Solved: Menu items showing for users not in user group

JO_9930585 · ‎Sep 09, 2024

I have a menu with a user group assigned to each menu item as follows..

There are no users in the test group, and only a few users in the tampa group. However, I am still able to see these menu items in the UI when I sign in. I have tried non-admin user's as well as admin. All users can still see these menu items. What is wrong here? Shouldn't these items be restricted to the user within these groups?

This is version 9.0.4

nmutter · ‎Sep 10, 2024

could you call

result = Users["yourTestUser"].GetGroups()

in a custom service and check the result if only the expected groups are present? just to make sure that its not inheriting groups from somewhere.

View solution in original post

nmutter · ‎Sep 09, 2024

How are you referencing this menu entity in the mashup? In a menu widget directly referencing the menu?

JO_9930585 · ‎Sep 09, 2024

That is correct.

nmutter · ‎Sep 10, 2024

okay. It should be working like this. Not sure exactly if Admin will see all entries anyway (I assume so) - but you mentioned you checked with none admins.

I am not sure if there maybe an issue in the TWX version you reference.

But to make sure: Could you validate again that you reference the correct menu? As I also already debugged some stuff but noticed that I checked on the wrong entitiy.

JO_9930585 · ‎Sep 10, 2024

I am referencing the correct menu. I even unbound it and rebound it to make sure it wasn't a weird bug in TWX. My test user that I just created doesn't have any permissions and is not associated with any groups, yet this user still sees the menu.

nmutter · ‎Sep 10, 2024

could you call

result = Users["yourTestUser"].GetGroups()

in a custom service and check the result if only the expected groups are present? just to make sure that its not inheriting groups from somewhere.

JO_9930585 · ‎Sep 10, 2024

This was the issue. The user is a part of a user group called users when created. However, users is in the administrator user group. Thanks!

JA_11643382 · ‎Sep 28, 2024

@nmutter wrote:
could you call
result = Users["yourTestUser"].GetGroups()
in a custom service and check the result if only the expected groups are present? just to make sure that its not inheriting groups from somewhere.

Thanks for giving solution. I also have this problem. It was helpful.

javed_a · ‎Sep 10, 2024

You may try checking permission assigned to user on particular entity.

Also, on individual entity check the permission and it should not be everyone.

Try creating a new test user and make sure, it should not be part of any user group which might have admin rights.
On project level, add visibility only to Org.

Thanks!

Regards,
Javed Akhtar

PaiChung · ‎Sep 10, 2024

In case it is permissions, have you checked the application log for any messages in that regard?

JO_9930585 · ‎Sep 10, 2024

No messages on the application logs.

JO_9930585 · ‎Sep 10, 2024

I have done done all of these things already. Thank you. I have a created a new user with no permissions/groups and this user still sees the menu.

PaiChung · ‎Sep 10, 2024

Saw someone post this somewhere else: 'check actual user permissions via "Access Report" feature on the mashup' maybe that will help shed some light.

nmutter · ‎Sep 10, 2024

AccessReport will not be much help as it will only report on the "menu" entity but not on the items in the menu itself.

Edit: I am also not sure since which TWX version the report exists. 9.0.x is already quite old.