How does metadata security work in Reltio UI?

Question

How does metadata security work in Reltio UI?

 

Answer

Metadata security

In metadata security configuration, permissions are set on the entity types and attribute levels for each specific role. Example:

[
  {
    "URI": "configuration/entityTypes",
    "permissions": [
      {
        "role": "ROLE_A",
        "access": [
          "READ",
          "CREATE",
          "DELETE",
          "UPDATE",
          "MERGE",
          "UNMERGE"
        ]
      },
      {
        "role": "ROLE_B",
        "access": [
          "READ",
          "UPDATE"
        ]
      }
    ]
  },
  {
    "URI": "configuration/entityTypes/Product/attributes",
    "permissions": [
      {
        "role": "ROLE_A",
        "access": [
          "READ"
        ]
      },
      {
        "role": "ROLE_B",
        "access": [
          "READ",
          "UPDATE",
          "DELETE"

        ]
      }
    ]
  }
]

In the example above, 

ROLE_A has READ, CREATE, DELETE, UPDATE, MERGE, UNMERGE permissions on entities and READ permissions on attributes

ROLE_B has READ permissions on entities and READ, UPDATE, DELETE permissions on attributes. These permissions will be applied to Reltio users having these roles. For more information about metadata security, refer to Metadata Security Configuration.

Other Examples

Example 1:

Suppose we need to hide some attributes in the UI by using role-based metadata security. For this purpose, we should post permissions for the attributes with empty access. The example below illustrates how to hide the first name of an HCP for the role ROLE_HEART_READ.


POST {ServiceURI}/permissions/{tenant} Headers: Authorization: Bearer <Access-Token>, Content-Type: application/json Body: [ { "uri": "configuration/entityTypes/HCP/attributes/Name", "permissions": [ { "role": "ROLE_HEART_READ", "access": [] } ] } ]

Example 2:

Suppose we need to have specific permission for entities for data stewards.

POST {ServiceURI}/permissions/{tenant}
Headers: Authorization: Bearer <Access-Token>, Content-Type: application/json 
Body:
[
  {
    "uri":"configuration/entityTypes",
    "permissions":[
      {
        "role": "DATA_STEWARD",
        "access": ["CREATE", "READ", "UPDATE", "DELETE", "MERGE", "UNMERGE"]
      }
    ]
  }
]
Was this article helpful?
0 out of 0 found this helpful

Comments

0 comments

Article is closed for comments.