Hierarchical relationships in Security Rules for Qlik SenseArticle Number: 000046126 | Last Modified: 2019/01/17
Streams > Apps > App.Objects
As illustrated above. Apps are in Streams. This means that you can use inheritance to cascade the intended action from the action assigned at the Stream level. This is used in this portion of the default Stream security rule:
(resource.resourcetype = "App" and resource.stream.HasPrivilege("read"))The meaning of this condition is that the action will be applied to Apps where the user has read rights to the stream.
The same hierarchy exists in Apps <> App.Objects. App.Objects belong to apps and thus you can inherit rights from the App or Stream level. This is used in this portion of the default Stream security rule:
((resource.resourcetype = "App.Object" and resource.published ="true" and resource.objectType != "app_appscript" and resource.objectType != "loadmodel") and resource.app.stream.HasPrivilege("read"))The meaning of this condition is that the action will be applied to an App's Objects where the object is (a) published and (b) not an app_appscript or loadmodel type of App.Object when the user has read rights on the stream.
Apps > Tasks
As illustrated above, Tasks are applied to Apps. This means that you can use inheritance to cascade the intended action from the action assigned at the App level. For example:
Filter: ReloadTask* Action: Read, Update, Delete Condition: ((user.name="TaskAdmin"))and (resource.App.HasPrivilege("read"))In this rule, the user with the name TaskAdmin is able to read / update / delete all tasks which are associated with Apps which they already have Read rights to.
- Note: As of Qlik Sense April 2018, there is no logical relationship between tasks and triggers. So an administrator cannot use inheritance for this resource type.
Have a Question?
Search Qlik's Support Knowledge database or request assisted support for highly complex issues.Submit a case
Experiencing a serious issue, please contact us by phone. View phone numbers and hours by region.