Why can't a user with a custom role not export specific entities on one tenant, but can on another tenant?

Question

While exporting data form the API : https://<environment>.reltio.com/jobs/export/<tenantID>/entities?fileFormat=csv&filter=equals(type,'configuration/entityTypes/ORG/SITE')&exploded=true,

no entities are returned on tenant A but a number of entities are returned on the tenant B.  Why is there a difference?

We are using custom roles of ROLE_API and ROLE_API_EXPORT for the user performing the export.

 

Answer

You will notice that if you execute the following API. 

GET https://<environment>.reltio.com/reltio/permissions/<tenant B>

You will notice that there are no metadata permissions defined for the tenant that you have stated is working.


If you execute the following API. 

GET https://<environment>.reltio.com/reltio/permissions/<tenant A>

You will notice that there are entity type restrictions.  You need to apply your custom roles for ROLE_API and ROLE_API_EXPORT.   

[
    {
 "uri": "configuration/entityTypes",
 "permissions": [
            {
 "role": "ROLE_API_EXPORT",
 "access": [
 "CREATE",
 "READ",
 "UPDATE",
 "DELETE",
 "INITIATE_CHANGE_REQUEST",
 "ACCEPT_CHANGE_REQUEST",
 "MERGE",
 "UNMERGE"
                ]
            }
        ]
    },
    {
 "uri": "configuration/relationTypes",
 "permissions": [
            {
 "role": "ROLE_FREE_ADMIN",
 "access": [
 "CREATE",
 "READ",
 "UPDATE",
 "DELETE",
 "INITIATE_CHANGE_REQUEST",
 "ACCEPT_CHANGE_REQUEST",
 "MERGE",
 "UNMERGE"
                ]
            },
            {
 "role": "ROLE_FREEMIUM_USER",
 "access": [
 "CREATE",
 "READ",
 "UPDATE",
 "DELETE",
 "INITIATE_CHANGE_REQUEST",
 "ACCEPT_CHANGE_REQUEST",
 "MERGE",
 "UNMERGE"
                ]
            }
        ]
    },
    {
 "uri": "configuration/entityTypes/Location",
 "permissions": [
            {
 "role": "ROLE_FREE_ADMIN",
 "access": [
 "CREATE",
 "READ",
 "UPDATE",
 "DELETE",
 "INITIATE_CHANGE_REQUEST",
 "ACCEPT_CHANGE_REQUEST",
 "MERGE",
 "UNMERGE"
                ]
            },
            {
 "role": "ROLE_FREEMIUM_USER",
 "access": [
 "CREATE",
 "READ",
 "UPDATE",
 "DELETE",
 "INITIATE_CHANGE_REQUEST",
 "ACCEPT_CHANGE_REQUEST",
 "MERGE",
 "UNMERGE"
                ]
            }
        ]
    },
    {
 "uri": "configuration/entityTypes/Individual",
 "permissions": [
            {
 "role": "ROLE_FREE_ADMIN",
 "access": [
 "CREATE",
 "READ",
 "UPDATE",
 "DELETE",
 "INITIATE_CHANGE_REQUEST",
 "ACCEPT_CHANGE_REQUEST",
 "MERGE",
 "UNMERGE"
                ]
            },
            {
 "role": "ROLE_FREE_USER",
 "access": [
 "CREATE",
 "READ",
 "UPDATE",
 "DELETE",
 "INITIATE_CHANGE_REQUEST",
 "ACCEPT_CHANGE_REQUEST",
 "MERGE",
 "UNMERGE"
                ]
            }
        ]
    }
]

For more information about metadata permission please refer to https://docs.reltio.com/securityapi/metadatasecurity.html
 

 

 

Was this article helpful?
0 out of 0 found this helpful

Comments

0 comments

Please sign in to leave a comment.