Skip to main content

Qlik

cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
lmcbasher
Contributor III
Contributor III
‎2017-01-19 04:19 AM

Rule with wildcard AND resource property value

I have a rule which allows access to apps if the user property UserAccessCode equals the app custom property AppAccessCode:


     resource.stream.HasPrivilege("read") and ((user.UserAccessCode = resource.@AppAccessCode))


This works fine if the UserAccessCode is ABC and the AppAccessCode is ABC.


What i now want to do is introduce a wildcard so that a single UserAccessCode can access multiple AppAccessCodes. For example:


     UserAccessCode is ABC


     AppAccessCodes are ABC123 and ABC456.


I can do this with a hardcoded wild card, like this:


     resource.stream.HasPrivilege("read") and ((user.UserAccessCode like "ABC*"))


However, i don't know how to do it so that the ABC portion is a property value. Something like this doesn't work:


     resource.stream.HasPrivilege("read") and ((user.UserAccessCode like resource.@AppAccessCode&"*" ))


Does anyone know if this is possible?

1,485 Views
0 Likes
4 Replies
Anonymous
Not applicable
‎2017-01-25 03:01 AM

Hi Benjamin,

Interesting question. I don't think there's a great way of setting up a dynamic wild card match like you want.

Tried it out on my end as well and can't seem to get it going with different syntax checks.

What I would suggest instead is to restructure the custom properties a little instead.

Maybe use one custom property, AccessCode, and assign it to both apps and users and then just match ABC to ABC.

This should give you a baseline app grouping and matching to users. Combined with Streams you already have pretty good segmentation options.

Assign a second custom property allows for another level of segmentation, down to individual apps for example. Maybe call this property AppAccessCode with values ABC123 and ABC456. Tag this custom property to both users and apps as well and have a second security rule that matches app access for when users and apps have matching values for this custom property.

Your AccessCode Custom Property will provide app access on a more "aggregated" level while the AppAccessCode will provide app access on a more "granular" level.

Hope this makes sense.

Best regards,

Johannes

1,147 Views
0 Likes
lmcbasher
Contributor III
Contributor III
‎2017-01-26 07:17 AM
Author

In response to Anonymous

Hi Johannes,

Thanks for looking at this for me.

I was trying to avoid the creation of additional codes on the user, as that is being administered elsewhere and if I could use the single codes we already have then it would make things much simpler.

What i am actually trying to do is have an app with ABC access which has several content libraries accessible from it, hence ABC123 and ABC456. We could then have another app with DEF and corresponding DEF123 and DEF456 content libraries.

It looks like I might have to look at a way of automatically splitting out the ABC into a new additional user property before it passes to Qlik. Then everything else should fall into place.

Thanks again for the help.

All the best,

Ben

1,147 Views
0 Likes
Anonymous
Not applicable
‎2017-01-26 01:48 PM

This is something straightaway not possible with wildcard match with in rules.

1,147 Views
0 Likes
paulcalvet
Partner - Specialist
Partner - Specialist
‎2019-07-03 04:09 AM

In response to lmcbasher

Hello,

I have the same problem. Did you find a solution ?

Regards,

Paul

957 Views
0 Likes