Do not input private or sensitive data. View Qlik Privacy & Cookie Policy.
Skip to main content

cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Announcements
Join us to spark ideas for how to put the latest capabilities into action. Register here!
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Amit_B
Creator II
Creator II
‎2025-09-04 06:22 PM

Bookmark unpublish permission

Hi,

Question about QMC security rules:

I created a rule to allow users (analyzers, not apps owners) to publish bookmarks they create so other users can use them:
!resource.App.stream.Empty() and resource.App.HasPrivilege("read") and resource.objectType = "bookmark"
Action: Publish

The issue is that users are also able to unpublish bookmarks, even if the bookmarks created by other users.

How can I change the rule so that only the bookmark creator (also analyzer, not app owner) can unpublish it?

Thanks!

Labels (2)
Labels
167 Views
1 Solution

Accepted Solutions
hugo_andrade
Partner - Specialist
Partner - Specialist
‎2025-09-04 06:40 PM

Hi @Amit_B !

I love seeing security rule questions! 

So, I will simplify your rule. Since parts of it is already present in other Default rules like CreateAppObjectPublishedApp.

The rule in question needs the following parameters:

  • Resource Filter: App.Object_*
  • Actions: Publish
  • Conditions: ((resource.objectType="bookmark" and resource.owner.userId=user.userId))

If this answer helped you, please mark it as a solution and give it a like.

Thanks!

Live and Breathe Qlik & AWS.
Follow me on my LinkedIn | Know IPC Global at ipc-global.com

View solution in original post

161 Views
1 Reply
hugo_andrade
Partner - Specialist
Partner - Specialist
‎2025-09-04 06:40 PM

Hi @Amit_B !

I love seeing security rule questions! 

So, I will simplify your rule. Since parts of it is already present in other Default rules like CreateAppObjectPublishedApp.

The rule in question needs the following parameters:

  • Resource Filter: App.Object_*
  • Actions: Publish
  • Conditions: ((resource.objectType="bookmark" and resource.owner.userId=user.userId))

If this answer helped you, please mark it as a solution and give it a like.

Thanks!

Live and Breathe Qlik & AWS.
Follow me on my LinkedIn | Know IPC Global at ipc-global.com

162 Views