Skip to main content

Qlik

cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Announcements
Introducing Qlik Answers: A plug-and-play, Generative AI powered RAG solution. READ ALL ABOUT IT!
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
123vecc
Contributor
Contributor
‎2021-09-21 11:10 AM

Override Stream default Access Rule

Hello Community 

I have 2 groups of user : Sales and Finance and I am trying to allow my users to have access to different sheets located in the same app called "Report" located in the stream "Invoices" so I followed every step of the following post : https://community.qlik.com/t5/Qlik-Sense-Documents/Sheet-or-App-Object-Level-Security-Qlik-Sense/ta-...

I started by creating two custom properties : @ApplvlManagment and @StreamlvlManagment with the following values :  "Sales" and "Finance" for my two group.

After assigning the custom properties to the stream, app and users I created a first rule on App.Object_* : user.@AppLevelManagment=resource.@AppLevelManagment and two other rules : one manage the app object access for the Finance group and the other manage the app object acces for the Sales Group.

I had to disable the default stream rule but I couldn't see my apps without it so I cut only the second part of the rule: "or ((resource.resourcetype = "App.Object" and resource.published ="true" and resource.objectType != "app_appscript" and resource.objectType != "loadmodel") and resource.app.stream.HasPrivilege("read"))"

Now it is working well I can see only certain sheets with the Finance group and other sheets with the Sales group located within the same app. My problem is that I have other streams and my users cannot access to the app object of those streams anymore. I know it is because I deleted the part that granted App.Object access in the stream default rule.

Is there a meaning to override the stream default rule and write an other one to still have my users of the two group Finance and Sale separated within the app "Report" while allowing them to keep seeing the AppObject contained in other apps within other streams ? 

Labels (1)
Labels
720 Views
0 Likes
3 Replies
rohitk1609
Master
Master
‎2021-09-22 02:24 PM

What you are trying to do is custom security. When you want to do custom security you have to disable STREAM default rule.

What you can try to create new STREAM rule which affects all the streams than the stream you have created for this exercise. 

670 Views
0 Likes
123vecc
Contributor
Contributor
‎2021-10-06 11:08 AM
Author

In response to rohitk1609

Hello, thanks for your answer. Do you have an idea of the script I should write into the security rule "Conditions" ?

 

624 Views
0 Likes
rohitk1609
Master
Master
‎2021-12-03 02:32 PM

Its not that easy. drop an email on kumar.rohit1609@gmail.com, lets discuss there

469 Views
0 Likes