https://community.qlik.com/t5/Official-Support-Articles/Security-Rule-issue-Custom-Property-security-rule-matches-every/ta-p/1713106 <P>Access is granted to all users when attempting to use custom properties to manage stream access.&nbsp;<BR /><BR />Stream access is set up using customer properties. Only users with the specific custom property should have access to the stream, but <I>all users&nbsp;</I>are granted access instead.<BR /><BR /></P> <DIV>The current security rule is set up as follows:</DIV> <P>&nbsp;</P> <DIV><IMG src="https://qlik.my.salesforce.com/servlet/servlet.ImageServer?id=015D0000003sAa8&amp;oid=00D20000000IGPX&amp;lastMod=1491900681000" border="0" alt="User-added image" width="500" /></DIV> <DIV>Where <SPAN>Project </SPAN>is the name of the custom property.<BR /><BR />The condition translates into: <SPAN>((resource.@Project=user.@Project))</SPAN></DIV> <P>&nbsp;</P> <H4><STRONG><STRONG><STRONG>Cause:</STRONG></STRONG></STRONG></H4> <P><BR /><SPAN>The original condition includes every user who has no custom property and therefore grants access to every stream which has no custom property.</SPAN></P> <H3><STRONG><STRONG><STRONG><STRONG>Resolution:</STRONG></STRONG></STRONG></STRONG></H3> <P><BR />A requirement is needed to be added to the condition.&nbsp;<BR />&nbsp;</P> <PRE>((resource.@Project=user.@Project <SPAN>and resource.@Project!=""</SPAN>))</PRE> <DIV>&nbsp;</DIV> <DIV>A security rule will match every Stream to every user who has assigned the custom property 'Project'.<BR />It is possible to match other resources through this rule for example apps or data connections or it is possible to include them to the existing rule.<BR />&nbsp;</DIV> <P>This includes that the customer property can't be empty to start working.<BR /><BR />If you click on '<STRONG>Validate rule</STRONG>' the rule should look like this:<BR />&nbsp;</P> <DIV><IMG src="https://qlik.my.salesforce.com/servlet/servlet.ImageServer?id=015D0000003sAaD&amp;oid=00D20000000IGPX&amp;lastMod=1491900707000" border="0" alt="User-added image" width="500" /></DIV> Thu, 11 Nov 2021 15:13:23 GMT Sonja_Bauernfeind 2021-11-11T15:13:23Z https://community.qlik.com/t5/Official-Support-Articles/Security-Rule-issue-Custom-Property-security-rule-matches-every/ta-p/1713106 <P>Access is granted to all users when attempting to use custom properties to manage stream access.&nbsp;<BR /><BR />Stream access is set up using customer properties. Only users with the specific custom property should have access to the stream, but <I>all users&nbsp;</I>are granted access instead.<BR /><BR /></P> <DIV>The current security rule is set up as follows:</DIV> <P>&nbsp;</P> <DIV><IMG src="https://qlik.my.salesforce.com/servlet/servlet.ImageServer?id=015D0000003sAa8&amp;oid=00D20000000IGPX&amp;lastMod=1491900681000" border="0" alt="User-added image" width="500" /></DIV> <DIV>Where <SPAN>Project </SPAN>is the name of the custom property.<BR /><BR />The condition translates into: <SPAN>((resource.@Project=user.@Project))</SPAN></DIV> <P>&nbsp;</P> <H4><STRONG><STRONG><STRONG>Cause:</STRONG></STRONG></STRONG></H4> <P><BR /><SPAN>The original condition includes every user who has no custom property and therefore grants access to every stream which has no custom property.</SPAN></P> <H3><STRONG><STRONG><STRONG><STRONG>Resolution:</STRONG></STRONG></STRONG></STRONG></H3> <P><BR />A requirement is needed to be added to the condition.&nbsp;<BR />&nbsp;</P> <PRE>((resource.@Project=user.@Project <SPAN>and resource.@Project!=""</SPAN>))</PRE> <DIV>&nbsp;</DIV> <DIV>A security rule will match every Stream to every user who has assigned the custom property 'Project'.<BR />It is possible to match other resources through this rule for example apps or data connections or it is possible to include them to the existing rule.<BR />&nbsp;</DIV> <P>This includes that the customer property can't be empty to start working.<BR /><BR />If you click on '<STRONG>Validate rule</STRONG>' the rule should look like this:<BR />&nbsp;</P> <DIV><IMG src="https://qlik.my.salesforce.com/servlet/servlet.ImageServer?id=015D0000003sAaD&amp;oid=00D20000000IGPX&amp;lastMod=1491900707000" border="0" alt="User-added image" width="500" /></DIV> Thu, 11 Nov 2021 15:13:23 GMT https://community.qlik.com/t5/Official-Support-Articles/Security-Rule-issue-Custom-Property-security-rule-matches-every/ta-p/1713106 Sonja_Bauernfeind 2021-11-11T15:13:23Z