Qlik Community

Qlik Sense Deployment & Management

Discussion board where members learn more about Qlik Sense Installation, Deployment and Management.

covenant_bi
New Contributor II

All users can see My Work

On our Qlik Sense server (Qlik Management Console 1.15.0) all users can see all unpublished apps in the Personal Work.  I thought that users had their own space to create apps. Is there a setting that we missed on QMC setup?

Tags (3)
1 Solution

Accepted Solutions
Employee
Employee

Re: All users can see My Work

At the outset, it is important to understand that the My Work section is purely an alias for "Unpublished apps which the user has read rights on". With that, there is a rule which is granting access. The easiest method to drill down to what rule is providing access is by using the Audit functionality in the QMC:

  • QMC > Audit
  • Target Resource: Apps
  • Select an app which the user is unexpectedly seeing
  • Select the user who is unexpectedly seeing the app
  • Environment: Only in Hub
  • Audit

From there you can inspect the rules which are providing access.

Relevant documentation: https://help.qlik.com/en-US/sense/November2017/Subsystems/ManagementConsole/Content/audit-overview.h...

It's going to be a custom rule which has a filter on App* or App_* but the audit functionality is the easiest way to drill down without needing a ton of reps in sight reading security rules.

Hope that helps.

5 Replies
barry_stevens
Contributor II

Re: All users can see My Work

With out knowing what security rules have been created or used very hard to know...  have you modified any rules or created any?

You haven't made everyone contentadmin or rootadmin etc?

Employee
Employee

Re: All users can see My Work

At the outset, it is important to understand that the My Work section is purely an alias for "Unpublished apps which the user has read rights on". With that, there is a rule which is granting access. The easiest method to drill down to what rule is providing access is by using the Audit functionality in the QMC:

  • QMC > Audit
  • Target Resource: Apps
  • Select an app which the user is unexpectedly seeing
  • Select the user who is unexpectedly seeing the app
  • Environment: Only in Hub
  • Audit

From there you can inspect the rules which are providing access.

Relevant documentation: https://help.qlik.com/en-US/sense/November2017/Subsystems/ManagementConsole/Content/audit-overview.h...

It's going to be a custom rule which has a filter on App* or App_* but the audit functionality is the easiest way to drill down without needing a ton of reps in sight reading security rules.

Hope that helps.

covenant_bi
New Contributor II

Re: All users can see My Work

Levi, thanks.  It looks like our CreateApp rule also allowed for Read and Update.  So everyone could see and update anyone else's app. 

covenant_bi
New Contributor II

Re: All users can see My Work

Barry, we have a vanilla installation.  It was the CreateApp rule that had Read and Update attached to it.  Things look in order now.  Thanks

Employee
Employee

Re: All users can see My Work

Ahh, glad it was relatively straight-forward

Community Browser