17 Replies Latest reply: Sep 22, 2017 10:28 AM by cristian gonzalez RSS

    Qlik Sense security rule problem

    Andrea Gigliotti

      Hello,

      I'm using version 3.2 SR2 and I modified the following security rule:

      CreateAppObjectsPublishedApp

       

      adding the below condition :

      and (user.group="role_dev" or user.group="role_ext")

       

      ---

      !resource.App.stream.Empty() and resource.App.HasPrivilege("read") and (resource.objectType = "userstate" or resource.objectType = "sheet" or resource.objectType = "story" or resource.objectType = "bookmark" or resource.objectType = "snapshot" or resource.objectType = "embeddedsnapshot" or resource.objectType = "hiddenbookmark") and !user.IsAnonymous() and (user.group="role_dev" or user.group="role_ext")

      ---

       

      However I noted a user not belonging to the "role_dev" or "role_ext" is able to create app objects ex. sheet object.

       

      Is it a BUG ???

       

      Please let me know asap.

       

      Many thanks in advance for your time.

       

      Best Regards

      Andrea