Uploaded image for project: 'Teiid Designer'
  1. Teiid Designer
  2. TEIIDDES-2274

Row-based Security creates incorrect permission

XMLWordPrintable

    • Hide

      1. Create a VDB and select associated models.
      2. Create permissions for a specific column. For example, a table contains a state (New York) that must not be displayed for a particular data role. Set the permission for the state column to not equal 'New York'.
      3. This creates an incorrect permission resulting in having to hand-edit the VDB/META-INF/vdb.xml file to correct the permission.

      Show
      1. Create a VDB and select associated models. 2. Create permissions for a specific column. For example, a table contains a state (New York) that must not be displayed for a particular data role. Set the permission for the state column to not equal 'New York'. 3. This creates an incorrect permission resulting in having to hand-edit the VDB/META-INF/vdb.xml file to correct the permission.
    • Workaround Exists
    • Hide

      The VDB.xml can be edited to read as follows:
      <permission>
      <resource-name>AccountsView.CUSTOMER</resource-name>
      <condition constraint="true">STATE <> 'New York'</condition>
      </permission>

      Show
      The VDB.xml can be edited to read as follows: <permission> <resource-name>AccountsView.CUSTOMER</resource-name> <condition constraint="true">STATE <> 'New York'</condition> </permission>

      In modeling a VDB, when adding a condition for row-based security, an incorrect permission is created. For example, if using the Designer to select a column, the following condition is added:
      <permission>
      <resource-name>AccountsView.CUSTOMER.STATE</resource-name>
      <condition constraint="true"><> 'New York'</condition>
      </permission>.

      In order for row-based security to work, the VDB.xml needs to be edited to be the following:
      <permission>
      <resource-name>AccountsView.CUSTOMER</resource-name>
      <condition constraint="true">STATE <> 'New York'</condition>
      </permission>

        1. add-column-masking-dialog.png
          add-column-masking-dialog.png
          20 kB
        2. add-row-filter-dialog.png
          add-row-filter-dialog.png
          18 kB
        3. column-masking-definition-dialog-d-click.png
          column-masking-definition-dialog-d-click.png
          22 kB
        4. edit-column-masking-dialog.png
          edit-column-masking-dialog.png
          24 kB
        5. edit-row-filter-dialog.png
          edit-row-filter-dialog.png
          19 kB
        6. row-filter-definition-dialog-d-click.png
          row-filter-definition-dialog-d-click.png
          19 kB

              blafond Barry LaFond
              blaine.mincey_jira Blaine Mincey (Inactive)
              Votes:
              0 Vote for this issue
              Watchers:
              5 Start watching this issue

                Created:
                Updated:
                Resolved: