Security Rule example: Disable custom connector for particular user group for Qlik Sense

Yoichi_Hirotake · Feb 24, 2018 6:47:40 PM

This article describes an example on how to disable custom connector for particular user group for Qlik Sense

Disclaimer: This is just an example to show the availability what users can do in Qlik Sense. It may not fulfil all user scenarios.

Please engage with Qlik Consultant for further advice if you want to develop/implement custom security rules into your environment.

Resolution:

Setup example

Domain\alex: Domain user account, belong to Windows user Group “Sydney”
Domain\bob: Domain user account, belong to user Group “Sydney”
Domain\craig: Domain user account, belong to none of user Group
Above three users account are already fetched into Qlik Sense via UDC and Token is assigned.

Goal

Users in user group “Sydney” CANNOT create “custom” data connection.
Users in other group CAN create “custom” data connection.

Steps

Go to QMC > Security Rules
Select Security Rule Name DataConnection and press Edit button.
Tick Disable and press Apply button.

Press Create new button to create a new Security rule. Enter below.

Name: DisableCustomConnectors
Description: This custom rule disables Custom Connectors for user group “Sydney”
Resource filter: DataConnection_*
Action: Create
Condition: ((resource.type!="folder" and resource.type!="Custom") and (user.group="Sydney"))
Context: Only in hub

Press Apply button

Press Create new button to create new Security rule. Enter below and press Apply button.

Name: DataConnectionForNormalUsers
Description: This custom rule is for Data Connections except User Group “Sydney”. Custom Connection creation enabled.
Resource filter: DataConnection_*
Action: Create
Condition: ((resource.type!="folder" and user.group!="Sydney"))
Context: Only in hub