Auditing access control

The QMC includes the audit tool, which enables you to review and preview access rights and the associated security rules. In the preview, you can see the effects that a new or edited rule will have without disrupting your system.

Nota: The audit tools only show rules as they are applied to existing resources. For example, if you create a rule for apps with names that begin with "MyApp", the audit page and preview page only show results if there is actually an app with that name in the Qlik Sense system.

Example:  

Your company is organized into the following departments: Finance, Sales, Marketing, and Development. You have created a custom property called Departments with values that match the name of the departments and applied the departments to streams. Finally, you have created security rules using the Streams page in the QMC to provide users in Finance with publishing and read rights to the Quarterly reports stream. All other departments have read access rights. You now want to check that your rules have been applied correctly.

Procedere come indicato di seguito:

  1. Click Audit on the QMC start page.

  2. On the Audit page, select Stream from the target resource list.

  3. To the right of the target resource list, click F and select the stream Quarterly reports.
  4. Click Audit.

    The resulting table shows user IDs and the streams (in this case only the stream Quarterly reports).

    For each user, the grid shows characters that correspond to the access rights that the user has to the stream.

    Finance users should have read and publish access rights, while all other users should have read access (provided they have the custom property Department).

    Only users with access rights to the stream are shown in the grid, if no user filter is specified. This means that a user missing from the list has no access to the resource. Specifying a user filter will force the audit result for the user to be displayed in the grid. The same principle is valid for resources, if no resources are selected, only resources which have any audit results will be displayed in the grid.
  5. Double-click a cell in the grid (not an admin user) corresponding to a user belonging to the Finance department.

    The Associated rules window opens.

    You should now see the security rules that apply to the selected user with respect to the Quarterly reports stream. The list should include the following rules:

    • Stream_read_Quarterly reports
    • Stream_publish_Quarterly reports
  6. Double-click a cell in the grid (not an admin user) corresponding to a user belonging to the Sales department.

    The Associated rules window opens.

    You should now see the security rules that apply to the selected user with regard to the Quarterly reports stream. The list should include the following rule:

    • Stream_read_Quarterly reports

See also: