https://community.qlik.com/t5/App-Development/Exception-Management-Problem-with-Security-Rule-Conditions/m-p/2412185#M94720 <P>Solution from <a href="https://community.qlik.com/t5/user/viewprofilepage/user-id/58946">@Onyi_Nwabia-Robbins</a> (fixed the issue):</P> <DIV id="bodyDisplay_4" class="lia-message-body lia-component-message-view-widget-body lia-component-body-signature-highlight-escalation lia-component-message-view-widget-body-signature-highlight-escalation"> <DIV class="lia-message-body-content"> <PRE>For anyone who is still having issues with this, <BR />please make sure the two security rules that manage <BR />the app access are both for App* and NOT App_*.&nbsp;<BR /><BR />This will ensure the user has access to all app <BR />content and not just the app.&nbsp;<BR /><BR />I hope this helps.&nbsp;</PRE> </DIV> </DIV> Mon, 29 Jan 2024 21:06:35 GMT RoyBatty 2024-01-29T21:06:35Z https://community.qlik.com/t5/App-Development/Exception-Management-Problem-with-Security-Rule-Conditions/m-p/2412023#M94706 <P>Hi,</P> <P>I followed this video about setting "Exception Management" (starting from: <A href="https://youtu.be/yaBfW2RtxGA?si=QAdYpAQQjNcI5xd4&amp;t=567" target="_self">9:27</A>) :</P> <P><span class="lia-inline-image-display-wrapper lia-image-align-inline" image-alt="RoyBatty_0-1706537632315.gif" style="width: 400px;"><img src="https://community.qlik.com/t5/image/serverpage/image-id/158550iA766271A1D035270/image-size/medium?v=v2&amp;px=400" role="button" title="RoyBatty_0-1706537632315.gif" alt="RoyBatty_0-1706537632315.gif" /></span><div class="video-embed-center video-embed"><iframe class="embedly-embed" src="https://cdn.embedly.com/widgets/media.html?src=https%3A%2F%2Fwww.youtube.com%2Fembed%2FyaBfW2RtxGA%3Fstart%3D567%26feature%3Doembed%26start%3D567&amp;display_name=YouTube&amp;url=https%3A%2F%2Fwww.youtube.com%2Fwatch%3Fv%3DyaBfW2RtxGA&amp;image=https%3A%2F%2Fi.ytimg.com%2Fvi%2FyaBfW2RtxGA%2Fhqdefault.jpg&amp;type=text%2Fhtml&amp;schema=youtube" width="200" height="112" scrolling="no" title="Qlik Sense Stream Management Security Rules and Exception Management" frameborder="0" allow="autoplay; fullscreen; encrypted-media; picture-in-picture;" allowfullscreen="true"></iframe></div></P> <P>&nbsp;</P> <P><SPAN class="HwtZe"><SPAN class="jCAhz ChMk0b"><SPAN class="ryNqvb">After I followed (implemented) everything the author of the video did, it works (now I can hide applications that are "sensitive" and I can allow specific users to access them)</SPAN></SPAN></SPAN> but <SPAN class="HwtZe"><SPAN class="jCAhz ChMk0b"><SPAN class="ryNqvb">there is the following problem: All applications are empty, there are no sheets.</SPAN></SPAN></SPAN></P> <P><SPAN class="HwtZe"><SPAN class="jCAhz ChMk0b"><SPAN class="ryNqvb">The problem seems to be in <EM>Security Rule</EM> / <EM>Conditions</EM>:</SPAN></SPAN></SPAN></P> <P><STRONG>(resource.resourcetype = "App" and resource.stream.HasPrivilege("read") and resource.