What makes up a user’s permissions?
When Tableau determines which tasks (or capabilities) a user is allowed to perform on a content resource, it takes the following pieces into account:
Site roles: At the time that you add users to a site, you must apply a site role to them. This is the only setting that you apply to users (as opposed to content) to affect permissions. The site role determines whether the user can publish, interact with, or only view published content on that site.
Permission rules and templates: You assign content access through permission rules. These rules describe the capabilities that you want a user or group to be able to perform on a set of content. Examples of capabilities include editing a view or connecting to a data source. Tableau provides a set of templates for common permission roles, such as Editor, Project Leader, and so on.
Content ownership: By default, the person who publishes a data source or workbook to the server is the owner of that content. Ownership changes when another publisher updates the content on the server, or republishes it from Tableau Desktop. An administrator or project leader can change ownership or set defaults for the project.
User permissions: are the effective permissions that are the result of evaluating rules and settings, and which ultimately determine what a user can do with the content.