5 Replies Latest reply: Nov 3, 2016 11:25 PM by Shraddha Gajare RSS

    Need help on Streams 'n' Apps Access

    Sasidhar Kavutha

      Hi All -  We are on v2.1.1 and need help on the security rule for the below scenario - Could you please help in this!

       

      Can you plz check if you got the procedure to allow FULL ACCESS to Stream and CONDITIONAL ACCESS to Apps in that Stream or let me know your thoughts on the same

       

      Scenario -

      Stream (holding App1, App2, App3& App4) has access to all 4 groups A,B,C,D

      App1 to be accessed by A

      App2 to be accessed by B

      App3 to be accessed by C

      App4 to be accessed by D

      Thanks!

        • Re: Need help on Streams 'n' Apps Access
          Vamsi Vandavasi

          Hope this helps. You need to create custom properties one belongs to streams and users. Another custom property belongs to App and users.

           

          Each stream will have custom property value. For example lets say you created a custom property called StreamGroup. You have a stream called Testing. Create a value of Testing or  something that you can identify that it belongs to Testing stream in StreamGroup Custom property. Once you created assign that value of custom property to Stream. Same thing goes with App also.

           

          Stream values and App values from custom property also applies to user profile. Once this is done you will create universal security rule

           

          Disable Stream security rule in order to have below things work

           

          Name of the Rule : UDR_Stream_StreamAccess_Group  (This will give access to Stream )

          Resource Filter : Stream_*

          Context: Hub

          Conditions : ((user.@StreamGroup=resource.@StreamGroup))

           

           

          Name of the Rule : UDR_Stream_App Default Rule  (This will give access to App to users and they can see all apps in  a stream)

          Resource Filter : App*

          Context: Hub

          Conditions : (resource.resourcetype = "App" and resource.stream.HasPrivilege("read") and resource.@AppLevelMgmt.empty()) or ((resource.resourcetype = "App.Object" and resource.published ="true") and resource.app.stream.HasPrivilege("read"))

           

           

          Name of the Rule : UDR_Stream_App Custom Rule  (This will give access to specificApp to users. AppLevelMgmt  is custom property for apps. By default if you dont have any restriction in a stream then you dont assign any values to App. In a stream if you want maintain security for each app then you will assign values of that app and to users.)

          Resource Filter : App_*

          Context: Hub

          Conditions : resource.stream.HasPrivilege("read") and ((user.@AppLevelMgmt = resource.@AppLevelMgmt ))

           

           

          We learned it in a hardway to implement these.Security rules is different world to maintain. please test a lot before making available to users.

          • Re: Need help on Streams 'n' Apps Access
            Nitin Jadhav

            I am facing same problem as Shraddha, No sheets are visible from app.