Security

how to set the user role "USER" not to delete saved searches and field extractions

Contributor

Hi all,

I want to remove the capability of the user role user not to delete savedsearches and field extractions.
Any idea to do that?
Thanks

0 Karma

Champion

Are you looking for adminallobjects?

Contributor

how does that work @jeffland?

0 Karma

Champion

To do it via the web interface, navigate to Settings > Access controls (with your admin user of course) and select "Roles". Click the role "user" and remove said capability from his list.

0 Karma

Contributor

does this capability won't allow the user role "user" delete anything?

0 Karma

Champion

Go ahead and try it! I wasn't able to delete (or modify) a saved search or field extraction without that role (of course you need to make sure that the knowledge object has only read permissions for "user" as well).

0 Karma

Contributor

im having a problem right now. I cant open everything under the Setting tab. can you help me with this?

0 Karma

Champion

I saw that question, but unfortunately I have no idea what causes it and how to resolve the issue.

0 Karma

Contributor

i accidentally removed the "search" on the user capabilities, i didnt saved it but what happens next is that i cannot open everything even if i am using the admin role.

0 Karma

Champion

See the answer there if it helps.

0 Karma

Contributor

thanks, will look for it.

0 Karma

Contributor

hi @jeffland i already added the adminallobjects in the capability of the user access. but it does'nt hide the delete command in different objects. I want to restrict the user access to delete objects such as searches, field extractions, etc.

0 Karma

Champion

Did you make sure that the knowledge objects in question have the right permissions? In particular, they must not be write-enabled for the "user" role.

0 Karma

Contributor

yes, they are not write enabled

0 Karma

Champion

Then a user with the role of user should not be able to edit them (unless of course he created them and they are his "privately shared" knowledge objects).

0 Karma

Contributor

hello @jeffland, i can still see the delete option under the action column ..

0 Karma

Champion

What exactly do your permissions for that object look like, i.e. what is ticked when you click "Permissions" in the list of saved searches?

0 Karma

Contributor

hi jeffland, here, refer to this image

0 Karma

Champion

That looks allright.
Are you sure that your role "user" does not have the capability adminallobjects? It should be disabled in the .conf file, and the user should also not inherit it from another role.

0 Karma

Contributor

@jeffland yes the user role does not have the capability adminallobjects. by the way im using the default user role "user" . i did not create a new user access.

0 Karma

Champion

And did you make sure that this user "user" is only assigned to this "user" role? If it is, then I can't think of another reason why your user is able to delete knowledge objects.

0 Karma