Skip to main content

Qlik

cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Announcements
July 15, NEW Customer Portal: Initial launch will improve how you submit Support Cases. IMPORTANT DETAILS
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
_Adam_
Contributor III
Contributor III
‎2023-02-06 04:45 AM

Security Rule For Limiting Extensions User Access

Hi All,

I need help with configuring "Special" security rule for Extensions in Qlik Sense.
I've searched around and found this post, but it seems that the soultion suggested will not fit.
https://community.qlik.com/t5/Deployment-Management/Qliksense-Extension-Permission-Security-rule/td-...

We have 60 Extensions, we need to limit the access for 3 special extensions for only a specific users group. (We have active directory group that includes the allowed users to access).
I dont mind that this specifc group of users will see the all the 60 extensions, but I dont want all the other qlik users to be able to view those special extensions.

Is there is a way that I can modify those 3 special extensions to make it viewable only for the specific group ?
We need a soultion that can be managed easily in the future.
I've added a screenshot of the extension that I want to limit access to.

Thank you,
Adam

Labels (2)
Labels
Preview file
44 KB
752 Views
0 Likes
3 Replies
henrikalmen
Specialist
Specialist
‎2023-02-06 05:24 AM

Security rules always allow access, they don't deny it. So you need to exclude the three extensions from the general extension rule (something like resource.id!=ExtensionID), and then create a new rule that allows the three extensions for your specific users (and for e.g. admins).

740 Views
0 Likes
_Adam_
Contributor III
Contributor III
‎2023-02-08 01:56 AM
Author

In response to henrikalmen

Hi @henrikalmen,

Thank you for your feedback, It's been a great help for me.
I wanted to share how I did it in case other members will be needing to set something similier on their enviroments.

On the picture "New customised general security rule" its basically the new general rule that allows everyone to view all extensions except the ones I wanted to exclude. (I disabled the default "Extensions" rule)

If you will take a look on the attached picture callled "Security Rule for specific extension" you will notice that I limited each extensions seperatly on each security rule.
Under the "Resource Filter" field.

I have 3 extnensions I wanted to limit the access to, so I created 3 sepreated security rule for each one.
Is there is an option that I can do it within one security rule instead of 3 ?
What is the sintext that I need to insert in the "Resource Filter" field to make it work for 2 or more extensions ?

Thanks again!
Adam

Preview file
37 KB
Preview file
254 KB
Preview file
252 KB
709 Views
henrikalmen
Specialist
Specialist
‎2023-02-14 07:46 AM

I have 3 extnensions I wanted to limit the access to, so I created 3 sepreated security rule for each one.
Is there is an option that I can do it within one security rule instead of 3 ?

You should be able to create a resource filter for Extension_* and then in conditions do something like this to make the rule apply only to specific extentions and users:

 

((resource.id="02e6..." or resource.id="0997....") and (user.userId="user1" or user.userId="user2"))

 

 

682 Views
0 Likes