Skip to main content
Announcements
Have questions about Qlik Connect? Join us live on April 10th, at 11 AM ET: SIGN UP NOW
cancel
Showing results for 
Search instead for 
Did you mean: 
vlad_komarov
Partner - Specialist III
Partner - Specialist III

Wrong person has access to applications available in “My Work” stream

We are having a strange issue on PROD server.

The server has two RootAdmins accounts set (qvservice and aaa.bbbbbbbb). All publishing/duplicating/etc was done from qvservice account and this user is listed as the Owner for all available applications.

But if aaa.bbbbbbbb user is logged into the Hub, he can see all the applications in “My work” stream..

Is it a normal behavior? Should “My work” files be available for the owner only?

Additional twist: Some (!!) of the applications in “My Work” folder are not opening properly by aaa.bbbbbbbb user.

The existing application (with multi-page script and some data) is opening without the data and no script (!!)…

Anybody have seen this before?

Would appreciate an experts' advice.

Best regars,

Vladimir

4 Replies
JonnyPoole
Employee
Employee

Its possible to change the default security rules to make 'my work' content for one or more users visible under  'my work' of other users.

Have you made any changes to the security rules worth mentioning ? 

But by default the security rules are such that one Root Admin should not see unpublished apps they don't own  in the hub under  'my work'.

vlad_komarov
Partner - Specialist III
Partner - Specialist III
Author

Jonathan,

Thank you for reply.

Do you know which security rule is responsible for 'my work'  folder access?

I was not able to find anything related to it on QMC...

I don't think we have modified it, but I would like to check it. This server was just installed couple weeks ago and the only security rules changed there were the ones responsible for Published streams access for specific users and groups.

Regards,

Vladimir

JonnyPoole
Employee
Employee

Its probably tied up with the owner rule. Its meant to let owners have read access to unpublished content that they own.

Capture.PNG

But i was thinking it might be faster to use the 'Audit' section of QMC on the app in question and the user in question to bring up the rights established by the security rules

Capture.PNGCapture2.PNG

vlad_komarov
Partner - Specialist III
Partner - Specialist III
Author

Jonathan,

I did not have chance to run a full investigation with security rules diagnostics, but I've noticed that some of the rules are "broken" on the system. I am not 100% sure it's causing this issue since it's present on PROD system only and we are using the same set of security rules on DEV and PROD.

Will keep you posted.

Thank you for suggestions.

Regards,

Vladimir