https://community.qlik.com/t5/Official-Support-Articles/Security-Rule-Example-quot-Sharing-of-Bookmarks-quot/ta-p/1710551 <P><BR />In this scenario, the administrator wants to grant access an ability for users to see other user's bookmarks.</P> <H3>Environment:</H3> <P><LI-PRODUCT title="Qlik Sense Enterprise on Windows" id="qlikSenseEnterpriseWindows"></LI-PRODUCT>&nbsp;</P> <H3 class="qlik-migrated-tkb-headings">Resolution:</H3> <P><STRONG>Note:</STRONG> Debugging and writing custom security rules cannot be carried out by Qlik Support directly. No Support or maintenance is implied or provided. Further customization is expected to be necessary and it is the responsibility of the end administrator to test and implement an appropriate rule for their specific use case. The example provided below is provided as is, and we suggest joining our <A href="https://community.qlik.com/" target="_blank" rel="noopener">Qlik Community</A> for access to more best practices and solutions. For direct implementation advice, our Consulting Service and Pre-Sales are available to assist.&nbsp;</P> <UL> <LI>Name_BookmarkSharing</LI> <LI>Description: This rule will allow a limit amount of sharing of bookmarks</LI> <LI>Filters:App*</LI> <LI>Actions: Read</LI> </UL> <P>-- Every bookmark on an app which they have read access; very permissive use case<BR />Conditions: <SPAN style="font-family: Courier New,Courier,monospace;">((user.name="Eric Hanson")</SPAN> and <SPAN style="font-family: Courier New,Courier,monospace;">(resource.objectType="bookmark"))</SPAN><BR />-- Every bookmark which has been created by a named user; allows developer / admin control over whose bookmarks are shared for a more locked down experience<BR />Conditions: <SPAN style="font-family: Courier New,Courier,monospace;">((user.name="Eric Hanson")</SPAN> and <SPAN style="font-family: Courier New,Courier,monospace;">(resource.objectType="bookmark" and resource.owner.userId="ltu"))</SPAN><BR />-- Every bookmark which has been created on a named app<BR />Conditions: <SPAN style="font-family: Courier New,Courier,monospace;">((user.name="Eric Hanson")</SPAN> and <SPAN style="font-family: Courier New,Courier,monospace;">(resource.objectType="bookmark" and resource.app.name="Travel Expense Management"))</SPAN><BR />-- Every bookmark which has a specified string in it; use case allowing users to name their bookmarks with a string to flag them as shareable.<BR />Conditions:&nbsp;<SPAN style="font-family: Courier New,Courier,monospace;">((user.name="Eric Hanson")</SPAN> and <SPAN style="font-family: Courier New,Courier,monospace;">(resource.objectType="bookmark" and resource.name like "*Blah*"))</SPAN><BR /><BR />In these examples, we am hard coding a user name as the user selection criterion but you should be able to further customize that to say user.group, user.directory, etc.<BR />&nbsp;<BR />The other consideration is that bookmarks in Sense apply to a specific sheet.<BR /><BR />This means that the user will need to have permission on the underlying sheet which the selections are applied to. There’s not going to be a programmatic way that will grant users read access to the sheet based on their read access on a bookmark. So one would want to be careful with a broad ungoverned / untrained security rule for sharing bookmarks.</P> <H3>Related Content:</H3> <P><A href="https://community.qlik.com/t5/Knowledge-Base/Collection-of-Specific-Rule-Scenarios-and-Customization-of-Qlik/ta-p/1716899" target="_blank" rel="noopener">Collection of Specific Rule Scenarios and Customization of Qlik Sense Security rules </A>&nbsp;<BR />&nbsp;</P> Thu, 13 May 2021 19:11:19 GMT Andre_Sostizzo 2021-05-13T19:11:19Z https://community.qlik.com/t5/Official-Support-Articles/Security-Rule-Example-quot-Sharing-of-Bookmarks-quot/ta-p/1710551 <P><BR />In this scenario, the administrator wants to grant access an ability for users to see other user's bookmarks.</P> <H3>Environment:</H3> <P><LI-PRODUCT title="Qlik Sense Enterprise on Windows" id="qlikSenseEnterpriseWindows"></LI-PRODUCT>&nbsp;</P> <H3 class="qlik-migrated-tkb-headings">Resolution:</H3> <P><STRONG>Note:</STRONG> Debugging and writing custom security rules cannot be carried out by Qlik Support directly. No Support or maintenance is implied or provided. Further customization is expected to be necessary and it is the responsibility of the end administrator to test and implement an appropriate rule for their specific use case. The example provided below is provided as is, and we suggest joining our <A href="https://community.qlik.com/" target="_blank" rel="noopener">Qlik Community</A> for access to more best practices and solutions. For direct implementation advice, our Consulting Service and Pre-Sales are available to assist.&nbsp;</P> <UL> <LI>Name_BookmarkSharing</LI> <LI>Description: This rule will allow a limit amount of sharing of bookmarks</LI> <LI>Filters:App*</LI> <LI>Actions: Read</LI> </UL> <P>-- Every bookmark on an app which they have read access; very permissive use case<BR />Conditions: <SPAN style="font-family: Courier New,Courier,monospace;">((user.name="Eric Hanson")</SPAN> and <SPAN style="font-family: Courier New,Courier,monospace;">(resource.objectType="bookmark"))</SPAN><BR />-- Every bookmark which has been created by a named user; allows developer / admin control over whose bookmarks are shared for a more locked down experience<BR />Conditions: <SPAN style="font-family: Courier New,Courier,monospace;">((user.name="Eric Hanson")</SPAN> and <SPAN style="font-family: Courier New,Courier,monospace;">(resource.objectType="bookmark" and resource.owner.userId="ltu"))</SPAN><BR />-- Every bookmark which has been created on a named app<BR />Conditions: <SPAN style="font-family: Courier New,Courier,monospace;">((user.name="Eric Hanson")</SPAN> and <SPAN style="font-family: Courier New,Courier,monospace;">(resource.objectType="bookmark" and resource.app.name="Travel Expense Management"))</SPAN><BR />-- Every bookmark which has a specified string in it; use case allowing users to name their bookmarks with a string to flag them as shareable.<BR />Conditions:&nbsp;<SPAN style="font-family: Courier New,Courier,monospace;">((user.name="Eric Hanson")</SPAN> and <SPAN style="font-family: Courier New,Courier,monospace;">(resource.objectType="bookmark" and resource.name like "*Blah*"))</SPAN><BR /><BR />In these examples, we am hard coding a user name as the user selection criterion but you should be able to further customize that to say user.group, user.directory, etc.<BR />&nbsp;<BR />The other consideration is that bookmarks in Sense apply to a specific sheet.<BR /><BR />This means that the user will need to have permission on the underlying sheet which the selections are applied to. There’s not going to be a programmatic way that will grant users read access to the sheet based on their read access on a bookmark. So one would want to be careful with a broad ungoverned / untrained security rule for sharing bookmarks.</P> <H3>Related Content:</H3> <P><A href="https://community.qlik.com/t5/Knowledge-Base/Collection-of-Specific-Rule-Scenarios-and-Customization-of-Qlik/ta-p/1716899" target="_blank" rel="noopener">Collection of Specific Rule Scenarios and Customization of Qlik Sense Security rules </A>&nbsp;<BR />&nbsp;</P> Thu, 13 May 2021 19:11:19 GMT https://community.qlik.com/t5/Official-Support-Articles/Security-Rule-Example-quot-Sharing-of-Bookmarks-quot/ta-p/1710551 Andre_Sostizzo 2021-05-13T19:11:19Z