Skip to main content
Announcements
Join us at Qlik Connect for 3 magical days of learning, networking,and inspiration! REGISTER TODAY and save!
cancel
Showing results for 
Search instead for 
Did you mean: 
Not applicable

Security rule for disable and enable app options

hi,

is it possible to disable or enable some of the below options in qlik sense for a particular app using security rule for a AD group users.

bookmark creation - enable

Sheet duplicate /edit -disable

take snapshot - enable

snapshot library -enable

export data - enable

I tried with below conditions in security rule for app.Object_appname , but it completely disable all the above option.

!resource.App.stream.Empty() and resource.App.HasPrivilege("read") and (resource.objectType = "userstate" or resource.objectType = "sheet" or resource.objectType = "story" or resource.objectType = "bookmark" or resource.objectType = "snapshot" or resource.objectType = "embeddedsnapshot" or resource.objectType = "hiddenbookmark") and !(user.group="TEAMQLIK1" or user.group="TEAMQLIK2")

can you please advise what need to be modified in above condition.

thanks

Prasanta

1 Solution

Accepted Solutions
rittermd
Master
Master

This is the rule I am using.  The group QlikConsumer can not add sheets.  But they can do stories, bookmarks, etc.  Everyone else can do everything.  Let me know if this helps any.

!resource.App.stream.Empty()

        and resource.App.HasPrivilege("read")

        and (  

            resource.objectType = "userstate"

            or (

                resource.objectType = "sheet"

                and user.group != "QlikConsumer"

               )

            or resource.objectType = "story"

            or resource.objectType = "bookmark"

            or resource.objectType = "snapshot"

            or resource.objectType = "embeddedsnapshot"

            or resource.objectType = "hiddenbookmark"

            )

        and !user.IsAnonymous()

View solution in original post

3 Replies
rittermd
Master
Master

This is the rule I am using.  The group QlikConsumer can not add sheets.  But they can do stories, bookmarks, etc.  Everyone else can do everything.  Let me know if this helps any.

!resource.App.stream.Empty()

        and resource.App.HasPrivilege("read")

        and (  

            resource.objectType = "userstate"

            or (

                resource.objectType = "sheet"

                and user.group != "QlikConsumer"

               )

            or resource.objectType = "story"

            or resource.objectType = "bookmark"

            or resource.objectType = "snapshot"

            or resource.objectType = "embeddedsnapshot"

            or resource.objectType = "hiddenbookmark"

            )

        and !user.IsAnonymous()

Not applicable
Author

hi Mark,

yes i have written something like this and its working for me.

can you please help me to understand whod does it mean by "Userstate"

and secondly where we can define the enable and disable condition for an user to publish an app.

For example, an user should create and duplicate a sheet, but should not have rights to publish it.

thanks

agigliotti
Partner - Champion
Partner - Champion

Hello,

Please take a look at my thread here Qlik Sense security rule problem

Can you help me ?

Many thanks.

BR

Andrea