@AppLevelMgmt.empty()) or ((resource.resourcetype = "App.Object" and resource.published ="true" and resource.objectType != "app_appscript" and resource.objectType != "loadmodel") and resource.app.stream.HasPrivilege("read"))</STRONG></P> <P>Let me explain briefly what this is:</P> <P><SPAN class="HwtZe"><SPAN class="jCAhz ChMk0b"><SPAN class="ryNqvb">Qlik has a Security Rule called "Stream":</SPAN></SPAN></SPAN></P> <P><span class="lia-inline-image-display-wrapper lia-image-align-inline" image-alt="RoyBatty_0-1706310398667.png" style="width: 400px;"><img src="https://community.qlik.com/t5/image/serverpage/image-id/158477i88E1AB6E8EDC33FD/image-size/medium?v=v2&amp;px=400" role="button" title="RoyBatty_0-1706310398667.png" alt="RoyBatty_0-1706310398667.png" /></span></P> <P>We disabled it <SPAN class="HwtZe"><SPAN class="jCAhz ChMk0b"><SPAN class="ryNqvb">and created a new Security Rule that is almost identical, we just added this to the conditions: <STRONG><EM>and resource.@AppLevelMgmt.empty()</EM></STRONG>. So, these are "conditions" of that new security rule:</SPAN></SPAN></SPAN></P> <P><EM><SPAN class="HwtZe"><SPAN class="jCAhz ChMk0b"><SPAN class="ryNqvb">(resource.resourcetype = "App" and resource.stream.HasPrivilege("read") <FONT color="#003366"><STRONG>and resource.@AppLevelMgmt.empty()</STRONG></FONT>) or ((resource.resourcetype = "App.Object" and resource.published ="true" and resource.objectType != "app_appscript" and resource.objectType != "loadmodel") and resource.app.stream.HasPrivilege("read"))</SPAN></SPAN></SPAN></EM></P> <P><SPAN class="HwtZe"><SPAN class="jCAhz ChMk0b"><SPAN class="ryNqvb">However, as mentioned, now all applications are empty (no sheets). I noticed that around <A href="https://youtu.be/yaBfW2RtxGA?si=7j9xOujYSsQNPkxU&amp;t=729" target="_self">12:09</A> in the video it says "<EM>Oops - Minor Mistake - Here is the correct rule:</EM>" - but it's nowhere to be found, nor is there any link:</SPAN></SPAN></SPAN></P> <P><span class="lia-inline-image-display-wrapper lia-image-align-inline" image-alt="RoyBatty_1-1706310881030.png" style="width: 400px;"><img src="https://community.qlik.com/t5/image/serverpage/image-id/158478iA9A9F13119430067/image-size/medium?v=v2&amp;px=400" role="button" title="RoyBatty_1-1706310881030.png" alt="RoyBatty_1-1706310881030.png" /></span></P> Mon, 29 Jan 2024 14:15:01 GMT https://community.qlik.com/t5/App-Development/Exception-Management-Problem-with-Security-Rule-Conditions/m-p/2412023#M94706 RoyBatty 2024-01-29T14:15:01Z https://community.qlik.com/t5/App-Development/Exception-Management-Problem-with-Security-Rule-Conditions/m-p/2412185#M94720 <P>Solution from <a href="https://community.qlik.com/t5/user/viewprofilepage/user-id/58946">@Onyi_Nwabia-Robbins</a> (fixed the issue):</P> <DIV id="bodyDisplay_4" class="lia-message-body lia-component-message-view-widget-body lia-component-body-signature-highlight-escalation lia-component-message-view-widget-body-signature-highlight-escalation"> <DIV class="lia-message-body-content"> <PRE>For anyone who is still having issues with this, <BR />please make sure the two security rules that manage <BR />the app access are both for App* and NOT App_*.&nbsp;<BR /><BR />This will ensure the user has access to all app <BR />content and not just the app.&nbsp;<BR /><BR />I hope this helps.&nbsp;</PRE> </DIV> </DIV> Mon, 29 Jan 2024 21:06:35 GMT https://community.qlik.com/t5/App-Development/Exception-Management-Problem-with-Security-Rule-Conditions/m-p/2412185#M94720 RoyBatty 2024-01-29T21:06:35Z