Unlock a world of possibilities! Login now and discover the exclusive benefits awaiting you.
Hello Experts,
We have QlikSense April 2019 version on Windows Server.
On our development server, we have multiple development teams and their streams where the developers have the ability to publish, modify, update, duplicate, etc. Basically all the abilities that are available when creating a security rule.
We have a super-user that needs to review the code of the app built by other developers. And so far the only way I found to get this super-user access to the code of the apps is by switching the ownership of the app from the developer to this super-user. We are seeing increasing number of times where I need to switch the ownership.
So, I am looking for possible solutions where apps built by certain users will be accessible to the super-user to review the code without having to switch the ownership.
Please advise/share tips if this is possible.
Thanks
If you are referring to apps in a developer's work space - I am not aware of any way to let someone else view those without modifying settings files behind the scenes, up to and including giving said someone full permissions on everything (*).
If you'd like to go about modifying said files, have a look at this link:
https://support.qlik.com/articles/000068297
If you're referring to published apps, this should be easily doable, though I am unsure about April 2019 specifically. You'd need to give this user Update permissions on these apps, though, which is more than a little dangerous considering how easy it is to accidentally change something. Read-only access to the script doesn't appear to be an option at the moment, though I've got my own QV partner looking for a solution to that particular request.
Yes you can give others access to the applications in your workspace, it is all in the security rules.
But with many developers the workspace will soon be very crowded with applications.
Thanks for responding. The update permission isn't giving the ability to update the backend code. I believe it allows only to update the front end visualizations.
So, once the app is published to a stream, is it possible to allow multiple users to be able to modify the backend code after duplicating the app? Right now the only person who is able to modify the backend code is whoever is set as the owner of the app.
Hi,
Thanks for responding. So, once the app is published to a stream, is it possible to allow multiple users to be able to modify the backend code after duplicating the app? Right now the only person who is able to modify the backend code is whoever is set as the owner of the app.
Thanks again 🙂
As @Or pointed out, you'd need to modify config files to over-ride default behavior which only shows unpublished apps to the app owner. As for published apps, this is much tricker and certainly not recommended. As a survey of the rights needed:
Entity | Rights Needed | Explanation |
App_GUID | Read / Update | The user needs update rights to the app or set of apps to expose the Data Load Editor / Data Model Viewer / Data Manager |
App.Object_ | Read / Update / Delete | The user needs to be able to see all the objects for the app. Minimally resource.objectType = "app_appscript" and resource.objectType = "loadmodel". Otherwise you risk the user removing the load script |
Ideally you'd use something like a custom property on the multi-developer apps to make the security rules cleaner. I am not providing more detail or examples because this is going to need to be highly customized for your environment. So you're going to need to do some testing and it would be strongly encouraged to test on a dummy app given that you risk removing the load script on the published app.