Unlock a world of possibilities! Login now and discover the exclusive benefits awaiting you.
Hello,
I am currently exploring the security rule section of the QMC, and I am having trouble with App Object Access Rules. I was curious as to
1) Whether it was possible to create a rule allowing access to a specific sheet or bookmark? If so how am I able to identify that specific object in the advanced security rule?
2) How do I create a Security Rule that states only people of a specific group can create Sheets. (essentially the problem I have is how do I refer to all sheets)
Thanks
Hi Jeffrey,
Thanks for the reply, it was a great video !
I followed every step and all went good BUT, with the new customised security rules, I can control the which app is showed depending on your custom property BUT when I open an Application, It appears as if it is Empty :
Here are the 2 security rules as configured by Marcus:
1) AppAccess:
(resource.resourcetype = "App" and resource.stream.HasPrivilege("read") and
resource.@AppLevelManagement.empty())
or ((resource.resourcetype = "App.Object" and resource.published ="true"
and resource.app.stream.HasPrivilege("read"))
2)AppAccessException :
resource.stream.HasPrivilege("read") and ((user.@AppLevelManagement=resource.@AppLevelManagement))
With those 2 rules, I can manage which user can view which app(s), but the apps are EMPTY.
Now If I go back to the original security rule which permits every user to see every app in the stream if they are authorized to view the stream (the rule is called Stream), I notice that there is a line like this:
resource.objectType != "app_appscript" and resource.objectType != "loadmodel"
I tried to change my new customised rule and add that line:
But still, the app is empty:
(resource.resourcetype = "App" and resource.stream.HasPrivilege("read") and
resource.@AppLevelManagement.empty())
or ((resource.resourcetype = "App.Object" and resource.published ="true"
and resource.objectType != "app_appscript" and resource.objectType != "loadmodel")
and resource.app.stream.HasPrivilege("read"))
I can't figure out what's happening, can you help please? Or tag Marcus to do so? Thanks !
I just added App.Object_* as a ressource filter.
with on only App_* as a resource filter, we can't see any sheet !
with App_*,App.Object_* or App* as a resource filter we can see the sheet.
Originally, when we select as a template for building our rule 'app access', the default resource filter is App_*
With App_* as a resource filter, you won't be able to see the sheets
Hi, the links from your post are not working, they are posted below, can you fix? Thanks,
Reference to security rules here with samples: http://help.qlik.com/sense/en-US/online/#../Subsystems/ManagementConsole/Content/ServerUserGuide/SUG...
Here is another that answers your #2 question: http://help.qlik.com/sense/en-US/online/#../Subsystems/ManagementConsole/Content/ServerUserGuide/SUG...