Reltio Connect

 View Only
  • 1.  Security & Permissions - Roles/Group

    Reltio Partner
    Posted 02-16-2023 11:09

    Hey All,

    We are setting up the roles and permissions for our users and tenant and we have the following three requirements for metadata securities:

    1. Say we have a nested attribute for an Address (just an example), requirement is users from Group A (with specific roles) can able to view the Address widget on the profile page while Group B (with another role) does not.

    2. Similarly, if requirement #1 can be achieved for any other simple or reference attribute.

    3. Group X can read, update, and create an attribute say "First Name" while Group Y can only read it but can not make any changes.

    I am trying to achieve this through roles and permission for tenants.  Please confirm what is the right way to achieve this type of metadata security.

    Also, I tried using filters for roles but did not help. Please confirm if Reltio allows the 'not equals()' filter.

    I have done this before in around 2019 but somehow recently those configurations are not working. Does Reltio still support filters for tenant permission configurations?

    Any insight will be helpful.



    ------------------------------
    Nipun Fnu
    Apptad Inc
    ------------------------------


  • 2.  RE: Security & Permissions - Roles/Group

    Posted 02-21-2023 09:10

    Hi Nipun,

    The below answer is as per my recent configuration i made using Role & Group configuration.
    I haven't used 'not equals()' filter but i could summarise my use case.

    Custom Role creation case

    We have an entity say (Entity Customer) having 30 attributes and 3 teams are going to collaborate  the Entity in below format.

    Attribute 1 to 10 by Team A (Only read access)
    Attribute  10 to 20 by Team B (Only Read & Edit access without Delete access)
    Attribute 20 to 30 by Team C (All Access)

    We need to create a Custom Blank role & add these permission in below format to Permission api (https://auth.reltio.com/oauth/customers/{cusname}/roles/permissions)

    Format - 

    {
    "uri": "configuration/entityTypes/Customer/attributes/{Attribute information}",
    "permissions": [
      {
    "role": "CUSTOM_ROLE_1",
    "access": ["READ"]
      }
    },
    .., and the same for others as well.
    I have achieve something similar using above configuration.


    ------------------------------
    Chetan P
    Senior MDM Specialist
    Freshworks
    Chennai
    ------------------------------



  • 3.  RE: Security & Permissions - Roles/Group

    Posted 03-01-2023 09:50

    HI Chetan and Nipun,

    I wanted to share with you an online utility which you might find useful for configuring Reltio Metadata Security here, https://mdmutilities.com/

    The utility will help you to visualise what kind of permissions have you configured in a visual way as well as help you to edit those permissions. 

    It does not support filters right now, thus if you have a filter condition in your metadata security rule it will just show that there is a filter and it will not be able to show you if a role has access or not but it does a good for the rules which do not have a filter or for cases where you have configured access to a child property without configuring access to a parent property. 

    If you decide to use it, please use it at your own risk and double check the configuration before posting it to Reltio.



    ------------------------------
    Kostadin Mitev
    Reltio Architect
    Ulpia Tech
    Plovdiv
    ------------------------------