custom security rule desing

rchittigsk — Wed, 04 Apr 2018 11:41:45 GMT

Hi Community,

I started designing a custom security rule where user_1(not assinged with any Qlik Sense default roles) can,

Issue_1:

- Change the ownership of his app(published or unpublished) to user_2

I know this can be done at resource(app)->edit, by changing the owner name but, when i tried changing app ownership is happening but, QMC displayed error pop with message "An error occurred, please restart QMC" when i click ok navigation happen to QMC start start page.

can some one help me how to avoid this pop up, am i missing some resource filter or condition?

Issue_2:

- As i said above, i designed a security rule, where user_1 can export his apps(Published or Not Published) from QMC->Apps overview page but, user_1 couldn't perform export(as the option is grayed out under More Actions) for the apps owned by User_2

Note: User_2 published app to stream Everyone and User_1 trying to perform above action and we all know apps those published to stream can be visible to all users in their QMC->Apps overview page

Can some one help me which resource filter or resource condition i'm missing with and that create above issue?

Issue_3:

- Is it possible to visualize code when user perform below,

User_1 published an app to stream EveryOne

User_2 logs into QMC and perform following by locating User_1's app that published to stream EveryOne above

Dupliate

Navigate to Hub

Locate duplicated app in work space and open

Navigate to Dataload editor ---> Code is not displayed here to User_2

in my above designed security rule i need to add some resource filter so that my user_1 and user_2 've this provision to looking at code,

any idea what is the relevant resource filter or resource condition i need to use in my security rule?

FYI, following are the 2 security rules i designed:

Security Rule_1:

Resource filter:

App*,ReloadTask_*,UserSyncTask_*,SchemaEvent_*,User*,CustomProperty*,Tag_*,DataConnection_*,CompositeEvent_*,ContentLibrary_*,FileExtension_*,FileExtensionWhiteList_*

Resource Actions:

Create, read, update, delete, export, Publish, change owner

Resource Condition:

((user.group="TestAdmin"))

Security Rule_2:

Resource filter:

License_*,TermsAcceptance_*,QmcSection_App,,QmcSection_App.Object,QmcSection_DataConnection,QmcSection_Tag,QmcSection_CustomPropertyDefinition,QmcSection_Event,QmcSection_SchemaEvent,QmcSection_CompositeEvent,QmcSection_ReloadTask,QmcSection_UserSyncTask,user_*

Resource Actions:

Create, read, update, delete

Resource Condition:

((user.group="TestAdmin"))

any ideas?

topic custom security rule desing in Management & Governance

custom security rule desing