Edit Stream is just a random name I gave to my Custom property for my stream and users and Edit is Custom property for my Apps and Users.

In your case it can be

User = user_can_edit_content

Value = Yes and check create mark and try what it does?

Disabling the default App_ rule will disable apps to other users. First try without disabling default App  stream and just disable CreateAppObjectsPublishedApp security rule.

Disable Edit button in Qlik Sense

More on the above link

Hi Aehman,

I already done as you,

1) disabled the CreateAppObjectsPublishedApp security rule

2) created a new like this :

That didn't prohibit other users from editing published apps !

I also tried this :

I disabled the rule called: CreateAppObjectsPublishedApp

copied it and created a new rule :

filter : App.Object_*

create- update

rule:

!resource.App.stream.Empty() and resource.App.HasPrivilege("read") and (resource.objectType = "userstate" or resource.objectType = "sheet" or resource.objectType = "story" or resource.objectType = "bookmark" or resource.objectType = "snapshot" or resource.objectType = "embeddedsnapshot" or resource.objectType = "hiddenbookmark") and user.name="Administrator"

But nothing happens, all of the users still can edit and create sheets in published apps.

same here

I disabled the CreateAppObjectsPublishedApp

I created a security rule as above and ALL USERS can edit and duplicate sheets

SECURITY RULES ARE SO COMPLICATED

We had a client who switched to QlikView because of these security rules that we couldn't fullfill

Why in the hell sake Qlik doesn't put an option (check box) User can edit ??

I hate these security rules they are making my life like hell

BTW create a rule on Streams and put True in the advanced editor and all users will see everything

Ok, the part here is very tricky. It got me confused as well but finally got the result we wanted.

Thanks to Ali for raising this issue, I didn't know we could do this and will be helpful for my future projects.

1. Disable CreateAppObjectsPublishedApp security rule

2. Custom property created for users and added to the to a Stream

     -Edit Stream consists of values 'Stream' and 'Users'

     -Edit consists of values 'App' and 'Users'

Then add the above custom properties to your required users and required stream.

3. Sheet access to users (sometimes in group the users won't get sheet access, they will have app access but not sheet)

so follow the below rule ONLY IF they cannot see sheet.

4. App Access to User group, IF there are more than 1 app then create separate custom property for each app

6. Now the answer to the question which we've been asking since 3 days....

If you see, I checked READ in actions and no other box.

Added Stream (Edit Stream) and App group (Edit). This will disable Edit for all users in this stream ONLY.

7. Edit only for 1 user in below rule.

I check CREATE in Actions box. Added the Edit Stream, user name and App custom property (Edit),

You can group users too instead of individual names.

8. Finally the result will be as below.... No Edit for one of the user and edit for other user.

Ali, please check my reply below to Omar.

Hope this time you can create the rule, thanks.

Glad it worked out for you!

I believe you can close this post by marking your own answer as correct!

Yes the security rules are quite complex. I'm currently working on disabling the default Stream/App.

And creating my own rules for users (it is really painful).....

There should be a video from Qlik Sense to explain in more detail, not just overview. If it is there then hopefully someone can post a link of that video here.

Thanks.