https://community.qlik.com/t5/Official-Support-Articles/Security-Rule-Example-Grant-Duplicate-Permissions-for-a-Qlik/ta-p/1715597 <P>By default, only App Owners are allowed to duplicate an App.<BR /><BR />Here is an example to allow a certain non-Owner user duplicating Apps.</P> <P><FONT size="5"><SPAN><STRONG>!</STRONG></SPAN><SPAN>&nbsp;</SPAN></FONT><EM>The example is provided for demonstration purposes to explain a specific scenario. No support or maintenance is implied or provided. Further customization is expected to be necessary and it is the responsibility of the end administrator to test and implement an appropriate rule for their specific use case. For access to more tips and tricks, best practices, and ever-evolving creative solutions, we recommend joining us in our active<SPAN>&nbsp;</SPAN><A href="https://community.qlik.com/" target="_blank" rel="noopener">Qlik Community</A>.</EM></P> <P>&nbsp;</P> <H4><FONT color="#339966"><STRONG>Environment:</STRONG></FONT></H4> <P class="lia-indent-padding-left-30px"><LI-PRODUCT title="Qlik Sense Enterprise on Windows" id="qlikSenseEnterpriseWindows"></LI-PRODUCT>&nbsp;</P> <P class="qlik-migrated-tkb-headings lia-indent-padding-left-30px">&nbsp;</P> <H3><FONT color="#339966"><STRONG>Setup Example</STRONG></FONT></H3> <OL> <LI>Open the Qlik Sense Management Console and open the<SPAN>&nbsp;</SPAN><STRONG><I>Security Rules&nbsp;</I></STRONG>menu</LI> <LI>Click<SPAN>&nbsp;</SPAN><STRONG><SPAN>Create new</SPAN></STRONG><SPAN>&nbsp;</SPAN>button<BR /><BR /><STRONG>Name:</STRONG>&nbsp;AllowNonOwnerDuplicate<BR /><STRONG>Description:&nbsp;</STRONG>This rule will grant DUPLICATE&nbsp;right&nbsp;to an application based on the inherited Read rights provided elsewhere. Update rights to an app are necessary to see the Data Load Editor Option<BR /><STRONG>Filter(s):&nbsp;</STRONG>App_*<BR /><STRONG>Action(s): </STRONG>Duplicate<BR /><STRONG>Conditions:</STRONG>&nbsp;<FONT face="courier new,courier">resource.resourcetype = "App" and resource.Stream.HasPrivilege("read") and (user.name="User2")</FONT><BR /><BR />Note: In this example, we are using a statically defined user.name value. In a realistic scenario you will have a more robust user selection criteria (e.g. user.group="BI Developers".<BR /><BR />The exact form of this condition is highly depending on <I>how</I> a user is allowed to view the App. In this example, we have a separate Security Rule to specifically grants "Read" privilege to of this App's Stream to "User2". This is to make sure condition <STRONG>resource.Stream.HasPrivilege("read")</STRONG>&nbsp;will return true. In the realistic scenario, this whole condition may need significant modification in order to fit the actual scenario.</LI> </OL> <P>&nbsp;</P> <H3><FONT color="#339966"><STRONG>Related Content:</STRONG></FONT></H3> <P class="lia-indent-padding-left-30px"><A href="https://help.qlik.com/en-US/sense-admin/February2021/Subsystems/DeployAdministerQSE/Content/Sense_DeployAdminister/QSEoW/Administer_QSEoW/Managing_QSEoW/operators-and-functions-for-conditions.htm" target="_blank" rel="noopener">Operators and functions for conditions</A>&nbsp;<BR /><A href="https://help.qlik.com/en-US/sense-admin/Subsystems/DeployAdministerQSE/Content/Sense_DeployAdminister/QSEoW/Administer_QSEoW/Managing_QSEoW/security-rules-overview.htm" target="_self">Security rules</A>&nbsp;(overview on help.qlik.com)</P> Thu, 17 Nov 2022 10:03:25 GMT Andre_Sostizzo 2022-11-17T10:03:25Z https://community.qlik.com/t5/Official-Support-Articles/Security-Rule-Example-Grant-Duplicate-Permissions-for-a-Qlik/ta-p/1715597 <P>By default, only App Owners are allowed to duplicate an App.<BR /><BR />Here is an example to allow a certain non-Owner user duplicating Apps.