Qlik Community

Qlik Sense Deployment & Management

Discussion board where members learn more about Qlik Sense Installation, Deployment and Management.

MVP
MVP

Security rules to enable user-initiated reload?

Hi everybody,

It's my turn to ask a question. I need to enable the user to reload his Sense App from the UI, while the App is published to a stream. I installed an extension from the Branch web site, and it works just fine when the app is not published, however once it's published I'm getting an error message "Access is denied".

Could someone explain to me in detail what security rule(s) need to get created in order to enable that? Should I enable Apps, Reload Tasks, Objects, etc...

thanks in advance,

Oleg Troyansky

10 Replies
gompa786
Contributor III

Re: Security rules to enable user-initiated reload?

Hi Oleg,

I am sure you might have imported your extension to the QMC extensions under Manage resources..

Once you import it should appear on the list and you select it and edit it and you see the below window with user access and you will have to give access

and next create a security rule as below screen shot:

save everything and use the extension in your app and republish to any stream you want and ask the users to whom you have given access to check..

Thanks

MVP
MVP

Re: Security rules to enable user-initiated reload?

Hi Chandrasheker,

thank you so much for your quick response. I tried the suggested, but the problem wasn't solved.

I think the issue is not to enable the extension for a user (all extensions are enabled for all users by default), but rather enabling the published App to be reloaded by the user - and for that, I can't find the correct security rule.

If you could possibly try the following extension:

Qlik Branch

and make it work for a published App, it would help me a great deal!

thanks in advance!

Oleg Troyansky

Not applicable

Re: Security rules to enable user-initiated reload?

Oleg,

I have nothing to contribute, but I hope someone has a simple answer for this need. I too am working through the same scenario with the same extension. Unfortunately, I have very limited rights to my client's server, so I'm unable to test a solution.

The default security rule on our server only allows app owners to reload their own apps.

It would be great if someone could help us with creating a security rule that overrides the default rule and would allow a user to reload any app in a given stream.

Thanks for the original post! I'll follow and update you if I find a solution.

Thanks,

Ben

jlinchec
New Contributor II

Re: Security rules to enable user-initiated reload?

Anyone find the answer to this?  I'm running into the same problem.

Want to have a user with limited access (can not create new apps, can not edit an app), but I want them to be able to push the RELOAD button in the app from an extension and reload it dynamically.

I can't find the correct combination of security rules to make it work.  Just keep getting Access is Denied...

lucienorrin
Contributor

Re: Security rules to enable user-initiated reload?

I'm in the same boat as Jonathan.

It works great for admins but I can't seem to get it working for users.

marcos
New Contributor III

Re: Security rules to enable user-initiated reload?

I was testing the new version of ReloadButton extension too, and it works fine when i used it with the user who was the current owner of the APP, but failed using another user.

I could solve it by making a little change in Security Rule proposed:

Resource filter:

App_*,App.Object_*

Conditions

(((resource.resourcetype="App" and resource.stream.name="Everyone") or (resource.resourcetype="App.Object" and resource.app.stream.name="Everyone" and resource.objectType = "app_appscript")))

Context

Both in hub and QMC

Actions

Read,Update

See the text remarks at Resource filter, Conditions and Actions.

chrislemm
New Contributor II

Re: Security rules to enable user-initiated reload?

Hello,

I know the post is older than a year. I had the same issue today. I solved it with giving the user special access to every data-connection used in the apps script:

ol.PNG

Also you need to add a specific resource rule in the stream:

ol2.PNG

Tell me if you could solve this problem using my hints.

Best regards

hartmoli
New Contributor III

Re: Security rules to enable user-initiated reload?

I figured out a similiar solution, but unfortunately there is the impact after reloading the app, the user has access to the load script, data model and so on.

Same behaviour for the app owner also.

dafnis14
Contributor III

Re: Security rules to enable user-initiated reload?

Hi Oliver,

Does the solution you figured work in Sense September 2018 version?

Community Browser