Qlik Community

Qlik Sense Deployment & Management

Discussion board where members learn more about Qlik Sense Installation, Deployment and Management.

Highlighted
fgm001qlik
New Contributor II

Rule to Override App Level Security

Happy New Year Everyone!  

Our current set up has apps in some streams secured by AppLevelManagement where specific AD groups are applied for access.  Leadership now wants a view of all Streams and Apps - the question is:

What is the syntax for the rule that allows leadership to see all streams and apps even those with app level management without having to create a group for leadership and apply it to every app and have to maintain it going forward?  

 

We have gotten this far but cannot view those apps with AppLevelManagement applied to them:

 

((user.group="ITLeaders" and resource.resourcetype="App" and resource.published="true") or user.group = "ITLeaders" and resource.resourcetype ="Stream")

Labels (1)
1 Reply
fgm001qlik
New Contributor II

Re: Rule to Override App Level Security

I figured it out using two rules - one to apply access for leaders to see all streams: Resource - Stream_* and applying the group then a second rule to only read apps published to streams: 

((user.group="ITLeadership") and resource.resourcetype= "App" and resource.stream.HasPrivilege("read"))

 

**To amend to this, the main problem I was having was that App_* itself opened up all apps that were in all work streams showing in the personal work stream of the IT Leaders**