I would suggest just creating a stream for the 2 user to publish apps. However, you can try the security rule below: Resource filter: * (I tested with the asterisk, but you can try with App*) Actions: Read ((user.name="The person you want to give access" and resource.resourcetype="App" and resource.owner.name="The person who has the app in their work stream") and resource.stream.Empty())
Be mindful that all of this will be deprecated or break in Qlik Sense November 2018 Patch 3, February 2019 Patch 1, and April 2019. It was a consequence of a change to how security rules are evaluated which brings up to 80% reduction in load times for the Hub for larger deployments.
Can you provide documentation about this breaking in the current patch. I tested this in Feb 2019 patch. We are exploring the use of custom properties in our security rules and I would like to see if there are any scenarios that I have not tested.