Skip to main content
Announcements
Have questions about Qlik Connect? Join us live on April 10th, at 11 AM ET: SIGN UP NOW
cancel
Showing results for 
Search instead for 
Did you mean: 
Seed1
Contributor III
Contributor III

Qlik Sense Data Connection security

Is it possible to prevent general users from having access to a data connection while allowing the users to read?

Sounds like a contradiction, I know. I have already achieved preventing access to the data connections using the DataConnection security rule - limiting permission to the built in admins only. Works great. General users cannot then see the data connections.

But I am now adding the 'Reload' button extension and I've just figured out that for a general user to use this function they must have read against the connection used by the app. Giving them these permissions then exposes the connection to the user to use in their own app which we cannot permit.

Does anyone know a way to permit data connection access for the reload function only - ie, not then be able to use or see the data connection directly? Note that there are some data connections that I do want to make available, so a blanket workspace ban won't work.

Labels (1)
5 Replies
andoryuu
Creator III
Creator III

We use this solution. They have to be able to read the data connection to use the reload button because it reloads it client-side, not server side. So you have to choose - either they can see the data connections and reload, or not reload. The last option would be to prevent them from seeing the data load editor with security rules.
Seed1
Contributor III
Contributor III
Author

Agreed. The last option to disable access to the load editor seems to be the only option unless we choose not to use the reload extension.

Some quick investigation is leading me to conclude that there are no security filters available to exclude access to the load editor specifically:

https://community.qlik.com/t5/Qlik-Sense-App-Development/Security-Rule-Prevent-Data-Load-Edit-Allow-...

I will raise this as a separate question, but if anyone has any further guidance i would appreciate it.

Seed1
Contributor III
Contributor III
Author

I wonder if it is possible to tie in the rule to Read DataConnections only IF the Reload Extension is invoked, therefore read permission will only be granted when the extension is used?

Rodj
Luminary Alumni
Luminary Alumni

I don't have access to a server currently to try this with but you should be able to create a custom property on the extension that you could use to do this in a security rule. From what I understand though you don't want users to have read permission on the data connection at all and they would need that with the extension, so this still doesn't help. Still this comment might help someone down the track.

Cheers,

Rod

Seed1
Contributor III
Contributor III
Author

No valid solution to this query. Alternative solution can be found:

https://community.qlik.com/t5/Qlik-Sense-Deployment-Management/Qlik-CLI-Reload-Automation-script/m-p...