Unlock a world of possibilities! Login now and discover the exclusive benefits awaiting you.
Hi,
I need to enable a Qliksense developer to schedule Reload tasks in QMC. Could you please guide me how to achieve this? I tried creating a security rule, but it is not working for me.
I used this page (https://help.qlik.com/en-US/sense/1.1/Subsystems/ManagementConsole/Content/ServerUserGuide/SUG_Confi...) as a guide to allow a user to create and run a task to reload an application.
In the QMC rule, I only allowed access to the QmcSection_App,QmcSection_Task,QmcSection_ReloadTask sections.
You can assign him/her a ContentAdmin role:
I had tried this. But I can't give him content admin role, as this is specific to his stream. He shouldn't see other streams.
This is working. But I need a modification. Currently the user can access reload tasks created for apps in other streams. i have to restrict the user access by stream. ie, the user should only see the reload tasks created for his app stream. How can I do this?
In your reload security rule, you can limit access to the users apps. Add something like:
Resource Filter: ReloadTask*,SchemaEvent*,CompositeEvent*
Actions: Read, Update, Delete
Conditions:
((user.name="PUT_USER_NAME_HERE" and resource.app.owner.name="PUT_USER_NAME_HERE"))
or resource.resourcetype = "SchemaEvent"
or resource.resourcetype = "CompositeEvent"
Thanks for your quick response. I am trying to design something more general in nature. I am trying to create an "advanced developer" sort of role. you can find the details in the below thread.
Security framework - Sense QMC
The proposed rule should enable users to perform the below activities. But your suggestions are welcome.
Currently I am using a custom property for usertype (=developer) and a set of security rules. I have hard-coded only the stream name.
Replace the user.name="PUT_USER_NAME_HERE" with the custom properties you created and change resource.app.owner.name ="PUT_USER_NAME_HERE" with resource.app.owner.name = user.name
I have modified the rule as below.
Resource filter: ReloadTask_*,SchemaEvent_*,Tag_*,CompositeEvent_*
Actions: create, read, update, delete
Conditions:
user.roles="StreamAdmin" and
resource.app.owner.name = user.name and
user.@usertype="Developer" and (resource.resourcetype="ReloadTask" or resource.resourcetype="SchemaEvent" or resource.resourcetype="CompositeEvent" or resource.resourcetype="Tag")
Note:
StreamAdmin is a new custom admin role created by a security rule.
usertype is a custom property.
Now the user can see only the tasks created by him. But it can't be scheduled and no new tasks can be created. In my requirement, he should be able to create and schedule reload tasks.