</P> <P><FONT size="5"><SPAN><STRONG>!</STRONG></SPAN><SPAN>&nbsp;</SPAN></FONT><EM>The example is provided for demonstration purposes to explain a specific scenario. No support or maintenance is implied or provided. Further customization is expected to be necessary and it is the responsibility of the end administrator to test and implement an appropriate rule for their specific use case. For access to more tips and tricks, best practices, and ever-evolving creative solutions, we recommend joining us in our active<SPAN>&nbsp;</SPAN><A href="https://community.qlik.com/" target="_blank" rel="noopener">Qlik Community</A>.</EM></P> <P>&nbsp;</P> <H4><FONT color="#339966"><STRONG>Environment:</STRONG></FONT></H4> <P class="lia-indent-padding-left-30px"><LI-PRODUCT title="Qlik Sense Enterprise on Windows" id="qlikSenseEnterpriseWindows"></LI-PRODUCT>&nbsp;</P> <P class="qlik-migrated-tkb-headings lia-indent-padding-left-30px">&nbsp;</P> <H3><FONT color="#339966"><STRONG>Setup Example</STRONG></FONT></H3> <OL> <LI>Open the Qlik Sense Management Console and open the<SPAN>&nbsp;</SPAN><STRONG><I>Security Rules&nbsp;</I></STRONG>menu</LI> <LI>Click<SPAN>&nbsp;</SPAN><STRONG><SPAN>Create new</SPAN></STRONG><SPAN>&nbsp;</SPAN>button<BR /><BR /><STRONG>Name:</STRONG>&nbsp;AllowNonOwnerDuplicate<BR /><STRONG>Description:&nbsp;</STRONG>This rule will grant DUPLICATE&nbsp;right&nbsp;to an application based on the inherited Read rights provided elsewhere. Update rights to an app are necessary to see the Data Load Editor Option<BR /><STRONG>Filter(s):&nbsp;</STRONG>App_*<BR /><STRONG>Action(s): </STRONG>Duplicate<BR /><STRONG>Conditions:</STRONG>&nbsp;<FONT face="courier new,courier">resource.resourcetype = "App" and resource.Stream.HasPrivilege("read") and (user.name="User2")</FONT><BR /><BR />Note: In this example, we are using a statically defined user.name value. In a realistic scenario you will have a more robust user selection criteria (e.g. user.group="BI Developers".<BR /><BR />The exact form of this condition is highly depending on <I>how</I> a user is allowed to view the App. In this example, we have a separate Security Rule to specifically grants "Read" privilege to of this App's Stream to "User2". This is to make sure condition <STRONG>resource.Stream.HasPrivilege("read")</STRONG>&nbsp;will return true. In the realistic scenario, this whole condition may need significant modification in order to fit the actual scenario.</LI> </OL> <P>&nbsp;</P> <H3><FONT color="#339966"><STRONG>Related Content:</STRONG></FONT></H3> <P class="lia-indent-padding-left-30px"><A href="https://help.qlik.com/en-US/sense-admin/February2021/Subsystems/DeployAdministerQSE/Content/Sense_DeployAdminister/QSEoW/Administer_QSEoW/Managing_QSEoW/operators-and-functions-for-conditions.htm" target="_blank" rel="noopener">Operators and functions for conditions</A>&nbsp;<BR /><A href="https://help.qlik.com/en-US/sense-admin/Subsystems/DeployAdministerQSE/Content/Sense_DeployAdminister/QSEoW/Administer_QSEoW/Managing_QSEoW/security-rules-overview.htm" target="_self">Security rules</A>&nbsp;(overview on help.qlik.com)</P> Thu, 17 Nov 2022 10:03:25 GMT https://community.qlik.com/t5/Official-Support-Articles/Security-Rule-Example-Grant-Duplicate-Permissions-for-a-Qlik/ta-p/1715597 Andre_Sostizzo 2022-11-17T10:03:25Z https://community.qlik.com/t5/Official-Support-Articles/Security-Rule-Example-Grant-Duplicate-Permissions-for-a-Qlik/tac-p/1912142#M5990 <P>This is a great solution. Thank you</P> Wed, 30 Mar 2022 20:56:39 GMT https://community.qlik.com/t5/Official-Support-Articles/Security-Rule-Example-Grant-Duplicate-Permissions-for-a-Qlik/tac-p/1912142#M5990 MariB 2022-03-30T20:56:39Z