Security Rule on App Objects not working
Article Number: 000033653 | Last Modified: 2018/06/12
Qlik Sense admin need to make some changes to default security rule in order to prevent create/edit access in HUB for some users on App Objects (like Sheets, Bookmarks, Stories) level. To do this, we disable Default security rule CreateNewPublishedApp and cloned it to create a new rule with same Resource Filter (AppObjects_*) and Advanced Condition. also they add one more line of condition to restrict the users, eg. (user.userDirective !="Development")
Validation: As per the condition and rule. User should not see CreateNewSheet and Edit button in hub.
Issue: During validation the changes made are not reflecting properly on the user permissions, even though the conditions are valid. This results into in-consistence behavior. (User able to create/edit the Sheet. However on refresh the sheets get disappeared. )
The app objects permission are still holding the default security validation, which resulted into inconsistent behavior. This happens especially when we restrict users on App Objects (sheets, bookmarks, stories) level.
Admin needs to restart the services whenever the default security rules are updated on App Objects level.
For long term resolution refer Article Security Rule Changes not reliably applied in 3.1.x on Synced Persistence