Im trying to create a role for a developer in our organization where the developer is only allowed to view the dashboard which is created by the admin or the person who has edit_own_objects capablity attached to his role....
when I created a role for developer which has the below capablities attached to its role:
run_collect
run_mcollect
schedule_rtsearch
edit_own_objects
Ive also given read access in the specific dashboard permissions setting for the developers role only..
Check what roles are inherited like "user" which would carry up the ability to create a dashboard. Please check which version you have, I believe in version 9.3.x you should look for this.
[capability::edit_view_html]
* Lets a user create, edit, or otherwise modify HTML-based views.
https://docs.splunk.com/Documentation/Splunk/9.3.0/Admin/authorizeconf
Thanks @dural_yyz..
But my user has a role which doesnt have the edit_view_html capablity. But still he's able to create dashboard.
| rest splunk_server=local /services/authorization/roles
| rename title as role
| table role capabilities imported_capabilities imported_roles
Sorry to belabor this point but I'm not certain you have answered my question. Does the role import another role which has the setting? The above REST call on the Search Head the user is assigned will tell you the exact information.
If you have already checked and no stray imports are occurring then my apologies for keeping after this point. I've reviewed the documentation on capabilities and just can't find anything that would explain the user behavior.