Qlik Community

Security & Governance

Discussion board where members can learn more about Qlik Sense deployments which are governed and self-service.

Announcements
QlikWorld 2022, LIVE in Denver CO., May 16-19, 2022. REGISTER NOW TO RECEIVE EARLY BIRD PRICING
cancel
Showing results for 
Search instead for 
Did you mean: 
SaturnV
Partner
Partner

Qlik Sense Security Rules - Grant access to apps in a stream.

Hi all,

I need to grant access to a stream and the apps inside this stream for specific users.

My security rule (Resource filter) is as follows: "Stream_c3ca08ab-.....352b9,App_*,App.Object_*"

The problem now is that the users who have access to the stream and the apps inside it also have access to all the other apps inside the HUB. So also in other streams. Because of "App_*". Is there a way to ONLY grant access to the apps INSIDE this specific stream? OR do I have to add all single appIDs like "App_12345,App_34564", which is not a good solution from my point of view to hardcode this like if new apps join the stream or old get deleted...

There should be an easy solution for that as this is what we all want I guess. I stream and the users who see the stream should ofcourse also see the content - only of this stream.

 

Best regards

Julian

1 Solution

Accepted Solutions
Bastien_Laugiero

Hi,

Can you search for a rule called “Stream” in your environment? Is it present and if yes is it enabled?

Could you eventually attach a screenshot of this rule?

As I mentioned, this rule “Stream” is present by default in any environment and basically gives Read access to apps within a Stream given that you have read access to that stream. But this rule can be altered, disabled or deleted which I suspect is what happened.

Bastien Laugiero
If a post helps to resolve your issue, please mark the appropriate replies as CORRECT.

View solution in original post

4 Replies
Bastien_Laugiero

Hi,

It really depend how customized your security rules are but by default there is rule called "Stream" which will give access to the apps within a stream given that the user has read access to this stream. 

So if this rule hasn't been changed or disabled you basically need to create a rule like:

Resource Filter: Stream_id
Actions: Read
Condition: ((user.name="username"))

Hope this helps!

Bastien Laugiero
If a post helps to resolve your issue, please mark the appropriate replies as CORRECT.
SaturnV
Partner
Partner
Author

Hi Bastien,

by removing the Resource Filters "App_*,App.Object_*", the Access to the Apps inside this Stream is lost.


It really depend how customized your security rules are but by default there is rule called "Stream" which will give access to the apps within a stream given that the user has read access to this stream. 


 So I dont understand your statement here. Because only with the "Stream_c3ca08ab-.....352b9" as Resource filter, I am no more allowed to see the Apps inside and the Stream- it seems to be empty - as I tested.

 

Best

Julian

Bastien_Laugiero

Hi,

Can you search for a rule called “Stream” in your environment? Is it present and if yes is it enabled?

Could you eventually attach a screenshot of this rule?

As I mentioned, this rule “Stream” is present by default in any environment and basically gives Read access to apps within a Stream given that you have read access to that stream. But this rule can be altered, disabled or deleted which I suspect is what happened.

Bastien Laugiero
If a post helps to resolve your issue, please mark the appropriate replies as CORRECT.

View solution in original post

SaturnV
Partner
Partner
Author

Hi Bastien,

now I know what you mean. And yes thank you, this works. So there is a predefined rule called just "Stream" and this one solved my issue.

Best regards

Julian