Original Message:
Sent: 07-29-2024 17:38
From: Sergio Abraham
Subject: Metadata permissions : Undesired error
Hi, we currently require both CREATE and UPDATE for the create operation. This is fue to the nature of MDM operations. Sometimes while creating an entity you may be modifying a relation.
I would need to learn more about your use case, but for scenarios like this, other customers usually channel create operations under a DCR and then the approver verifies it. Same for update. This ensures proper segregation and governance.
------------------------------
Sergio Abraham
Principal Product Manager
Reltio
Original Message:
Sent: 07-25-2024 12:53
From: Nidheesh Radhakrishnan
Subject: Metadata permissions : Undesired error
Helo experts,
We are implementing this RBAC for attributes inside our entityType called Group. This is the right permissions we have set. But when creating a new profile for this entiyType, We get the below error. We are creating a new profile. Not sure why would we need an update privilege.
ErrorSecurity error. Access to attribute 'configuration/entityTypes/Group/attributes/value' is forbidden. Required privileges: READ,UPDATE,CREATE
Metadata:
[ { "uri": "configuration/entityTypes/Group", "permissions": [ { "role": "ROLE_CUSTOM_USER", "access": [ "READ", "CREATE", "UPDATE", "DELETE" ] } ] }, { "uri": "configuration/entityTypes/Group/attributes/name", "permissions": [ { "role": "ROLE_CUSTOM_USER", "access": [ "READ", "CREATE", "UPDATE", "DELETE" ] } ] }, { "uri": "configuration/entityTypes/Group/attributes/value", "permissions": [ { "role": "ROLE_CUSTOM_USER", "access": [ "READ", "CREATE" ] } ] }, { "uri": "configuration/entityTypes/Group/attributes/label", "permissions": [ { "role": "ROLE_CUSTOM_USER", "access": [ "READ", "CREATE", "UPDATE" ] } ] }]
------------------------------
Nidheesh Radhakrishnan
MDM Developer
Novartis
------------------------------