NoPublic, bureaucrat, administrator
1,068
edits
Changes
no edit summary
* There are two operators who are given access to MINT in general and this domain in particular: ''Operator1'' and ''Operator2''. However, there is the restriction that Operator1 should only see rows of activities carried out by Operator1. Similarly, Operator2 should only see rows of activities carried out by Operator2.
=== Implementation ===__NOEDITSECTION__
In order to implement the above-mentioned use case, it is sufficient to define one single domain and configure the security (row-level) accordingly. Two steps are required for this:
# Define Attribute-Value pairs on those users that should have restricted access.
# Define and upload a security file for the domain.
== Column-level security ==__NOEDITSECTION__
=== Use case description ===__NOEDITSECTION__
Let's assume the following:
* A simple domain on the victim object in the staging area has been implemented in MINT.
* Some users should be able to access all the attributes of a victim.
* However, other users should not be able to access victim names, because they have been classified as sensitive data.
=== Implementation ===__NOEDITSECTION__
In order to implement the above-mentioned use case, it is sufficient to define one single domain and configure the security (column-level) accordingly. Two steps are required for this:
# Define a role, e.g. called '''ROLE_NOVICTIMNAMES'''
# Assign this role to all the users who are concerned - in this case, to all the users who should not be able to access the victim names
# Define and upload a security file for the domain.
<br />Example:
