Hi,

I need some help with one of the features in Qlik sense related to security rules.

When user ‘A’ creates a bookmark and makes it default and if user ‘B’ has access to the app then the default bookmark is loaded when user ‘B’ clicks on the app.

There is a default rule called stream which looks like:

We have a custom Qlik security framework where in we have to disable this rule.

After Disabling this rule when user ‘B’ opens the app the default bookmark is not displayed.

To identify the specific object related to loading a bookmark, I started including resource.objecttype != appobjects.

In the final rule I included all the app objects provided in the documentation. The final rule was like

((resource.resourcetype = "App.Object" and resource.published ="true"

and resource.objectType != "loadmodel"

and resource.objectType != "app_appscript"

and resource.objectType != "hiddenbookmark"

and resource.objectType != "bookmark"

and resource.objectType != "userstate"

and resource.objectType != "embeddedsnapshot"

and resource.objectType != "sheet"

and resource.objectType != "story"

and resource.objectType != "snapshot"

and resource.objectType != "dimension"

and resource.objectType != "genericvariableentry"

and resource.objectType != "snapshot"

and resource.objectType != "masterobject"

and resource.objectType != "measure"

and resource.objectType != "odagapplink"

)

and resource.app.stream.HasPrivilege("read"))

Even after including all the appobjects with the not equal to condition the default bookmark is getting loaded for user ‘B’

When I disable this rule the default bookmark is not getting loaded for user ‘B’.

Can anyone advise the specific app.obejct that is related to bookmark load or some other event affecting it