Skip to main content

Qlik

cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Suggest an Idea

Vote for your favorite Qlik product ideas and add your own suggestions.

Announcements
NEW Customer Portal: Initial launch will improve how you submit Support Cases. FIND OUT MORE

Allow starting External Program Tasks without giving permission to change them

kuba_michalik1
Contributor III
Contributor III
‎2021-11-29 10:01 AM

Allow starting External Program Tasks without giving permission to change them

As described here , to start a QMC Task, "Read" privilege on the task itself and "Update" privilege on the resource the task is associated with is required to give effective permission to start a task.

Not so for new(ish) External Program Tasks - in this case, "Update" permission needs to be applied to the task itself, to allow user to start the task. What this means in practice, is that if I give someone permission to run an External Program Task from QMC, that user can also freely edit the task definition, and effectively run any command on the QlikSense server as administrator (typically). This is obviously a Bad Thing.

The idea is to either create separate "Execute" privilege for External Program Task, or, if it's not something that would fit with security model in QS, follow the usual model for tasks by creating some new type of object that would be associated resource for External Program Task, and update privilege would be required only on this new object type (however, actual command would still have to be defined in the task itself, because user should not be able to mess with it).

Status: Closed - Archived Submitted by Contributor III on ‎2021-11-29 10:01 AM
Labels
407 Views
2 Comments
Meghann_MacDonald
Employee
Employee
‎2023-08-02 11:03 AM

From now on, please track this idea from the Ideation portal. 

Link to new idea

Meghann

NOTE: Upon clicking this link 2 tabs may open - please feel free to close the one with a login page. If you only see 1 tab with the login page, please try clicking this link first: Authenticate me! then try the link above again. Ensure pop-up blocker is off.

Ideation
Explorer II
Explorer II
‎2023-08-02 11:03 AM
 
Status changed to: Closed - Archived
Subscribe by Topic