Qlik Community

App Development

Discussion board where members can learn more about Qlik Sense App Development and Usage.

Announcements
Customer & Partners, DEC. 9, 11 AM ET: Qlik Product & Strategy Roadmap Session: Data Analytics REGISTER NOW
cancel
Showing results for 
Search instead for 
Did you mean: 
Not applicable

Qlik Sense Stream Management Security Rules and Exception Management

Hello all, i followed the video on setting this up for the first step of the process but it doesn't work as shown. I am using the latest version 3, does anyone know if this logic is still valid?

I'm including the video URL:

Qlik Sense Stream Management Security Rules and Exception Management - YouTube

3 Replies
Marcus_Spitzmiller

Hi Walter - the logic is indeed still valid.  Did you get it working?

Marcus

stvegerton
Creator III
Creator III

I tried it today on 3.0.2. It's not working for me. Not sure of what I'm doing wrong yet. I'm very close because when I do an audit, I get a yellow result for the app that has the same custom property value as my test user.

 

My Stream Rule:

 

 

Resource Filter: App*

 

 

Actions: Read

 

 

Conditions: (resource.resourcetype = "App" and resource.stream.HasPrivilege("read") and resource.@AppLevelMgmt.empty()) or ((resource.resourcetype = "App.Object" and resource.published ="true") and resource.app.stream.HasPrivilege("read"))

 

 

 

My Exception Rule:

 

 

Resource Filter: App_*

 

 

Actions: Read

 

 

Conditions: ((resource.stream.HasPrivilege=("read")) and (user.group=resource.@AppLevelMgmt))

 

 

Context: Only in hub

 

 

 

My Custom Property

 

 

Name: AppLevelMgmt

 

 

Resource types: Apps,Users

 

 

Value: Qlik Territory Management & Analysis

 

 

My AD Group

 

 

Qlik Territory Management & Analysis

 

stvegerton
Creator III
Creator III

Still testing, but the issue seems to have been tied to my exception rule:

 

The fix,

 

Remove (resource.stream.HasPrivilege=("read") from the rule syntax:

 

(resource.stream.HasPrivilege=("read") and user.group=resource.@AppLevelMgmt)

 

So that it looks like this:

((user.group=resource.@AppLevelMgmt))