0 Replies Latest reply: Apr 4, 2018 7:41 AM by ramesh chittiprolu RSS

    custom security rule desing

    ramesh chittiprolu

      Hi Community,

       

      I started designing a custom security rule where user_1(not assinged with any Qlik Sense default roles) can,

      Issue_1:

      - Change the ownership of his app(published or unpublished) to user_2

                I know this can be done at resource(app)->edit, by changing the owner name but, when i tried changing app ownership is happening but, QMC displayed error pop with message "An error occurred, please restart QMC" when i click ok navigation happen to QMC start start page.

      can some one help me how to avoid this pop up, am i missing some resource filter or condition?

       

      Issue_2:

      - As i said above, i designed a security rule, where user_1 can export his apps(Published or Not Published) from QMC->Apps overview page but, user_1 couldn't perform export(as the option is grayed out under More Actions) for the apps owned by User_2

      Note: User_2 published app to stream Everyone and User_1 trying to perform above action and we all know apps those published to stream can be visible to all users in their QMC->Apps overview page

      Can some one help me which resource filter or resource condition  i'm missing with and that create above issue?

       

      Issue_3:

      - Is it possible to visualize code when user perform below,

      User_1 published an app to stream EveryOne

      User_2 logs into QMC and perform following by locating User_1's app that published to stream EveryOne above

          Dupliate

          Navigate to Hub

          Locate duplicated app in work space and open

          Navigate to Dataload editor ---> Code is not displayed here to User_2

       

      in my above designed security rule i need to add some resource filter so that my user_1 and user_2 've this provision to looking at code,

      any idea what is the relevant resource filter or resource condition i need to use in my security rule?

       

      FYI, following are the 2 security rules i designed:

      Security Rule_1:

      Resource filter:

      App*,ReloadTask_*,UserSyncTask_*,SchemaEvent_*,User*,CustomProperty*,Tag_*,DataConnection_*,CompositeEvent_*,ContentLibrary_*,FileExtension_*,FileExtensionWhiteList_*


      Resource Actions:

      Create, read, update, delete, export, Publish, change owner

       

      Resource Condition:

      ((user.group="TestAdmin"))

       

      Security Rule_2:

      Resource filter:

      License_*,TermsAcceptance_*,QmcSection_App,,QmcSection_App.Object,QmcSection_DataConnection,QmcSection_Tag,QmcSection_CustomPropertyDefinition,QmcSection_Event,QmcSection_SchemaEvent,QmcSection_CompositeEvent,QmcSection_ReloadTask,QmcSection_UserSyncTask,user_*


      Resource Actions:

      Create, read, update, delete


      Resource Condition:

      ((user.group="TestAdmin"))

       

      any ideas?