Do not input private or sensitive data. View Qlik Privacy & Cookie Policy.
Skip to main content

Announcements
Qlik Open Lakehouse is Now Generally Available! Discover the key highlights and partner resources here.
cancel
Showing results for 
Search instead for 
Did you mean: 
ali_hijazi
Partner - Master II
Partner - Master II

Help with security rule on Tasks

Hello 
I have a security rule with resource filters as follows:
ReloadTask_*,CompositeEvent_*,SchemaEvent_*,ExecutionResult_*,ExecutionSession_*

Actions:
Create, Read, and Update

Conditions:

(
user.roles = "FinanceDeveloper" and (user.group = "Flash-BI" or user.group="Bifinance")
)

and

(
resource.app.owner.userid = user.userid
or
(resource.app.@FINANCE_SPECIFIC = "YES"
and resource.app.@AppAccess = user.@AppAccess
)
)

 

a user that statisfies these conditions can read the tasks, and can create a task however this user cannot create a trigger on that task.
user can create a task successfully without trigger but when the user tries to add a trigger and clicks the Apply button the following error message appears:

ali_hijazi_0-1753960224980.png

am I missing anything here?

I can walk on water when it freezes
Labels (3)
1 Solution

Accepted Solutions
Levi_Turner
Employee
Employee

Triggers don't have a hierarchical relationship in the same way tasks do. Separate out the rule CompositeEvent_*,SchemaEvent_*,ExecutionResult_*,ExecutionSession_* entities into their own rule without the app level qualifiers. Example condition:

(
user.roles = "FinanceDeveloper" and (user.group = "Flash-BI" or user.group="Bifinance")
)

View solution in original post

7 Replies
JandreKillianRIC
Partner Ambassador
Partner Ambassador

Hi @ali_hijazi 

 

This all looks "perfect". Checking on some notes... the only thing I have different is I have ExternalProductSignOn_* as well on one of my rules. But doubt that this might be what's missing.

Maybe give it a try?  

 

Regards

Mark the solution as accepted that solved your problem and if you found it useful, press the like button! Check out my YouTube Channel | Follow me on LinkedIn

ali_hijazi
Partner - Master II
Partner - Master II
Author

@JandreKillianRIC I added this ExternalProductSignOn_* but still getting the same error message.

I can walk on water when it freezes
JandreKillianRIC
Partner Ambassador
Partner Ambassador

**bleep**.... I will check again later and let you know if I find anything. 

Mark the solution as accepted that solved your problem and if you found it useful, press the like button! Check out my YouTube Channel | Follow me on LinkedIn

ali_hijazi
Partner - Master II
Partner - Master II
Author

@rwunderlich can you help on this topic?

I can walk on water when it freezes
ali_hijazi
Partner - Master II
Partner - Master II
Author

@marksouzacosta may you please help here?

I can walk on water when it freezes
Levi_Turner
Employee
Employee

Triggers don't have a hierarchical relationship in the same way tasks do. Separate out the rule CompositeEvent_*,SchemaEvent_*,ExecutionResult_*,ExecutionSession_* entities into their own rule without the app level qualifiers. Example condition:

(
user.roles = "FinanceDeveloper" and (user.group = "Flash-BI" or user.group="Bifinance")
)

ali_hijazi
Partner - Master II
Partner - Master II
Author

thank you very much @Levi_Turner 
yes it works!!

I can walk on water when it freezes