Qlik Community

New to Qlik Sense

Discussion board where members can get started with Qlik Sense.

Not applicable

App based security rule in qlik sense

Hi,

i have two apps and some AD goups into which users have been added. same user are part of multiple AD groups.

I have a scenario, where i want to give one AD group to create sheet, bookmark, publish sheets and all facilites under one app.

where as for the second app, i want to give this AD group without sheet creation permission.

which means they can create all other app ojects like bookmark , story and all.

I tried to use the below security rule, but it did not work.

please advise in which part i am doing wrong.

i have disabled the stantad create app object security rule in qmc.

also is it possible to restrict users to create a sheet but not capable of publishing that.

App1

================

Resource filter - App_05f36db7-22e7-4da2-9900-abcf8316a94c,App.Object_*

Condition -

!resource.App.stream.Empty() and resource.App.HasPrivilege("read") and (resource.objectType = "userstate" or resource.objectType = "sheet" or resource.objectType = "story" or resource.objectType != "bookmark" or resource.objectType = "snapshot" or resource.objectType = "embeddedsnapshot" or resource.objectType = "hiddenbookmark") and !(user.group="TEAM1")

App2

===============

Resource filter -  App_22e7-4da2-9900-abcf8316a95c,App.Object_*

Condition

!resource.App.stream.Empty() and resource.App.HasPrivilege("read") and (resource.objectType = "userstate" or resource.objectType != "sheet" or resource.objectType = "story" or resource.objectType != "bookmark" or resource.objectType = "snapshot" or resource.objectType = "embeddedsnapshot" or resource.objectType = "hiddenbookmark") and !(user.group="TEAM1")

3 Replies
aej
New Contributor

Re: App based security rule in qlik sense

Hi,

Could you explain what they are seeing now?

Or what is it that is not working as per your expectations.

+ what do you want to do with 2 times "and !(user.group="TEAM1")"

Meaning that users should not be part of that group for both rules.

Not applicable

Re: App based security rule in qlik sense

actually i have two apps and access to this apps is based on AD groups.

i want to define security rule so that the same user.group = TEAM1 can have access below.

APP1

--------------

the users under TEAM1 AD group should can duplicate, edit sheets and can create stories and bookmarks

But for APP2, the same TEAM1 AD group should only have readonly access, no duplicate or edit, or create bookmark or anything.

Not applicable

Re: App based security rule in qlik sense

Hi,

We have to achieve this through Custom property.

Please view the full YouTube video using the below link:

https://www.youtube.com/watch?v=feSaaJZ7Jco


Please mark my comment helpful!

Community Browser