Skip to main content

Qlik

cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Announcements
Join us at Qlik Connect for 3 magical days of learning, networking,and inspiration! REGISTER TODAY and save!
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
korsikov
Partner - Specialist III
Partner - Specialist III
‎2015-08-12 04:40 AM

How to remove the possibility for anonymous users to see objects in the applications created by the community.

interesting task. It is essential that anonymous users can not see the sheets, history, created and published by authorized users.

In QMC section 'appobjects' it's object maked as Approved ='not approved' and Published='published'

Help me find a rule allowing all users who have permission to read the application to see objects published by other users.

2,066 Views
0 Likes
12 Replies
korsikov
Partner - Specialist III
Partner - Specialist III
‎2015-08-12 12:41 PM
Author

In response to

Jeffrey Goldberg <span class="icon-status-icon icon-employee" title="Employee"></span> написал(а):

(resource.resourcetype = "App" and resource.stream.HasPrivilege("read")) or ((resource.resourcetype = "App.Object" and resource.published ="true" and resource.approved="true" and user.IsAnonymous()) and resource.app.stream.HasPrivilege("read"))

jg

I tried to change the rule as you suggested. Did't help.

320 Views
0 Likes
korsikov
Partner - Specialist III
Partner - Specialist III
‎2015-08-12 12:48 PM
Author

Yippee!

I did it!

All the same, my idea was correct

My security rule "Stream"

Resorce filter  App*

condition

(resource.resourcetype = "App" and resource.stream.HasPrivilege("read")) or ((resource.resourcetype = "App.Object" and resource.published ="true" and resource.approved="true")  and resource.app.stream.HasPrivilege("read")) or ((resource.resourcetype = "App.Object" and resource.published ="true" and resource.approved="false" and  !user.IsAnonymous())  and resource.app.stream.HasPrivilege("read"))

Context Both

Action Read

1,620 Views
0 Likes
korsikov
Partner - Specialist III
Partner - Specialist III
‎2016-07-04 04:26 AM
Author

in  Qlik Sense 3.0 Security Rule has some changes

Resource filter: App*

Conditions

(resource.resourcetype = "App" and resource.stream.HasPrivilege("read"))

or

  (

  (

  (resource.resourcetype = "App.Object" and resource.published ="true" and resource.approved="true" and resource.objectType != "app_appscript" and resource.objectType != "loadmodel")

  or

  (resource.resourcetype = "App.Object" and resource.published ="true" and resource.approved="false" and resource.objectType != "app_appscript" and resource.objectType != "loadmodel" and  !user.IsAnonymous())

    and resource.app.stream.HasPrivilege("read")

  )

  ) 

Context :both

Action: Read

320 Views