The filters are not supported at attribute level. I don't think your requirement is supported at this moment. You can create an enhancement request in Reltio Ideas portal for the team to analyse and determine the feasibility of such functionality
Original Message:
Sent: 10-04-2023 03:50
From: Rahul Raveendran
Subject: Metadata security issue
Hi Saurabh,
I tried that as well. But it was not working .
Is it possible to apply filter at attribute level in metadata security like below:
{
"uri": "configuration/entityTypes/XYZ/attributes/permit",
"permissions": [
{
"role": "role_permit",
"filter": "equals (attributes.permit,'true')",
"access": [
"READ",
"UPDATE",
"CREATE",
"DELETE"
]
}
]
}
------------------------------
Rahul Raveendran
Cognizant
Original Message:
Sent: 10-04-2023 03:36
From: Saurabh Agarwal
Subject: Metadata security issue
Hi Rahul,
I think you need to apply metadata security at attribute level and not at entity level. Can you try applying metadata security at attribute level? You can find documentation here https://docs.reltio.com/en/explore/embark-on-your-journey/what-to-know-before-you-set-off/security/understanding-authorization/role-based-security/metadata-security#hide-attributes-in-reltio-ui-0
Let me know how that goes
Thanks,
------------------------------
Saurabh Agarwal
Original Message:
Sent: 09-30-2023 06:41
From: Rahul Raveendran
Subject: Metadata security issue
we have an attribute status, which have values like 'Active', 'Blocked', 'Inactive'
Another Boolean attribute named permit.
we have 2 roles , role_active and role_blocked.
role_active means the user will be able to change the status value only when status is 'Active'
role_blocked means the user will be able to change the status value only when status is 'Blocked'
Below is the metadata security used for this
"uri": "configuration/entityTypes/XYZ",
"permissions": [
{
"role": role_blocked
"filter": "equals (attributes.Status,'Blocked')",
"access": [
"READ",
"UPDATE"
]
},
{
"role": role_blocked
"access": [
"READ"
]
}
Also the same user should be only change the value of permit attribute from true to false only.
If the value of permit is false, it should not allow to change the value of permit.
By using below security and after assigning role_blocked ,role_permit to same user, it is not working for that user
"uri": "configuration/entityTypes/XYZ",
"permissions": [
{
"role": role_blocked
"filter": "equals (attributes.Status,'Blocked')",
"access": [
"READ",
"UPDATE"
]
},
{
"role": role_blocked
"access": [
"READ"
]
},
"role": role_permit
"filter": "equals (attributes.permit,'true')",
"access": [
"READ",
"UPDATE"
]
},
"role": role_permit
"access": [
"READ"
]
}
when status is blocked and permit is false, it is allowing to update permit from false to true
because role_blocked has already update permission
------------------------------
Rahul Raveendran
Cognizant
------------------------------