Skip to main content

Qlik

cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Announcements
Qlik Connect 2024! Seize endless possibilities! LEARN MORE
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Not applicable
‎2016-10-05 05:27 PM

All app object access except sheets

I am trying to set up a security rule so that the users can have access to all app objects except sheets. Further, users should only be able to see bookmarks, stories etc.created by themselves and should not see the bookmarks, stories etc. created by other users.

I have been trying the following:

Resource filter: App.Object_*

Actions: Create, Read

Conditions: !resource.App.stream.Empty() and resource.App.HasPrivilege("read") and (resource.objectType = "userstate"  or ((resource.objectType = "story" and story.owner=user) or (resource.objectType ="bookmark" and bookmark.owner=user) or resource.objectType = "snapshot"  or  resource.objectType = "embeddedsnapshot"  or resource.objectType = "hiddenbookmark")) and !user.IsAnonymous()

But this rule removes the capability of Users to create book marks, stories etc.

Can anyone point out where i am going wrong?

718 Views
0 Likes
6 Replies
rohitk1609
Master
Master
‎2016-10-06 02:32 AM

Hi Ashutosh,

What you need to do just restrict Sheet in security rule , Donot add any rule for what you want to show to your concern user because by default user can see everything , Security rules are here for restrict objects from a user .

489 Views
0 Likes
Not applicable
‎2016-10-06 12:36 PM
Author

In response to rohitk1609

That is the requirement.

If you see the security rule closely, I have tried to pin the ownership of app objects (bookmarks, stories, etc) to the corresponding user, but its not working -- Am I missing something?

489 Views
0 Likes
rohitk1609
Master
Master
‎2016-10-07 12:46 AM

In response to

Hi Ashutosh,

As you have created your security rule , you are trying to grant the access of story , book mark to user but what you need to do , try to restrict user to sheets only , by default rest of the object like bookmarks can be accessible to your user. 

489 Views
Not applicable
‎2016-10-07 08:46 AM
Author

In response to rohitk1609

I understand what you mean. But the point is, I want the users to create stories, bookmarks etc. (but not sheets) -- so if I provide "Read" access to Sheets, it will only provide read access to bookmarks, stories etc. But they will not be able to create bookmarks, stories etc.

489 Views
0 Likes
Not applicable
‎2016-10-07 09:20 AM
Author

Thanks Rohit for you help.

Was able to create the rule as below to have users create app objects (except sheets), and the users should not be able to see app objects (bookmarks, stories etc.) created by other users).

Should be useful for anyone looking for such a requirement.

Resource Filter: App.Object_*

Actions: Create

Condition: !resource.App.stream.Empty() and (resource.objectType = "userstate" or resource.objectType = "story" or resource.objectType = "bookmark" or resource.objectType = "snapshot" or resource.objectType = "embeddedsnapshot" or resource.objectType = "hiddenbookmark") and !user.IsAnonymous()

489 Views
0 Likes
rohitk1609
Master
Master
‎2016-10-07 01:37 PM

In response to

Hi Ashutosh,

What if you provide Create Access too ?

489 Views