Hello,
I am trying to expose data within a lookup from a "logic" app to a "presentation" app for users that have the "user" role. To simplify the situation, I have a lookup "lookup_file.csv" with corresponding lookup deinition "lookup_file" in the "logic" app. Both knowledge objects have "global" sharing and permissions set to "read" for the "user" role. Since I am admin I gave "read/write" permissions to the "admin" role.
When I run the search "| inputlookup lookup_file" from the "presentation" app with my admin user I have no issues reading the data. When I run the same command with my user that has the "user" role assigned I get two errors:
1. The lookup table ‘lookup_file' is invalid.
2. The lookup table ‘lookup_file' requires a .csv or KV store lookup definition.
Here is a diagram that explains the situation:
I have tried many configurations but cannot get the data to load in the "presentation" app with a user that has the "user" role. What am I missing?
Any help would be greatly appreciated!
Best regards,
Andrew
Hello,
I had the same issue. You and I forgot one of the most important thing. 😀
The main problem is related to app permission, after set permission on file and the definition, go through:
Apps > Manage Apps > "The App that contains the specific target lookup"
Set read permission for the role that contains the user trying to read the lookup file.
You will need a kvstore lookup for this l, then it should work properly.
@lukas_rudi Have you seen this? I used lookups, so this may solve.
Thanks, I realised my issue was caused by something much more trivial: I had multiple instances of the splunk web app open, the one with "inputlookup" was searching for the table in the correct context, the one with "lookup" in another app.
This is a well-written question that should be a model for others!
Have you tried giving the User role read access to the Logic App? I think without that, the access limits for the lookups aren't considered.
@richgalloway thanks for responding! I gave the "user" role read access to the "logic" app, but this still changes nothing. I'm not sure if this helps, but the "user" role is with default configuration. I was checking the different role capabilities, but I don't see anything that would make a difference. I added the "admin_all_objects" capability and it started working (obviously), even when the "user" role does not have read access to the "logic" app. Might it be some sort of capability issue?
admin_all_objects has too much power for regular user as you know.
Have you give permissions to both lookup file and lookup definitions or are you using only lookup file? What you see when you are looking those via Settings - lookups - ... ?
r. Ismo
@isoutamo both lookup and lookup definition are shared globally and provide read access to the "user" role as well as read/write to the "admin" role. I thought that this would be enough to expose the data.
Hi @andrewtrobec , did you ever find a solution to your problem. I am encountering a similar one, in which inputlookup functions as expected, but lookup claims the table does not exist. I am wondering whether this might similarly be a permission problem.
@lukas_rudi Unfortunately I was unable to resolve this issue. I'm not sure whether an upgrade would help, I work on 8.0.5 currently. If you find a solution, though, feel free to update this thread 🙂