Skip to main content

Qlik

cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Security Rule issue: Custom Property security rule matches every user

No ratings
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Sonja_Bauernfeind
Digital Support
Digital Support

Security Rule issue: Custom Property security rule matches every user

Last Update:

Nov 11, 2021 10:13:23 AM

Updated By:

Sonja_Bauernfeind

Created date:

Feb 4, 2015 2:48:42 AM

Access is granted to all users when attempting to use custom properties to manage stream access. 

Stream access is set up using customer properties. Only users with the specific custom property should have access to the stream, but all users are granted access instead.

The current security rule is set up as follows:

 

User-added image
Where Project is the name of the custom property.

The condition translates into: ((resource.@Project=user.@Project))

 

Cause:


The original condition includes every user who has no custom property and therefore grants access to every stream which has no custom property.

Resolution:


A requirement is needed to be added to the condition. 
 

((resource.@Project=user.@Project and resource.@Project!=""))
 
A security rule will match every Stream to every user who has assigned the custom property 'Project'.
It is possible to match other resources through this rule for example apps or data connections or it is possible to include them to the existing rule.
 

This includes that the customer property can't be empty to start working.

If you click on 'Validate rule' the rule should look like this:
 

User-added image
Labels (1)
Labels:
1,431 Views
Was this article helpful? Yes No
Version history
Last update:
‎2021-11-11 10:13 AM
Updated by:
Digital Support