2 Replies Latest reply: Feb 29, 2016 8:22 AM by Prahlad Rao RSS

    Using QRS to add a user to a stream

      Hey everyone,

       

      hope you can help with this?

       

      I'm using QRS API calls to import users, create streams, import, publish and reload apps - most of which has been pretty logical and has been achieved.

       

      However, I'm struggling how to link the user to the stream?

       

      I assume the {appendPrivileges} parameters has to be used in some way, but I'm not sure in which command you utilise that?

       

      Should I be adding the users when I create the stream, as part of the /qrs/add/streamname command?

      Should I add the stream, then grab the ID of the stream and associate the users - if so, what command should I use?

       

      Or is there another command that I should be looking at?

       

      If anyone has some examples that they would be willing to share to demonstrate how to achieve this, it would be much appreciated.

       

      Thanks

      Ian

        • Re: Using QRS to add a user to a stream
          Mattias Wijkström

          Hi Ian,

           

          You create the stream first, then add a security rule to allow certain users certain access to the stream using POST to /qrs/systemrule. For example, the following system rule grants all users that belong to "YOUR-DIR" user directory the Read and Publish (2+32=34) rights to "YOUR-STREAM" stream with id a70ca8a5-1d59-4cc9-b5fa-6e207978dcaf. Compare this to creating security rules for the stream in QMC.

           

          {
            "category": "Security",
            "type": "Custom",
            "name": "Security rule for access to \"YOUR-STREAM\"",
            "rule": "((user.userDirectory=\"YOUR-DIR\"))",
            "resourceFilter": "Stream_a70ca8a5-1d59-4cc9-b5fa-6e207978dcaf",
            "actions": 34,
            "comment": "User conditions for stream access",
            "disabled": false,
            "ruleContext": 0
          }
          

           

          The "actions" property should be a sum of the values of the actions you want the rule to allow based on the following definitions:

           

          None0
          Create1
          Read2
          Update4
          Delete8
          Export16
          Publish32
          ChangeOwner 64
          ChangeRole128
          ExportData256

           

          The "ruleContext" property should be one of the following:

           

          BothQlikSenseAndQMC 0
          QlikSenseOnly1
          QMCOnly2

           

          /Mattias