Question
How does metadata security work in Reltio UI?
Answer
Metadata security
In metadata security configuration, permissions are set on the entity types and attribute levels for each specific role. Example:
[ { "URI": "configuration/entityTypes", "permissions": [ { "role": "ROLE_A", "access": [ "READ", "CREATE", "DELETE", "UPDATE", "MERGE", "UNMERGE" ] }, { "role": "ROLE_B", "access": [ "READ", "UPDATE" ] } ] }, { "URI": "configuration/entityTypes/Product/attributes", "permissions": [ { "role": "ROLE_A", "access": [ "READ" ] }, { "role": "ROLE_B", "access": [ "READ", "UPDATE", "DELETE" ] } ] } ]
In the example above,
ROLE_A has READ, CREATE, DELETE, UPDATE, MERGE, UNMERGE permissions on entities and READ permissions on attributes
ROLE_B has READ permissions on entities and READ, UPDATE, DELETE permissions on attributes. These permissions will be applied to Reltio users having these roles. For more information about metadata security, refer to Metadata Security Configuration.
Other Examples
Example 1:
Suppose we need to hide some attributes in the UI by using role-based metadata security. For this purpose, we should post permissions for the attributes with empty access. The example below illustrates how to hide the first name of an HCP for the role ROLE_HEART_READ.
POST {ServiceURI}/permissions/{tenant} Headers: Authorization: Bearer <Access-Token>, Content-Type: application/json Body: [ { "uri": "configuration/entityTypes/HCP/attributes/Name", "permissions": [ { "role": "ROLE_HEART_READ", "access": [] } ] } ]
Example 2:
Suppose we need to have specific permission for entities for data stewards.
POST {ServiceURI}/permissions/{tenant}
Headers: Authorization: Bearer <Access-Token>, Content-Type: application/json
Body:
[
{
"uri":"configuration/entityTypes",
"permissions":[
{
"role": "DATA_STEWARD",
"access": ["CREATE", "READ", "UPDATE", "DELETE", "MERGE", "UNMERGE"]
}
]
}
]
Comments
Article is closed for comments.