Do not input private or sensitive data. View Qlik Privacy & Cookie Policy.
Skip to main content

cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Announcements
Week 5: Getting Answers With AI + A New Era of Data Governance - WATCH NOW
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
ali_hijazi
Partner - Master II
Partner - Master II
2 weeks ago

Help with security rule on Tasks

Hello 
I have a security rule with resource filters as follows:
ReloadTask_*,CompositeEvent_*,SchemaEvent_*,ExecutionResult_*,ExecutionSession_*

Actions:
Create, Read, and Update

Conditions:

(
user.roles = "FinanceDeveloper" and (user.group = "Flash-BI" or user.group="Bifinance")
)

and

(
resource.app.owner.userid = user.userid
or
(resource.app.@FINANCE_SPECIFIC = "YES"
and resource.app.@AppAccess = user.@AppAccess
)
)

 

a user that statisfies these conditions can read the tasks, and can create a task however this user cannot create a trigger on that task.
user can create a task successfully without trigger but when the user tries to add a trigger and clicks the Apply button the following error message appears:

ali_hijazi_0-1753960224980.png

am I missing anything here?

I can walk on water when it freezes
Labels (3)
177 Views
1 Solution

Accepted Solutions
Levi_Turner
Employee
Employee
2 weeks ago

Triggers don't have a hierarchical relationship in the same way tasks do. Separate out the rule CompositeEvent_*,SchemaEvent_*,ExecutionResult_*,ExecutionSession_* entities into their own rule without the app level qualifiers. Example condition:

(
user.roles = "FinanceDeveloper" and (user.group = "Flash-BI" or user.group="Bifinance")
)

View solution in original post

98 Views
7 Replies
JandreKillianRIC
Partner Ambassador
Partner Ambassador
2 weeks ago

Hi @ali_hijazi 

 

This all looks "perfect". Checking on some notes... the only thing I have different is I have ExternalProductSignOn_* as well on one of my rules. But doubt that this might be what's missing.

Maybe give it a try?  

 

Regards

Mark the solution as accepted that solved your problem and if you found it useful, press the like button! Check out my YouTube Channel | Follow me on LinkedIn

173 Views
0 Likes
ali_hijazi
Partner - Master II
Partner - Master II
2 weeks ago
Author

In response to JandreKillianRIC

@JandreKillianRIC I added this ExternalProductSignOn_* but still getting the same error message.

I can walk on water when it freezes
170 Views
0 Likes
JandreKillianRIC
Partner Ambassador
Partner Ambassador
2 weeks ago

In response to ali_hijazi

**bleep**.... I will check again later and let you know if I find anything. 

Mark the solution as accepted that solved your problem and if you found it useful, press the like button! Check out my YouTube Channel | Follow me on LinkedIn

167 Views
ali_hijazi
Partner - Master II
Partner - Master II
2 weeks ago
Author

@rwunderlich can you help on this topic?

I can walk on water when it freezes
129 Views
0 Likes
ali_hijazi
Partner - Master II
Partner - Master II
2 weeks ago
Author

@marksouzacosta may you please help here?

I can walk on water when it freezes
110 Views
0 Likes
Levi_Turner
Employee
Employee
2 weeks ago

Triggers don't have a hierarchical relationship in the same way tasks do. Separate out the rule CompositeEvent_*,SchemaEvent_*,ExecutionResult_*,ExecutionSession_* entities into their own rule without the app level qualifiers. Example condition:

(
user.roles = "FinanceDeveloper" and (user.group = "Flash-BI" or user.group="Bifinance")
)

99 Views
ali_hijazi
Partner - Master II
Partner - Master II
2 weeks ago
Author

In response to Levi_Turner

thank you very much @Levi_Turner 
yes it works!!

I can walk on water when it freezes
96 Views
0 Likes