I need to create a custom administration role, it's a content admin with less privileges that I need.
I already spend time on it but it's not working as expected yet...
I know that there is probably two security rule that needs to be created, one for app*,Stream* privileges and another one for QMC sections.
My need is to give only Apps and Tasks qmc sections, with some privileges
on the Apps section I need the admin (which is a user also) to see only the apps that are published on the stream that he has access to, with Export, publish and 'reload now' privileges (I don't think there is a configuration to only remove the create_new_task_button, but it would be great if I can grey this out).
On the tasks qmc section, I need the admin to see only the tasks related to the apps that are only published on the streams that he has access to.
I figured it out to open qmc section and open privileges, but as soon as I add a condition like this user.@custompropertyX=resource.@custompropertyX to the security rule, the list of apps are restricted correctly BUT the export privilege is greyed out (even with the export and exportdata selected).
