Qlik Community

Qlik Sense Deployment & Management

Discussion board where members learn more about Qlik Sense Installation, Deployment and Management.

Highlighted
Partner
Partner

Wrong person has access to applications available in “My Work” stream

We are having a strange issue on PROD server.

The server has two RootAdmins accounts set (qvservice and aaa.bbbbbbbb). All publishing/duplicating/etc was done from qvservice account and this user is listed as the Owner for all available applications.

But if aaa.bbbbbbbb user is logged into the Hub, he can see all the applications in “My work” stream..

Is it a normal behavior? Should “My work” files be available for the owner only?

Additional twist: Some (!!) of the applications in “My Work” folder are not opening properly by aaa.bbbbbbbb user.

The existing application (with multi-page script and some data) is opening without the data and no script (!!)…

Anybody have seen this before?

Would appreciate an experts' advice.

Best regars,

Vladimir

4 Replies
Employee
Employee

Re: Wrong person has access to applications available in “My Work” stream

Its possible to change the default security rules to make 'my work' content for one or more users visible under  'my work' of other users.

Have you made any changes to the security rules worth mentioning ? 

But by default the security rules are such that one Root Admin should not see unpublished apps they don't own  in the hub under  'my work'.

Partner
Partner

Re: Wrong person has access to applications available in “My Work” stream

Jonathan,

Thank you for reply.

Do you know which security rule is responsible for 'my work'  folder access?

I was not able to find anything related to it on QMC...

I don't think we have modified it, but I would like to check it. This server was just installed couple weeks ago and the only security rules changed there were the ones responsible for Published streams access for specific users and groups.

Regards,

Vladimir

Employee
Employee

Re: Wrong person has access to applications available in “My Work” stream

Its probably tied up with the owner rule. Its meant to let owners have read access to unpublished content that they own.

Capture.PNG

But i was thinking it might be faster to use the 'Audit' section of QMC on the app in question and the user in question to bring up the rights established by the security rules

Capture.PNGCapture2.PNG

Partner
Partner

Re: Wrong person has access to applications available in “My Work” stream

Jonathan,

I did not have chance to run a full investigation with security rules diagnostics, but I've noticed that some of the rules are "broken" on the system. I am not 100% sure it's causing this issue since it's present on PROD system only and we are using the same set of security rules on DEV and PROD.

Will keep you posted.

Thank you for suggestions.

Regards,

Vladimir