Unlock a world of possibilities! Login now and discover the exclusive benefits awaiting you.
Hi,
I want to achieve the following:
Unfortunately I couldn´t find a waterproof concept to provide this.
I my investigations I found the following issues:
With this I see the following security risks:
a) Key user can create a task to load data for the copied app. The scheduled task runs with context of user sa_scheduler, having access to all LIBs. Load of data will be possible
b) In case the load script is stored in an external include-file the key user could download the log of the executed task and re-construct the complete script
c) The key user could also use the existing script code of the copied app and add further lines to override section access of the original app and gets access to all data
Has anyone already implemented a secure and waterproof concept to achieve the requirements above?
Regards,
Thomas
Hi Thomas,
mine probably is not the answer, but I'd like to have a conversation that maybe could be helpful to you and me, to improve our skills. I've found your issues very interesting, and I'd like to see if my way to manage some problem could be "waterproof", or maybe improved.
Generally I create two apps:
- app one, that fetches the data and create only .qvd files;
- app two, that read only the .qvd files (created by app one) I want to be read, and it has all the visualizations.
The first app is put in a Stream that is seen only by me.
The second app, read all the data and the section access with load statements like
load*from ... .qvd;
so it is totally blank for the user.
What do you think?
Hi Simone,
with your approach you have potentially all the security issues as mentions in my original post.
The second app contains some script code for
a) loading data from QVD files from a certain lib
b) to apply section Access
If the script statements are visible for the key user in the load script he can add further code to override section or deactivate section access and get access to all data.
In the case you are the only person who have access to the LIB this is not secure enough if the user can create and execute a reload task in the QMC (which is requirement in my case).
If the user performs the reload by a task in the QMC the script code is performed with the user INTERNAL\sa_Scheduler who has access to all LIBs. This would therefore open access to unauthorized data.
BR T
The problem is if the app is duplicated, so they can have access to the script?
Because if so, only the owner could duplicate it
Security Rule - Duplicate Apps in QlikSense Hub
If you are the only owner, no one else could copy it, go to the load script and so on.
So if you publish it and no one could copy it, no one could read the load section.
I´m not sure if we have the same situation/requirements.
In my case local key users heed to have access to the script editor.
They also need to have access to certain apps in the QMC to make a copy, because the owner of the central app is someone else.
Further they need access to the task section in QMC to schedule reload tasks.
With These preconditions I can´t find a secure way to protect data.
BR T
I am not sure if either of these will help you.
1. You could put your script into a file and then use an Include statement in your app. I don't believe that the code will be displayed.
2. Put your code in a 2nd app. Then do a binary load into your app. The code will not be displayed in your app.
Hi Mark,
thanks for your answer. As already written in the initial post regarding 1)
b) In case the load script is stored in an external include-file the key user could download the log of the executed task and re-construct the complete script
Regarding 2) Binary Load is not supported as I know. Further a binary load wouldn´t apply section access I think.
Any other solutions?
BR T
Binary Load is supported in Qlik Sense. At least if you have a fairly current version installed.
You´re right. Binary Load is allowed. But in case the app folder must be accessible as a LIB, which would cause to have access to all other apps (which have no section access).
To create a job to copy the app to somewhere else is also no option.
Finally the binary load load´s only data including section access. Visualisations, sheets and other staff is not loaded.
Therefore I can drop out this option.
Maybe another idea to fulfill requirements of initial post?