Qlik Community

Deployment & Management

Discussion board where members learn more about Qlik Sense Installation, Deployment and Management.

Announcements
IMPORTANT security patches for GeoAnalytics Server available to download: READ DETAILS
cancel
Showing results for 
Search instead for 
Did you mean: 
covenant_bi
Contributor III
Contributor III

All users can see My Work

On our Qlik Sense server (Qlik Management Console 1.15.0) all users can see all unpublished apps in the Personal Work.  I thought that users had their own space to create apps. Is there a setting that we missed on QMC setup?

1 Solution

Accepted Solutions
Levi_Turner
Employee
Employee

At the outset, it is important to understand that the My Work section is purely an alias for "Unpublished apps which the user has read rights on". With that, there is a rule which is granting access. The easiest method to drill down to what rule is providing access is by using the Audit functionality in the QMC:

  • QMC > Audit
  • Target Resource: Apps
  • Select an app which the user is unexpectedly seeing
  • Select the user who is unexpectedly seeing the app
  • Environment: Only in Hub
  • Audit

From there you can inspect the rules which are providing access.

Relevant documentation: https://help.qlik.com/en-US/sense/November2017/Subsystems/ManagementConsole/Content/audit-overview.h...

It's going to be a custom rule which has a filter on App* or App_* but the audit functionality is the easiest way to drill down without needing a ton of reps in sight reading security rules.

Hope that helps.

View solution in original post

5 Replies
barry_stevens
Partner
Partner

With out knowing what security rules have been created or used very hard to know...  have you modified any rules or created any?

You haven't made everyone contentadmin or rootadmin etc?

Levi_Turner
Employee
Employee

At the outset, it is important to understand that the My Work section is purely an alias for "Unpublished apps which the user has read rights on". With that, there is a rule which is granting access. The easiest method to drill down to what rule is providing access is by using the Audit functionality in the QMC:

  • QMC > Audit
  • Target Resource: Apps
  • Select an app which the user is unexpectedly seeing
  • Select the user who is unexpectedly seeing the app
  • Environment: Only in Hub
  • Audit

From there you can inspect the rules which are providing access.

Relevant documentation: https://help.qlik.com/en-US/sense/November2017/Subsystems/ManagementConsole/Content/audit-overview.h...

It's going to be a custom rule which has a filter on App* or App_* but the audit functionality is the easiest way to drill down without needing a ton of reps in sight reading security rules.

Hope that helps.

covenant_bi
Contributor III
Contributor III
Author

Levi, thanks.  It looks like our CreateApp rule also allowed for Read and Update.  So everyone could see and update anyone else's app. 

covenant_bi
Contributor III
Contributor III
Author

Barry, we have a vanilla installation.  It was the CreateApp rule that had Read and Update attached to it.  Things look in order now.  Thanks

Levi_Turner
Employee
Employee

Ahh, glad it was relatively straight-forward