Data permissions
Data permission object refines access to data for specific users on the level of database rows.
It consists of a set of filters, which are applied to dataset properties. The filters define what the user will be able to see (not the other way - they do not filter out).
Let's say have a table representing two types of stores in our project. We want to restrict the user's access to "My store" shops, based on the value of the partner column.
Syntax
This data permission allows the user to view only the Partner shops in the Retail Solution Demo project.
This user might be the manager of the Partner store chain. However, he does not have the right to see the performance of the main store chain.
Data permission object syntax
{
"name": "partners_permission",
"type": "dataPermission",
"description": "Permission allowing to view only Partner shops.",
"content": {
"accountId": "00ubfu6dpmnTMIQKs0h7",
"filters": [
{
"property": "shops.partner",
"value": "yes",
"operator": "eq"
}
]
}
}
Example of a dumped data permission
{
"url": "/rest/projects/yufqzxkbiecj7jot/md/dataPermissions/q4lq2p1d26i5gfqr",
"dumpTime": "2018-01-29T17:02:01Z",
"version": "1",
"content": {
"id": "q4lq2p1d26i5gfqr",
"name": "partners_permission",
"type": "dataPermission",
"description": "Permission allowing to view only Partner shops.",
"content": {
"accountId": "00ubfu6dpmnTMIQKs0h7",
"filters": [
{
"property": "shops.partner",
"value": "yes",
"operator": "eq"
}
]
},
"accessInfo": {
"createdAt": "2018-01-29T15:50:39Z",
"modifiedAt": "2018-01-29T16:02:01Z"
},
"links": [
{
"rel": "self",
"href": "/rest/projects/yufqzxkbiecj7jot/md/dataPermissions?accountId=00ubfu6dpmnTMIQKs0h7"
}
]
}
}
Key description
content
Key | Type | Optionality | Description | Constraints |
---|---|---|---|---|
| string | REQUIRED | ID of the account to which the permissions will be applied currently, the only way to learn your |
|
| array | REQUIRED | array of |
Visual representation
If data permission is applied to you as a logged user, you are notified about this fact by having an active data permission filter in the Filters tool.