posted this on Aug 12, 08:39
Originally from ticket #444.
Please explain the difference in personal and general permission for query and saved results. I assigned analysts personal permission assuming that if a query was generated by an analyst and the analyst saved the query it would only be visible to that one analyst. I am assuming the general permission would make the query visible to anyone. Neither of these is the case as, when analyst generate a personal or general query and save as personal or general everyone is able to see the query and saved results sets.
When a Query (or Result Set) is saved, the user has the ability to set the Permission that controls which users have the ability to "see" the saved object.
A user will always be able to see any query that they save, regardless of the permission that they set. If the user saves the query with "Personal" this query will be available to any user that has the "Personal" user permission assigned to them in their user profile. The assumption here is the only Administrators would have the "Personal" permission assigned to their user profile. My guess is that in your user security configuration, that all users have this permission (Personal) assigned and as such, they can see any query that has been saved with this permission.
The design for Query Permissions is that they would be tailored to the customer's specific use case scenarios. For example, you may want to create a library of queries specific to a particular class of products, for example "Stents." In this scenario, you could add a permission to PRIMO security labelled "Stents" then assign the "Stents" query permission to the analysts responsible for reviewing this class of devices. By assigned a permission of "Stents" to the query, this would then surface these queries to the subset of users with this specific permission.
The "Personal" permission that is included in the out-of-the-box configuration is a bit misleading, because it may seem like everyone should have this permission to see "their" saved queries, but in reality, it behaves the same way that other permissions (like "Stent") would behave: anyone with that permission can see any query saved with the "Personal" permission.
To reiterate: users will always be able to see the queries they save, regardless of the permission they choose, and any user with the selected permission will also be able to see it.
Please note: these permissions are fully configurable so the names used in this response may not reflect your company's configuration.