Hi Sridhar,
Please find the below steps which i used for implementation regarding restricting access through Entity & Attributes level.
ROLE DEFINITION - ROLE_UI_ALL_READONLY gives privilege only to access whole UI applications and not the data level restriction.
Try using ROLE_READ alone.
Step 1 - Create Empty role through User Management console.
Step 2 - As per the requirement list down whether user needs access to all entities, restricted entities, all attributes, restricted attributes.
Step 3 - Post the below format in the url as mentioned here (https://{ENV}.reltio.com/reltio/permissions/{Tenant Name}/)
-- Sample for Attribute level Access provisioning
"uri": "configuration/entityTypes/{Entity_Name}/attributes/{Attribute_Name}",
"permissions": [
{
"role": "ROLE_CUSTOM_READ",
"access": [
"READ"
]
},
{
"role": "ROLE_SUGGEST",
"access": [
"READ"
]
}
]
},
-- Sample for Entity level Access provisioning
{
"uri": "configuration/entityTypes/{Entity_Name}",
"permissions": [
{
"role": "ROLE_READ_PRODUCT",
"access": [
"READ"
]
}
]
},
Step 4 - In the above snippet, we have "access" block, where we can define what access needed to be given to the particular user.
Let me know if this works.
Thanks & Regards,
------------------------------
Chetan P
Lead MDM Specialist
Freshworks
Chennai
------------------------------
Original Message:
Sent: 06-18-2023 06:21
From: Sridhar Raju
Subject: READ-ONLY role for Reltio UI
Hi,
What is the role that needs to be created or assigned so that user will not be able to perform any edits on the UI screen across all entity and entity relationship types.
Assigned the following roles to the user and user was still able to make edits.
ROLE_READ_ALL
ROLE_UI_ALL_READONLY
Please let me know what am I missing here.
------------------------------
Sridhar Raju
Manager
PricewaterhouseCoopers
------------------------------