Skip to main content
Announcements
Qlik Connect 2024! Seize endless possibilities! LEARN MORE

Security Rule Example: How to show data model viewer for published apps

0% helpful (0/1)
cancel
Showing results for 
Search instead for 
Did you mean: 
Andre_Sostizzo
Digital Support
Digital Support

Security Rule Example: How to show data model viewer for published apps

Last Update:

Jan 30, 2023 1:32:55 AM

Updated By:

Sonja_Bauernfeind

Created date:

May 26, 2017 3:31:17 AM

How To Grant Users The Access To Data Model Viewer.

With default security rules and settings, users can not see the data model for published apps. However, we can achieve this by creating/updating security rules through the Qlik Sense Management Console.

 

Resolution

Option 1: Create a new Security Rule

  1. Go to the Qlik Sense Management Console
  2. Open Security Rules
  3. Click Create new 
  4. Create the following rule:
    1. Name = DataModelViewers
    2. Description = A description of your choice.
    3. Resource filter App_*
    4. Actions = "Read","Update"
    5. Conditions Users of your choice or a previously defined role you will tag the users with.
    6. Context Both in hub and QMC or Only in hub
  5. Click Apply

 

Option 2: Tagging users as ContentAdmins

This requires a rework of the ContentAdmin rule and will provide far more permissions to users than Option 1. See ContentAdmin for details on what a ContentAdmin is allowed to do. 

  1. Tag the users you want to be able to see data models with the ContentAdmin role. 
  2. Go to the Security Rules 
  3. Locate the default ContentAdmin rule and open it
  4. Modify the rule by changing QMC only to Both in hub and QMC
  5. Click Apply



Labels (2)
Comments
MN2
Contributor III
Contributor III

Andre

With this solution, DatamodelsViewers can also update apps properties (add custom properties) and modify app Name and description in hub for pûblished apps.

It is possible to limit the rules to the data model button ?

Thanks

MN

 

mgranillo
Specialist
Specialist

I'm also finding this rule allows access to all dashboards in the hub. This is not good for data security. Is there a way around this?

Sonja_Bauernfeind
Digital Support
Digital Support

Hello @mgranillo 

For further customization of security rules, I would recommend posting this query over in the Qlik Sense Deployment and Management forums.

All the best,
Sonja 

mgranillo
Specialist
Specialist

Thank you. I've posted a question in that forum.  For anyone that comes across this, we are having this issue because we have app level security in place.  

Ken_T
Creator III
Creator III

This is not really clear on what part of the security rule actually grants access to the Data Model Viewer.

Could those details be added?

What part of Content Admin rules actually allows the data model viewer to work in the hub?

If it was desired to grant this view, without using content admin role (which is very plausible as content admin has tremendous power in qmc) - how could this be done?

This post, as is, begs the question of what conditions and objects control the data model viewer.

Sonja_Bauernfeind
Digital Support
Digital Support

Hello @Ken_T 

I clarified the article,  but am having the rule specifically created for this purpose verified by an SME as well (my tests came back OK, so it works).

To answer your question, it's this bit:

  1. Resource filter App_*
  2. Actions = "Read","Update"

All the best,
Sonja 

tduarte
Partner - Creator II
Partner - Creator II

Hi @Sonja_Bauernfeind 

I assume this would be used in conjuction with
Resouce filter = App.Object_* and Condition resource.objectType = "loadmodel".

Please confirm.

Thanks,
Telmo

Version history
Last update:
‎2023-01-30 04:32 AM
Updated by: