1 Reply Latest reply: Oct 31, 2017 4:53 PM by Shahbaz Khan Mohammed RSS

    Stream rights for users with role RootAdmin

    Marco B

      I am trying to setup a couple of streams with different rights for users with role "RootAdmin"


      DEV-Sales (Apps within have full rights)

      STAGING-Sales (Read Only - No EDIT allowed)



      •     I have setup Full rights  (Create, Read, Update, etc) for this Stream_5ea49633-2e2d-4a03-a78a-bcba4aba7bdf
      •     Condition((user.roles="RootAdmin"))


      However,, I can;t seem to get the EDIT option on any app inside this stream.


      Now.. If I add App_*,App.Object_*, then I am able to see the EDIT option.


      But.. It will also allow EDIT on apps in other read-only streams that I don't want it enabled. (i.e: STAGING-Sales).

      I tried to also to use the following expression:

      ((user.roles="RootAdmin") and (resource.stream.@StreamEnvironment="DEVELOPMENT"))


      where the DEV-Sales Stream has been setup with the custom property @StreamEnvironment = "DEVELOPMENT"

      and yet .. no luck. The EDIT Option goes away again. I am looking for a simple solution, but can't see to find one that works.

      Thanks in advance.

        • Re: Stream rights for users with role RootAdmin
          Shahbaz Khan Mohammed

          Check for Default Security Rule for EDIT.

          Copy Paste that rule and create a new rule by Disabling the default rule or other rules for EDIT won't work.


          Sol1: And try adding User Role as Root Admin (((user.roles="RootAdmin")))


          Sol2: If you have EDIT rule working for All the Streams and Apps then use !=stream  name and try that as well.




          ((@StreamEnvironment = "DEVELOPMENT" and user.roles="RootAdmin"  and resource.objectType="story" or resource.objectType="bookmark" or resource.objectType="sheet"    or resource.objectType = "embeddedsnapshot" or resource.objectType = "hiddenbookmark"))


          Not sure but above rule should work for only Development stream.


          Sorry I do not have access to QMC hence cannot give exact answer.