I have several roles that all inherit the power user role. Each custom role is used to restrict access to different indexes. The problem I'm running into is if user A in group A creates a dashboard or report in the search app, user B in group B can go in and delete it. We have set the permissions on the report so that no one can write (unchecked all write options) and checked read for everyone. Why is user B still able to delete user A's report?
I assume this is caused by both users inheriting the power user role but I couldn't find a specific capability listed that would allow them to delete reports/dashboards.
My search app has everyone -read and power - write which I believe would be necessary to allow users to create the objects in the first place.
hideTitle = "true"
label>name of the lable
title>name of the title
i am not understanding why power users should not edit dashboard one of the roll of power user is to edit the things if you want to restrict then you can try below option
go to manage apps find edit permission and give read only access to the app to power user
The issue I run into is that I have several thousand users using splunk divided into 20 some roles which allow access to only the indexes they shoudl have access to. Some of these users are allocated the power user role because they need to create dashboards for their data. The problem I run into is that any of the power users for each functional group can delete reports, searches, etc. of power users in a functional group other than their own.
I'm hoping to find a way to restrict delete to objects only created by the user or I suppose restrict delete privileges all together. The only other option I see is creating a separate search app for each functional area and setting the permissions there though this is certainly not ideal.
probably the easiest way is to create two different roles with the same feature but different access rights to the objects: in this way B users cannot edit (or delete) A users objects.
This is what I'm doing. I have two roles, role A and role B. They both inherit from power. The only difference between them is the indexes that the user is allowed to access. However Users in role B can still delete knowledge objects that Users in role A created. There will also be scenarios where a user will have both roles because they need access to both indexes.
I'd like to set the permissions some how that power users can create knowledge objects and only delete objects they created.
create both the roles without inherit from power but with the same features.
In this way you're sure to have two really different roles.
Users can have both or only one role.