Skip to main content

Qlik

cancel
Turn on suggestions
Showing results for 
Search instead for 
Did you mean: 
cancel
Turn on suggestions
Showing results for 
Search instead for 
Did you mean: 
covenant_bi
Creator
‎2018-03-01 09:47 AM

All users can see My Work

On our Qlik Sense server (Qlik Management Console 1.15.0) all users can see all unpublished apps in the Personal Work.  I thought that users had their own space to create apps. Is there a setting that we missed on QMC setup?

3,922 Views
0 Likes
1 Solution

Accepted Solutions
Levi_Turner
Employee
‎2018-03-01 08:44 PM

At the outset, it is important to understand that the My Work section is purely an alias for "Unpublished apps which the user has read rights on". With that, there is a rule which is granting access. The easiest method to drill down to what rule is providing access is by using the Audit functionality in the QMC:

  • QMC > Audit
  • Target Resource: Apps
  • Select an app which the user is unexpectedly seeing
  • Select the user who is unexpectedly seeing the app
  • Environment: Only in Hub
  • Audit

From there you can inspect the rules which are providing access.

Relevant documentation: https://help.qlik.com/en-US/sense/November2017/Subsystems/ManagementConsole/Content/audit-overview.h...

It's going to be a custom rule which has a filter on App* or App_* but the audit functionality is the easiest way to drill down without needing a ton of reps in sight reading security rules.

Hope that helps.

View solution in original post

3,642 Views
5 Replies
barry_stevens
Partner - Creator II
‎2018-03-01 08:40 PM

With out knowing what security rules have been created or used very hard to know...  have you modified any rules or created any?

You haven't made everyone contentadmin or rootadmin etc?

3,642 Views
0 Likes
Levi_Turner
Employee
‎2018-03-01 08:44 PM

At the outset, it is important to understand that the My Work section is purely an alias for "Unpublished apps which the user has read rights on". With that, there is a rule which is granting access. The easiest method to drill down to what rule is providing access is by using the Audit functionality in the QMC:

  • QMC > Audit
  • Target Resource: Apps
  • Select an app which the user is unexpectedly seeing
  • Select the user who is unexpectedly seeing the app
  • Environment: Only in Hub
  • Audit

From there you can inspect the rules which are providing access.

Relevant documentation: https://help.qlik.com/en-US/sense/November2017/Subsystems/ManagementConsole/Content/audit-overview.h...

It's going to be a custom rule which has a filter on App* or App_* but the audit functionality is the easiest way to drill down without needing a ton of reps in sight reading security rules.

Hope that helps.

3,643 Views
covenant_bi
Creator
‎2018-03-02 08:30 AM
Author

In response to Levi_Turner

Levi, thanks.  It looks like our CreateApp rule also allowed for Read and Update.  So everyone could see and update anyone else's app. 

3,642 Views
covenant_bi
Creator
‎2018-03-02 08:31 AM
Author

In response to barry_stevens

Barry, we have a vanilla installation.  It was the CreateApp rule that had Read and Update attached to it.  Things look in order now.  Thanks

3,642 Views
0 Likes
Levi_Turner
Employee
‎2018-03-02 11:49 AM

In response to covenant_bi

Ahh, glad it was relatively straight-forward

3,642 Views
0 Likes
Top