Skip to main content
Announcements
Qlik Community Office Hours, March 20th. Former Talend Community users, ask your questions live. SIGN UP
cancel
Showing results for 
Search instead for 
Did you mean: 
korsikov
Partner - Specialist III
Partner - Specialist III

How to remove the possibility for anonymous users to see objects in the applications created by the community.

interesting task. It is essential that anonymous users can not see the sheets, history, created and published by authorized users.

In QMC section 'appobjects' it's object maked as Approved ='not approved' and Published='published'

Help me find a rule allowing all users who have permission to read the application to see objects published by other users.

12 Replies
korsikov
Partner - Specialist III
Partner - Specialist III
Author

Jeffrey Goldberg <span class="icon-status-icon icon-employee" title="Employee"></span> написал(а):

(resource.resourcetype = "App" and resource.stream.HasPrivilege("read")) or ((resource.resourcetype = "App.Object" and resource.published ="true" and resource.approved="true" and user.IsAnonymous()) and resource.app.stream.HasPrivilege("read"))

jg

I tried to change the rule as you suggested. Did't help.

korsikov
Partner - Specialist III
Partner - Specialist III
Author

Yippee!

I did it!

All the same, my idea was correct

My security rule "Stream"

Resorce filter  App*

condition

(resource.resourcetype = "App" and resource.stream.HasPrivilege("read")) or ((resource.resourcetype = "App.Object" and resource.published ="true" and resource.approved="true")  and resource.app.stream.HasPrivilege("read")) or ((resource.resourcetype = "App.Object" and resource.published ="true" and resource.approved="false" and  !user.IsAnonymous())  and resource.app.stream.HasPrivilege("read"))

Context Both

Action Read

korsikov
Partner - Specialist III
Partner - Specialist III
Author

in  Qlik Sense 3.0 Security Rule has some changes

Resource filter: App*

Conditions

(resource.resourcetype = "App" and resource.stream.HasPrivilege("read"))

or

  (

  (

  (resource.resourcetype = "App.Object" and resource.published ="true" and resource.approved="true" and resource.objectType != "app_appscript" and resource.objectType != "loadmodel")

  or

  (resource.resourcetype = "App.Object" and resource.published ="true" and resource.approved="false" and resource.objectType != "app_appscript" and resource.objectType != "loadmodel" and  !user.IsAnonymous())

    and resource.app.stream.HasPrivilege("read")

  )

  ) 

Context :both

Action: Read