Skip to main content
You can succeed best and quickest by helping others to succeed. Join the conversation.
Showing results for 
Search instead for 
Did you mean: 
Contributor II
Contributor II

Security Rules setup for User Admin

Hi all,

I am create a User Admin to manage stream access, user roles/custom properties and license allocation. He should only have QMC access but not be able to see any streams/apps in the hub.

To segregate stream allocation I have create a custom property that group the users. Dashboards are allocated to this group. The idea is to simplify stream allocation. When a new user on boards, the User Admin will only need to allocate this custom property and he will have access to the streams allocated to his group.

 However, I found a loop hole where the user admin can just allocate himself a group and will be able to see the streams in the hub.

Anyone has any thoughts on how I can prevent this? Is this the best way to design a user admin?

Was thinking of a few methods but am not sure how to execute them:

1. Restrict user admin access to users by their user directory

2. Create rules to hard stop user admins from accessing hub


Current rules for my User Admin:

QmcSection_Stream, SystemRule*,Stream_*,User_*, QmcSection_User,QmcSection_License,License*

Read, Update, Delete

Labels (5)
0 Replies