A user is able to access/modify Library items present inside a folder on which the user does not have proper access permissions displayed in the TIBCO Spotfire Server library.

A user is able to access/modify Library items present inside a folder on which the user does not have proper access permissions displayed in the TIBCO Spotfire Server library.

book

Article ID: KB0074520

calendar_today

Updated On:

Products

Spotfire Analyst

Description

Description:
A Spotfire user is able to access/modify library items (Analyses / Information Links / Data Sources / Elements / Folders) present inside a folder for which the user does not have proper access permissions displayed in the Spotfire library.
Symptoms:
A Spotfire user is able to access/modify library items (Analyses / Information Links / Data Sources / Elements / Folders) present inside a folder for which the user does not have proper access permissions displayed in the Spotfire library.
Cause:
One cause is:
 
The user might be a member of "Library Administrator" group, either directly, or indirectly via membership in another Spotfire user group. This membership in the Library Administrator group grants some special permissions.
 
Important features of the "Library Administrator" user group:
-------------------------------------------------------------------------
++  Membership in the "Library Administrator" group grants privileges to create new top level folders in the library.
++  It also overrides all folder permissions set in the library, granting full control over all content.
++  This means the members of this group can access/modify any folder, analysis, or other library item, regardless of their folder level access permissions.
++  For example, even if a Library Administrator group member has only 'Access' permission to a particular folder, this user will be able to do any of the following:
      - create folders inside this folder

      - modify information links saved in this folder
      - modify Spotfire analyses saved in this folder
      - modify permissions assigned to users and groups for this folder
++   In summary, this Library Administrator group member has a special permission over the entire Spotfire library, and can modify any library content, irrespective of its folder access permission.
++   Important: Before they can access "Library Administration Tool" (Tools -> Library Administration), the members of this group also need to have been granted the "Library Administrator" license from the 'TIBCO Spotfire Administrator license' group.
 
 

Issue/Introduction

A TIBCO Spotfire user is able to access/modify Library items present inside a folder on which the user does not have proper access permissions displayed in the TIBCO Spotfire Server library.

Resolution

Remove the user from "Library Administrator" group, and remove the user from any other Spotfire user group that is a member of the "Library Administrator" group.
 
 

Additional Information