Qlik Community

Qlik Sense App Development

Discussion board where members can learn more about Qlik Sense App Development and Usage.

Announcements
BI & Data Trends 2021. Discover the top 10 trends emerging in today. Join us on Dec. 8th REGISTER
cancel
Showing results for 
Search instead for 
Did you mean: 
Highlighted
Partner
Partner

App level Access in Qlik Sense using security rules

Hi All, 

I have a stream with 20 apps and around 15 user groups who can see all the apps in that stream. Now I need to add new usergroup who can only view 2 apps out of 10 apps. 

I have gone through the video about "Qlik Sense Stream Management Security Rules and Exception Management" which points out one of the way to achieve app level access. However, in my case, it'll be to cumbersome as I need to tag each of 20 apps with 15 usergroups  under custom property, which will be lot of maintenance in the future if we're to add more groups. 

I tried the below security rules to restrict app level access, however my existing usergroup is not able to see any app in the stream with the modified rule.

Original:

(resource.resourcetype = "App" and resource.stream.HasPrivilege("read")) or

 ((resource.resourcetype = "App.Object" and resource.published ="true") 

 and resource.app.stream.HasPrivilege("read") and (resource.objecttype!="sheet"))  and

 ((user.group=resource.@Group or (resource.@Group.empty())))

 

Modified rule:

(resource.resourcetype = "App" and resource.stream.HasPrivilege("read")) or 

((resource.resourcetype = "App.Object" and resource.published ="true") and resource.app.stream.HasPrivilege("read") and (resource.objecttype!="sheet"))    and 

(user.group=resource.@Group or resource.@Group.empty() and user.group !="ABCD")  or

 (user.group = "ABCD" and (app.id = "b393a7ac-c590-4b6c-8c70-3f312d87a6f6"  or app.id = "d453a7ac-c590-4b6c-8c65-32d421d87a6f6"))

 

Appreciate any inputs on how to modify the above rule for app level access. 

 

Thanks,
Rupini

 

2 Replies
Highlighted
Specialist II
Specialist II

think you need some parens in the user.group part
((user.group=resource.@Group or resource.@Group.empty()) and user.group !="ABCD")
Highlighted
Partner
Partner

This community Post shows how to do App, Sheet or Object-Level Security:

https://community.qlik.com/t5/Qlik-Sense-Documents-Videos/Sheet-or-App-Object-Level-Security-Qlik-Se...