topic Re: Disabling edit for published apps while allowing multiple users to duplicate, edit and publish. in Management & Governance

Disabling edit for published apps while allowing multiple users to duplicate, edit and publish.

eugabgomes — Tue, 04 Jan 2022 14:06:11 GMT

Hi All,

We are in two BI Developers in my organization and I'd like us both to have access to edit each other's scripts, however not on published apps. After the app is published, I'd only allow the ability to duplicate, but after it's duplicated I'd like both to have the ability to see the scripts, even if the User is not the owner of the app.

I achieved this by granting us both ContentAdmin roles. However, by doing this, I've also allowed us the ability to edit published apps.

I was wondering, is it possible to disable the ability to edit published apps, while enabling the editing (with access to the scripts, not only the front-end) after the app is published if you're not the owner of the app?

Re: Disabling edit for published apps while allowing multiple users to duplicate, edit and publish.

eugabgomes — Tue, 04 Jan 2022 15:52:33 GMT

After some digging, I've managed to get to where I wanted.

I created two security rules based on the ContentAdmin security rule.

On the first security rule, It was an exact copy from ContentAdmin, minus the Update and Delete actions, and giving a new name to the role (in this case, ContentAdminUnpublished)

and now, a second special security rule, only for the Update and Delete actions for this role ContentAdminUnpublished, allowing delete and update only in unpublished apps:

Conditions:

((user.roles="ContentAdminUnpublished")) and !((resource.resourcetype = "App" and !resource.stream.Empty()) or (resource.resourcetype = "App.Object" and resource.published = "true"))