with a letter indicating their role.\
     You can clear a selection using the ✕ icon if needed.
   * Click <img src="https://content.gitbook.com/content/9n1KCuTyIKwSpZcPcC6l/blobs/ifv8JTxRHFCNL5eqEr5X/add-permission.png" alt="" data-size="line"> to include the user in the permissions list.
3. Check the boxes to assign the appropriate permissions to each user.

{% hint style="warning" %}
Groups cannot be assigned the **Owner** permission.
{% endhint %}

## Modifying or Removing Permissions

You can at any time:

* change existing permissions;
* add new users;
* **remove all permissions** from one or more members, groups, or API keys.

**Steps to manage permissions:**

1. Click <img src="https://content.gitbook.com/content/9n1KCuTyIKwSpZcPcC6l/blobs/8m4xvrMS418SV0cyQWNm/menu.png" alt="" data-size="line">, then select **Permissions** to open the configuration interface.
2. Check or uncheck the relevant boxes to update permissions.

{% hint style="warning" %}
A DS must always have **at least one user with Owner permission**.
{% endhint %}

**To remove all permissions:**

* Start by unchecking the highest-level permission (e.g., Owner). The next level (e.g., Edit) becomes the highest active permission.
* For Viewer-type permissions, you must first uncheck the specific sub-permissions before removing the general **View** right.

**To delete members, groups, or API keys from the permissions list:**

* Check the box next to each name;
* Click the <img src="https://content.gitbook.com/content/9n1KCuTyIKwSpZcPcC6l/blobs/lqOFxRYSrh8MTmMII0Mi/delette-permissions.png" alt="" data-size="line"> icon to remove them from the list.