Re: QS 3.1 SR3 - create a new sheet by user - Qlik Community

agigliotti · ‎2017-02-27

Hello,

I faced a wrong behaviour with new sheet object created by end user.

If a user create a new sheet all others users can see it, even if it's not already published.

take a look at the picture below, i'm talking about sheets named "TEST2" e "test": all users can see them !!!

Is this a bug ???

Please let me know ASAP.

Many Thanks

BR

Andrea

stevedark · ‎2017-02-28

It is possible with Qlik Sense Security options to set up absolutely anything. If you want all users to see all objects all of the time then that is most likely possible to do with a rule.

I would look at auditing your security rules and see if there is anything in there that could do this. Using * in the user name or object name would be something to look out for.

Ensuring you have a good naming convention, so rules that have been user created stand out from the crowd is a good idea, and when modifying a stock Qlik rule duplicate it and amend the duplicate - then mark the original rule as disabled.

Is it that any new sheet can be seen by all users, or is this an isolated incident?

Steve

agigliotti · ‎2017-02-28

actually any new sheet created by someone can be seen by all users.

stevedark · ‎2017-03-02

Definitely sounds like you have a security rule created that is exposing everything.

How many people have access to QMC that could have created a rule of this kind?

This is definitely a good warning to people that you need to test security rules thoroughly! Suggest going through each one by one and delete any that seem to be too loose - including wildcards for names and ticks in all of the type boxes.

Steve

sarvesh · ‎2017-03-02

Check what rights you have assigned to your users.

agigliotti · ‎2017-03-06

Hi Steve,

Finally I solved making audit for security rules involved.

In this way I clearly understood where the problem came from.

Thanks

Andrea

stevedark · ‎2017-03-06

Glad you got it sorted, thanks for letting me know how you resolved it.