topic Re: Qlik Sense - Security Rule - Export data bug? in Management & Governance

Qlik Sense - Security Rule - Export data bug?

mvannorden — Wed, 25 Jul 2018 13:15:08 GMT

Hi all,

Just after upgrading Qlik Sense to the June 2018 release, we decided to implement a security rule that allows only users of a specific custom property to be able to export data.

After implementation, we tested on a table and we did not see the option to export anymore:

However, one of our most frequent users noticed that he was still able to export any data with a work-around that seems to us like a bug.

Whenever you right click on any object other than a table, you have the ability to convert it into a table by using the 'View Data' functionality.

When in this mode, you can simply right click again and export all data:

Is this a bug that still needs to be fixed or is there a way to make the security rule more complete?

Kind regards,

Martijn

Re: Qlik Sense - Security Rule - Export data bug?

Levi_Turner — Wed, 25 Jul 2018 21:36:19 GMT

Hey Martijn, What is the security rule that you have developed? I assume that the default rule ExportAppData has been disabled, yes?

Re: Qlik Sense - Security Rule - Export data bug?

rubenmarin — Thu, 26 Jul 2018 08:17:08 GMT

Hi Levi,

Today I have upgraded a server, previously rules prevents a user with certain value in a custom property to export data, in June-2018 they can click 'View Data' and then 'Export Data'.

I tried disabling both: ExportAppData and ExportAppData_Custom.

The user, after closing all browsers and login again, still can do "View Data"->"Export Data".

Re: Qlik Sense - Security Rule - Export data bug?

mvannorden — Thu, 26 Jul 2018 09:47:32 GMT

Hi Levi,

Your assumption is correct! I disabled the default rule and made a fairly simple custom rule:

Selections made: App_* + Export Data box checked

Advanced conditions: resource.HasPrivilege("read") and (user.@Usertype="Developer")

In which the Developer is value within the custom property of @Usertpe we have created.

Re: Qlik Sense - Security Rule - Export data bug?

mvannorden — Thu, 26 Jul 2018 09:51:32 GMT

Hi Ruben,

This is exactly what we are experiencing as well.

It seems like the new 'View Data' functionality creates a loophole in the existing security rules concerning exports.

Re: Qlik Sense - Security Rule - Export data bug?

Levi_Turner — Thu, 26 Jul 2018 16:16:37 GMT

Yes, but what is the specific rule's filters, actions, conditions, context?

Re: Qlik Sense - Security Rule - Export data bug?

Levi_Turner — Thu, 26 Jul 2018 18:17:05 GMT

Ahhh, ok. I am seeing the same thing as you. Please do create a case with Qlik Support and reference QLIK-89890, which I just created to track with R&D.

Re: Qlik Sense - Security Rule - Export data bug?

Felix — Tue, 12 Feb 2019 08:11:04 GMT

Is there any news?

Re: Qlik Sense - Security Rule - Export data bug?

countnazgul — Wed, 13 Feb 2019 14:11:56 GMT

This seems to be fixed in the QS "September 2018 Patch 1" release

Release notes Sept 2018 Patch 1

Re: Qlik Sense - Security Rule - Export data bug?

Felix — Thu, 14 Feb 2019 07:52:28 GMT

It was my fault. I had marked the privilege "Export", but not "Export Data". Now it's working fine