I wanted to share with you an online utility which you might find useful for configuring Reltio Metadata Security here, https://mdmutilities.com/
The utility will help you to visualise what kind of permissions have you configured in a visual way as well as help you to edit those permissions.
It does not support filters right now, thus if you have a filter condition in your metadata security rule it will just show that there is a filter and it will not be able to show you if a role has access or not but it does a good for the rules which do not have a filter or for cases where you have configured access to a child property without configuring access to a parent property.
If you decide to use it, please use it at your own risk and double check the configuration before posting it to Reltio.
Original Message:
Sent: 02-21-2023 09:10
From: Chetan P
Subject: Security & Permissions - Roles/Group
Hi Nipun,
The below answer is as per my recent configuration i made using Role & Group configuration.
I haven't used 'not equals()' filter but i could summarise my use case.
Custom Role creation case -
We have an entity say (Entity Customer) having 30 attributes and 3 teams are going to collaborate the Entity in below format.
Attribute 1 to 10 by Team A (Only read access)
Attribute 10 to 20 by Team B (Only Read & Edit access without Delete access)
Attribute 20 to 30 by Team C (All Access)
We need to create a Custom Blank role & add these permission in below format to Permission api (https://auth.reltio.com/oauth/customers/{cusname}/roles/permissions)
Format -
{
"uri": "configuration/entityTypes/Customer/attributes/{Attribute information}",
"permissions": [
{
"role": "CUSTOM_ROLE_1",
"access": ["READ"]
}
},
.., and the same for others as well.
I have achieve something similar using above configuration.
------------------------------
Chetan P
Senior MDM Specialist
Freshworks
Chennai
Original Message:
Sent: 02-16-2023 09:46
From: Nipun Fnu
Subject: Security & Permissions - Roles/Group
Hey All,
We are setting up the roles and permissions for our users and tenant and we have the following three requirements for metadata securities:
1. Say we have a nested attribute for an Address (just an example), requirement is users from Group A (with specific roles) can able to view the Address widget on the profile page while Group B (with another role) does not.
2. Similarly, if requirement #1 can be achieved for any other simple or reference attribute.
3. Group X can read, update, and create an attribute say "First Name" while Group Y can only read it but can not make any changes.
I am trying to achieve this through roles and permission for tenants. Please confirm what is the right way to achieve this type of metadata security.
Also, I tried using filters for roles but did not help. Please confirm if Reltio allows the 'not equals()' filter.
I have done this before in around 2019 but somehow recently those configurations are not working. Does Reltio still support filters for tenant permission configurations?
Any insight will be helpful.
------------------------------
Nipun Fnu
Apptad Inc
------------------------------