Skip to main content

Qlik

cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Announcements
Join us at Qlik Connect for 3 magical days of learning, networking,and inspiration! REGISTER TODAY and save!
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Oleg_Troyansky
Partner Ambassador/MVP
Partner Ambassador/MVP
‎2016-06-07 07:57 AM

Security rules to enable user-initiated reload?

Hi everybody,

It's my turn to ask a question. I need to enable the user to reload his Sense App from the UI, while the App is published to a stream. I installed an extension from the Branch web site, and it works just fine when the app is not published, however once it's published I'm getting an error message "Access is denied".

Could someone explain to me in detail what security rule(s) need to get created in order to enable that? Should I enable Apps, Reload Tasks, Objects, etc...

thanks in advance,

Oleg Troyansky

Oleg Troyansky
Call me for expert support, performance tuning, advanced training and more!
9,631 Views
0 Likes
25 Replies
Anonymous
Not applicable
‎2016-06-07 09:37 AM

Hi Oleg,

I am sure you might have imported your extension to the QMC extensions under Manage resources..

Once you import it should appear on the list and you select it and edit it and you see the below window with user access and you will have to give access

and next create a security rule as below screen shot:

save everything and use the extension in your app and republish to any stream you want and ask the users to whom you have given access to check..

Thanks

4,642 Views
0 Likes
Oleg_Troyansky
Partner Ambassador/MVP
Partner Ambassador/MVP
‎2016-06-07 10:25 AM
Author

In response to Anonymous

Hi Chandrasheker,

thank you so much for your quick response. I tried the suggested, but the problem wasn't solved.

I think the issue is not to enable the extension for a user (all extensions are enabled for all users by default), but rather enabling the published App to be reloaded by the user - and for that, I can't find the correct security rule.

If you could possibly try the following extension:

Qlik Branch

and make it work for a published App, it would help me a great deal!

thanks in advance!

Oleg Troyansky

Oleg Troyansky
Call me for expert support, performance tuning, advanced training and more!
4,642 Views
Not applicable
‎2017-03-21 04:19 PM

In response to Oleg_Troyansky

Oleg,

I have nothing to contribute, but I hope someone has a simple answer for this need. I too am working through the same scenario with the same extension. Unfortunately, I have very limited rights to my client's server, so I'm unable to test a solution.

The default security rule on our server only allows app owners to reload their own apps.

It would be great if someone could help us with creating a security rule that overrides the default rule and would allow a user to reload any app in a given stream.

Thanks for the original post! I'll follow and update you if I find a solution.

Thanks,

Ben

4,642 Views
0 Likes
Anonymous
Not applicable
‎2017-06-14 06:28 PM

Anyone find the answer to this?  I'm running into the same problem.

Want to have a user with limited access (can not create new apps, can not edit an app), but I want them to be able to push the RELOAD button in the app from an extension and reload it dynamically.

I can't find the correct combination of security rules to make it work.  Just keep getting Access is Denied...

4,642 Views
0 Likes
lucienorrin
Creator
Creator
‎2017-06-28 03:56 PM

I'm in the same boat as Jonathan.

It works great for admins but I can't seem to get it working for users.

4,642 Views
0 Likes
marcos
Partner - Contributor III
Partner - Contributor III
‎2017-07-18 08:47 AM

In response to lucienorrin

I was testing the new version of ReloadButton extension too, and it works fine when i used it with the user who was the current owner of the APP, but failed using another user.

I could solve it by making a little change in Security Rule proposed:

Resource filter:

App_*,App.Object_*

Conditions

(((resource.resourcetype="App" and resource.stream.name="Everyone") or (resource.resourcetype="App.Object" and resource.app.stream.name="Everyone" and resource.objectType = "app_appscript")))

Context

Both in hub and QMC

Actions

Read,Update

See the text remarks at Resource filter, Conditions and Actions.

4,642 Views
chrislemm
Partner - Contributor III
Partner - Contributor III
‎2017-08-31 05:39 AM

Hello,

I know the post is older than a year. I had the same issue today. I solved it with giving the user special access to every data-connection used in the apps script:

ol.PNG

Also you need to add a specific resource rule in the stream:

ol2.PNG

Tell me if you could solve this problem using my hints.

Best regards

4,642 Views
hartmoli
Partner - Contributor III
Partner - Contributor III
‎2018-10-09 02:42 AM

In response to chrislemm

I figured out a similiar solution, but unfortunately there is the impact after reloading the app, the user has access to the load script, data model and so on.

Same behaviour for the app owner also.

4,642 Views
0 Likes
dafnis14
Specialist
Specialist
‎2018-10-17 10:46 AM

In response to hartmoli

Hi Oliver,

Does the solution you figured work in Sense September 2018 version?

4,642 Views
0 Likes