Solved: Re: Mashup access restrictions - Qlik Community

aadil_madarveet · ‎2017-04-18

Hi All,

I have built a mashup using objects from a QVF.

However, i am not able to provide access to a set of folks only for the mashup and at the same time not show the QVF in the streams.IF i publish the app to a stream and provide access to that stream for a set of users and then allow them to access the mashup page, only then it works. Do we have an option to not show the QVF on the hub but still provide access to the mashup for certain users.

Is this possible. if so, could you please help explain how.

Thanks,
Aadil

Anonymous · ‎2017-04-18

I have set up a dedicated Stream for MashUp qvf's used solely as data sources.

I give users access to the data source App, but do not give them access to the Stream. Thus the users can access the App as a data source via the MashUp , but cannot see the Stream or its Apps via the Hub.

View solution in original post

Anonymous · ‎2017-04-18

I have set up a dedicated Stream for MashUp qvf's used solely as data sources.

I give users access to the data source App, but do not give them access to the Stream. Thus the users can access the App as a data source via the MashUp , but cannot see the Stream or its Apps via the Hub.

Alexander_Thor · ‎2017-04-18

We also use the same approach internally for the last 3 years and it has been working wonderfully.

mbj · ‎2017-04-24

Sometimes I also create a new virtual proxy, and authorize on that... (if user logged in via VP1, then show, otherwise reject)

aadil_madarveet · ‎2017-05-23

Hi Bill and Alexander,

at first i assumed that this will simply work by creating a security rule. But, i was wrong.

Could you please help get this right.

I have created a new stream but have added security rule that will not show this stream for any users.

I have Published a mashup app to this stream.

I have created a security rule that has a resource filter as (App*). Here i have written conditions that who should see all the apps.

What else should i do to make this work.

As of now the mashup page loads, but the objects dont render or rather those divs stay blank.

Thanks,
Aadil

petgr138 · ‎2019-01-07

Hi Aadil,

Did you manage to solve this?

I am facing the same problem and have tried setting up a security rules to only give read access to the app but not the stream and the mashups are not working properly.

Best regards
Petter Grundström

petgr138 · ‎2019-01-08

Actually I managed to find a solution. Apart from giving read access to apps in my mashup stream I also needed to create a rule to give read access to app objects for apps in the mashup stream. That solved it and now users with read access to the apps and app objects can't see the stream they're published to but they can see the objects in the mashups.

echo_at_ebi · ‎2019-12-23

Hi Petgr,

Would you please share how to grant user access to mashups, which's included in APPs published in stream the user is allowed to access?

I have the similar requirements to retrict mashups access.

Thanks a lot.

Echo

petgr138 · ‎2020-01-07

Hi Echo,

If a user has read access to the stream you have published the app to and you haven't restricted the app read rights then the user will also have read rights to any mashup you create with objects from that app.

My scenario was that users should NOT be able to see the app in the hub but have read rights to the mashup.
This was solved by giving read rights to the app and then publish it to a stream which no users have read rights to.

So step by step:

Create a stream and make sure no users have read rights to it.
Publish the app to the stream
Create a security rule for the app that gives users read rights to the app (but not to the stream)
Create mashups with objects from the app

This will make sure the users can access the mashups but won't see the app in the hub (even though the could theoretically access it by typing in the full URL to the app)

Best regards
Petter