Skip to main content
Announcements
Accelerate Your Success: Fuel your data and AI journey with the right services, delivered by our experts. Learn More
cancel
Showing results for 
Search instead for 
Did you mean: 
Anonymous
Not applicable

QMC Security Rule - How to restrict app publishing by stream?

I am trying to create QMC organizational admin roles for my power users to do publishing of their apps.

I have created the custom property for each stream by division.

Criteria 1: The user must be a Division Admin

Criteria 2: The user can publish any application belong to that division OR any application created by them

Criteria 3: The user can only publish in the division stream which the user belongs to

Security Rule (A)

((user.roles="DivisionAdmin")

and (resource.@Company_Division=user.@Company_Division or resource.owner.name=user.name)

and (resource.stream.@Company_Division=user.@Company_Division)

and (resource.resourcetype="App" or resource.resourcetype="App.Object"))

Action: Create, Read, Update, Delete, Publish

Security Rule (B)

I have another security rules which gives read access of users to individual stream. (Governed by custom property)

Criteria 1: The user can read any stream as long as given access to


My security rule goes like this:

((resource.@Company_User_Stream_View=user.@Company_User_Stream_View))

Action: Read, Publish

Following this thread, Re: Can't publish a sheet‌, I am able to resolve the issue of missing publish button.

However, I am not able not able to restrict my power users to publish applications in certain streams only. (i.e. Rule A, Criteria 3)


Please advise, if you know the solution. Thanks in advance!

0 Replies