Skip to main content

Qlik

cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Announcements
Qlik Connect 2024! Seize endless possibilities! LEARN MORE
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
rittermd
Master
Master
‎2016-08-12 09:47 AM

Custom Properties

I have a Custom Property in the QMC called AppLevelMgmt that is supposed to control a user being able to see specific apps within a stream.

I have also implemented the Governed Self Service Security Rules provide by Qlik.

For some reason the rules are not limiting visibility to my apps.  I have confirmed that I have the correct values set in the Custom Properties for the User and for the App.

But once I give a user access to a Stream they can see all of the apps no matter what.

Here are the 2 rules that I have in place.  I have not modified them from what I got from Qlik.

This is the Stream Rule - Default Apps Rule:

(

            resource.resourcetype = "App"

            and resource.stream.HasPrivilege("read")

            and resource.@AppLevelMgmt.empty()

        )

        or

        (

            (

                resource.resourcetype = "App.Object"

                and resource.published = "true"

                and resource.objectType != "app_appscript"

            )

            and resource.app.stream.HasPrivilege("read")

        )

This is the Stream Rule - Apps Exception Rule:

resource.stream.HasPrivilege("read")

        and            

        user.@AppLevelMgmt=resource.@AppLevelMgmt

Any guidance would be greatly appreciated.

995 Views
0 Likes
3 Replies
vlad_komarov
Partner - Specialist III
Partner - Specialist III
‎2016-08-12 10:23 AM

Mark,

As far as I know there is no app-based security rules supported.

The access level is stream-based only...

I would love to use the app-based approach myself, but as far as I know you can only use Section access for individual apps and they all will be visible in the stream..

Regards,

Vlad

723 Views
Ricardo_Gerhard
Employee
Employee
‎2016-08-12 12:10 PM

Dear Mark,

   By default, there is security rules to define all tabs/objects available on the application to a user that have access in a specific stream. It´s a default behavior like vlad.komarov mentioned.

   But, if you need to change this behavior, you really need to disable the default Qlik Security Rules.

   So, be carefull on this process, because a simple change can crash all enviroment. Always use a test environment on this case.

   Please, mark the CORRECT and HELPFUL comments.

Regards.

Ricardo Gerhard
OEM Solution Architect
LATAM
723 Views
rittermd
Master
Master
‎2016-08-12 01:18 PM
Author

In response to Ricardo_Gerhard

As part of installing the Governed Self Service from Qlik the original rules were disabled and replaced with custom rules. 

Everything seems to be working fine except for trying to hide apps from certain users.

But it sounds like this is not possible.

723 Views
0 Likes