Qlik Community

New to Qlik Sense

Discussion board where members can get started with Qlik Sense.

sridhar1
New Contributor III

Sheet Level Security in QlikSense

Hi All,

We have requirement where certain set of users need to be restricted from accessing  particular sheets in a application.

I tired both the below process but none of them worked.

https://community.qlik.com/docs/DOC-18300

Sheet or App Object Level Security Qlik Sense

We have 10 sheets out of which 2 sheets need to restricted for set of user group.

If there are any alternative methods please let me know.

Really appreciate your help.

Thanks

1 Solution

Accepted Solutions
boyckeeggen
New Contributor II

Re: Sheet Level Security in QlikSense

Hi Sridhar,

I think in your case you are being overruled by the standard rules of Qlik Sense.

Forgot i did this….

I switched off some standard rules in Qlik Sense, en created some new ones with reduced rights.

i think the rules you need to evaluate are:

- CreateAppObjectsPublishedApp (If you have read rights on an published app you should be able to create sheets, stories, bookmarks and snapshots belonging to that app)

- CreateAppObjectsUnPublishedApp

     (If you have read rights on an unpublished app you should be able to create app objects belonging to that app)

I think these 2 standard rules are overruling the newly created one.

Try to evaluate these (don't change them, just copy them, adjust it, and disable the Original ones).

Regards Boycke

13 Replies
undergrinder
Valued Contributor II

Re: Sheet Level Security in QlikSense

Hi Sridhar,

I didn't peruse the links, but I assume that contains only a workaround for sheet security, I don't think this kind of security exist in Sense.

I suggest you to create two application and publish to different streams according to the user groups.

If the reload would take too much time then you can extract and transforms the input data to qvd-s, and both application can reload from it much faster.

G.

sridhar1
New Contributor III

Re: Sheet Level Security in QlikSense

Hi Gabor,

I am OK with your solution and haven't tried it .But  Also I need have same stream name and application name so that users doesn't notice it as two different streams/apps.

Thinking about below option as well.

Option 2: Have Two Application in one stream and restrict application based on User group.

Thanks

agigliotti
Honored Contributor II

Re: Sheet Level Security in QlikSense

for your kind of request you should work with the security rules.

benoitgochel
New Contributor III

Re: Sheet Level Security in QlikSense

A security rule will work for preventing the access to a sheet but if this sheet contains some master items, the users will be able to create their own page and access it anyway, which is a big risk ...

sridhar1
New Contributor III

Re: Sheet Level Security in QlikSense

Hi Andrea,

I am looking for what security rules need to modified or created to restrict sheet level access. Can you please help me in defining the security rules.

Thanks

sridhar1
New Contributor III

Re: Sheet Level Security in QlikSense

Hi Benoit,

I am looking for what security rules need to modified or created to restrict sheet level access.

Thanks

boyckeeggen
New Contributor II

Re: Sheet Level Security in QlikSense

I my case I created a "custom propertie" on users level (internal or external user).

then i created a security rule like this on "App.Object*" level with "read" rights:

(((user.@InternExtern = "Extern" and (resource.name like "*[$E]" or (resource.objectType="masterobject" or resource.objectType="LoadModel" or resource.objectType="measure" or resource.objectType="LoadModel" or resource.objectType="dimension"))))

So if you are a external user and the sheet has [$E] in its name, you can see it.

and for the internal user i used the same rule but with: resource.name like "*[$I]"

so everyone who is an external user can only see sheets with [$E] in the sheetname, and every internal user can only see the sheets with [$I] in the name.

works like a charm for me and my users. I use this with ALL my app's.

chaudharybilal
New Contributor II

Re: Sheet Level Security in QlikSense

Hi Sridhar,

We've done something like this. Its just a workaround, and will require some manual work.

1. Create a custom property, Select User in "Resource Type.

2. Add Sheet name in values

3. Edit your users, you'll find your newly created custom property. Select the appropriate sheet names that you want the user to have access on.

4. Create a new security rule, and select "App.Object_*" in resource filter.

5. Add the following in the Advanced conditions

((user.@SheetSecurity=resource.name) or user.name=resource.owner.name)

The above condition will ensure that the user will only view the sheets on which they have access to. And will also have access on sheets that was created by that user.

williamfuu
Contributor II

Re: Sheet Level Security in QlikSense

Hi Sridhar,

I have this custom rule to hide sheets named "testsheet" in published dashboards from users that are not RootAdmin:

I don't remember if I had to disable any native rules for this to work, but maybe you can try to adapt it to your scenario?

srule.png

Community Browser