Do not input private or sensitive data. View Qlik Privacy & Cookie Policy.
Skip to main content

cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Announcements
Join us in NYC Sept 4th for Qlik's AI Reality Tour! Register Now
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
rdugg
Contributor III
Contributor III
‎2025-01-10 08:07 AM

Default security rules, prevent script write access to published apps

Hi,

I have a test server where I made some experiment on existing (default) security rules.

The thing is that I'm not sure what I have modified since I cannot diff these rules with their previous state 😕

Users can now edit the script side of a published app and this is a problem.

What default security rules should I lookup to revert that.

Can the Audit panel help me to find out the security rule responsible of that ? how ?

Labels (1)
Labels
626 Views
2 Replies
Mike_Dickson
Support
Support
‎2025-01-13 03:58 PM

Hello @rdugg 

Using the Audit, do the following:
Target Resource: Apps (to narrow it down pick a specific published app using the magnified glass)

User: Select the user who can make the changes to the published app

Environment: Only in Hub

Then click on Audit.  It should show the specific published app and the user who can make the changes.

Next Click on "Associated rules"

This will open a box that will show all of the rules that are affecting this app.

You will want to look for a rule that is not disabled and has something like "Read, Update" within the Actions. You can then click on that rule to open it up and if you remove the "Update", then it will most likely remove the option to edit a sheet and view the Data Load Script.

I hope this help. 

 

Sr. Technical Support Engineer with Qlik Support
Don't forget to mark a solution that worked for you!
571 Views
0 Likes
rdugg
Contributor III
Contributor III
‎2025-03-14 05:53 AM
Author

Thank you but that doesn't really help me.

In a security rule, you have resources that you can target with the resource filter.

Two of those resources are ones that have an objectType "app_appscript" and "loadmodel"

then you can give permissions on resources 

----------------------------------------------------------------------

Permissions are listed here in "Legend" section

https://help.qlik.com/en-US/sense/November2017/Subsystems/ManagementConsole/Content/default-administ...

----------------------------------------------------------------------

How can I use the audit windows to target what permissions are applied to "app_appscript" and "loadmodel" ?

 

Note: that since then I have found my mistake in my security rule. It is was a side effect to support script duplication of an app published to a specific stream.

359 Views
0 Likes