Hi Roman,
The behaviour you are seeing is an intentional different in security between the older binary API that Architect and Perspectives uses, and the modern REST API. The older binary API does support non-Admin access to the tm1server.log content. The REST API requires the user to be an Admin in the TM1 database to read the tm1server.log content. Allowing all users to see the server log content would likely be considered insecure by many of our customers. We are not planning on changing the security model in TM1 v11.
It's worth mentioning that Threads (Jobs in v12) can be viewed by non-Admin users. In this case only the threads started by the non-Admin will be displayed (instead of all threads on the server).
------------------------------
Stuart King
IBM Planning Analytics Offering Manager
------------------------------
Original Message:
Sent: Tue July 16, 2024 09:14 AM
From: Roman Harasymiak
Subject: Access to Server Logs through Modeling Workbench in PAW
Looking for clarification on the feature to view the server logs through the modeling workbench.
When viewing the database options as a non-administrator in the modeling workbench you can see all of the following:
- Import
- Remote Repository Operations
- Save Data
- Refresh Security
- File Manager
- Manage users and groups
- Threads
- Localization
- Refresh
Trying to understand why there is a restriction on viewing the server and transaction logs.
It's only when you're made an administrator on the database that you can view the logs. We have a specific use case where our operations team should have the ability to view the status on processes but are not setup as administrators on the system.
Is this something that will be addressed when we have more granularity on PAW administration roles due to the depreciation of the Rich Tier?
------------------------------
Roman Harasymiak
------------------------------