QMC Security Rule Import App - Qlik Community

michal_durica · ‎2017-02-16

Hi,

I would like to create security rule where user will have access on the level of Content Admin to just his streams and related apps.

I am able to create it but I need to edit rule that user can import app from his desktop.

See attached pics.

The first one shows how it is, the second one how it should be.

Anonymous · ‎2017-03-23

Hi Michal,

i am facing the same question, have you found an answer in the meanwhile?

Best reagrds!

MK9885 · ‎2017-03-23

Maybe this link would help?

Qlik Sense Security integration - Security Rules and Section Access

And when you check default Content Admin role, he has quite a few resources applied. You should try to do same with the user/group you want to give access...

Maybe try with AND/OR rule with user name and value and give it a try?

Anonymous · ‎2017-03-24

Hi Aehman,

i do not understand your solution you create with a security role a user role "Content Admin" that is only working for a special user. Makes for me no sense. With this approach the user will see all content and not just his streams and related apps. Its quite the same just giving the user the user role "Content Admin", but this is not the case here.

MK9885 · ‎2017-03-24

You need to create a new rule same like default Content Admin role.

Take those resources, add user name to it and also the app name.

DO NOT modify the default content Admin role and probably disable it?

I'll test it and update it here...

MK9885 · ‎2017-03-24

Note: For testing purpose I just created a random Customproperty with name CUser. You can create your own and there is no need to Disable the Default Content Admin role.

Do the following steps.....

1. Create a custom property as CustomContentAdmin following, give the value as CustomContentAdmin

2. Create a Security Rule to Create a New Role as following

Resource Filters: QmcSection_App, QmcSection_Stream ,Stream,App,ReloadTask_*,UserSyncTask_*,SchemaEvent_*,User*,Extension_

3. Go to users and under Role, you'll find CustomContentAdmin. Add this new role to the user and also you can add the same Custom property to the Apps or Streams etc... But I believe only Role will be enough.

4. Create a new Security rule as following

Resource Filter: App_*,ReloadTask*, SchemaEvent*,CompositeEvent*, ExecutionResult*,DataConnection*

In user You'll give value as CustomContentAdmin and below that @CustomContentAdmin, value as CustomContentAdmin.

It worked fine for me, though it took hours to figure out but finally it worked.

I hope it works for you as well?

Thanks.

MK9885 · ‎2017-03-24

You can learn more on

https://help.qlik.com/en-US/sense/1.1/Subsystems/ManagementConsole/Content/ServerUserGuide/SUG_Confi...

Creating Team administrators in Qlik Sense

michal_durica · ‎2017-03-30

Hi Aehman,

I do not work. I do not understand what is it mean to create custom property. Where is defined which stream the user can see?

MK9885 · ‎2017-03-30

https://help.qlik.com/en-US/sense/3.2/Subsystems/ManagementConsole/Content/create-custom-property.ht...

https://help.qlik.com/en-US/sense-developer/3.2/Subsystems/Extensions/Content/extensions-add-custom-...

https://help.qlik.com/en-US/sense/1.1/Subsystems/ManagementConsole/Content/ServerUserGuide/SUG_Setti...

Please go thru the above links.

In your case for create custom property like below image.

After above step follow my previous post with images on how to create security rules.

Assign a user or group to the CUser Admin role. (You can give your own name as I mentioned, CUser I used for an example).

If you still don't get it, maybe do some search on Youtube or Community about how to create security rules, custom properties etc.

Thanks.

Anonymous · ‎2018-02-01

If you just want a rule for importing an App inside the qmc you can create a security rule with following

Resource Filter: App_*,DataConnection*

DataConnection is needed as while importing Apps, Apps that use Dataconnections want to import them also.