Unlock a world of possibilities! Login now and discover the exclusive benefits awaiting you.
Hello,
I'm using version 3.2 SR2 and I modified the following security rule:
CreateAppObjectsPublishedApp
adding the below condition :
and (user.group="role_dev" or user.group="role_ext")
---
!resource.App.stream.Empty() and resource.App.HasPrivilege("read") and (resource.objectType = "userstate" or resource.objectType = "sheet" or resource.objectType = "story" or resource.objectType = "bookmark" or resource.objectType = "snapshot" or resource.objectType = "embeddedsnapshot" or resource.objectType = "hiddenbookmark") and !user.IsAnonymous() and (user.group="role_dev" or user.group="role_ext")
---
However I noted a user not belonging to the "role_dev" or "role_ext" is able to create app objects ex. sheet object.
Is it a BUG ???
Please let me know asap.
Many thanks in advance for your time.
Best Regards
Andrea
if you see here I expected to be unable to create (C) objects for this user and app.
or i'm wrong ???
definitely I'm going to create a new case on support portal to fix this issue.
good news for Qlik and for customers of course!
after some try I understand the rule actually it's working as expected, because the user is not able to create app objects even if the button ex. (create new sheet) is shown.
what's happening is the user create a new sheet, but after page refreshed the sheet created disappear in according with the security rule associated.
i think Qlik should improve this behavior hiding the corresponding HTML element.
i hope it's clear.
Hi Andrea,
I have wrote a rule to restrict the duplication of sheets but only after refreshing the page the created sheet disappear.
So I want to disable the edit button when the user using Qlik sense. How to achieve this ?
Hi Nivetha,
I'm sorry but i can't help you on this topic because nobody asked me to do it.
Please let me know if you find something about this request.
BR
Andrea
Disable the CreateAppObjectsPublishedApp rule in Security Rules.
this will disable the Edit option for users
Note: this will disable for all users.
If you like to enable for few users then you'd have to write new rule with App Object* as filter in Rules
!resource.App.stream.Empty() and
resource.app.@SecurityApp="YOURAPPNAMEHERE" and
resource.name!="YOURSHEETNAMEHERE" and
(resource.objectType = "userstate" or resource.objectType = "story" or resource.objectType = "bookmark" or resource.objectType = "embeddedsnapshot" or resource.objectType = "hiddenbookmark") and (user.name="ADDYOURUSER1HERE")
and
(user.name!="ADDYOURUSER2HERE")
the above rule is advance level and this will enable EDIT for only 2 users and only for 1 Sheet.
in version June 2017 Patch 1 the button "create new sheet" is no more visible according to the security rule policy.
the UI improvement finally has been done.
Hello Andrea,
You condition indicated. Is correct ??
Please help me. Thanks
adding the below condition :
and (user.group="role_dev" or user.group="role_ext")
---
!resource.App.stream.Empty() and resource.App.HasPrivilege("read") and (resource.objectType = "userstate" or resource.objectType = "sheet" or resource.objectType = "story" or resource.objectType = "bookmark" or resource.objectType = "snapshot" or resource.objectType = "embeddedsnapshot" or resource.objectType = "hiddenbookmark") and !user.IsAnonymous() and (user.group="role_dev" or user.group="role_ext")
---
Hello All
I really need help on this one!!
In my environment, there are 5 users.. who have the same access. But somehow two of them able to create the sheet however others do not have access to create the sheet
The "CreateAppObjectPublished" rule is not disabled.
Please help me in this.. I am really confused in this
Regards
DC
as gwassenaar said above first check what is going on using Audit.
There you'll find the reason why.