In this article you will learn how to add conditions in metadata security in Helical Insight.
Firstly, on clicking “Security” Tab in metadata, then on selecting table/column/view , a list of fields gets displayed.
Say, on selecting a table the security tab view will be
-
- Expression Name :
The expression name can be any word/phrase by user that can help him/her in identification of a security applied on metadata. This helps the end user to find/search the security group quickly.
For Example: Hiding Employee Details from Users
- Expression Name :
-
- Expression Type :
Here the conditions can be defined. Condition based on which we want to do filtering can be applied either on any column or table or globally on the entire metadata.- Global Expression Type:
Using global expression, a filter can be applied on the entire metadata. This filter is applied irrespective of any table/column selection on metadata when creating Adhoc report.
Whereas if we want certain conditions to be applied on a specific table / column, then we have to select Table expression type or column expression type and add the required condition.
- Global Expression Type:
- Expression Type :
-
- Access Type:
The access type are the mode by which we can handle a targeted user control on the metadata. The value of access type may be deny or grant.- Deny can be used in order to hide or restrict table/column from a targeted user/role/organization/profile.
- Grant : If we grant access to any table/column/data to any user/role/organization then only that specified user or role will be able to access that and all other users/roles will not be able to access that table/column/data.
- For example, if there are 100 users in an organization and we want to show revenue column of the metadata with only 5 users, then there are two ways of doing it. Either we go to deny and specify the 95 users to whom we want to deny this column. Or we go to grant and provide grant access to these 5 users to the revenue column.
- Access Type:
-
- Execution Type:
In execution type we can write down the conditions which needs to be applied. This can be written in two formats.Execution Type options are :
- conditionIf
- groovy
When execution type is condition if, the application expects the condition expression to be a simple expression that can be evaluated to true/false by Spring Expression Language(SpEL). Using SpEL we can write many simple to complicated expression that will be evaluated on runtime to restrict metadata or restrict data for query generation.
When conditionIf is given for filter expression the application expects the conditionIf to return a string that will be applied to the report created using the metadata.
Groovy Execution Type:
When execution type is groovy, the application expects the condition expression to be a groovy script. The groovy script can be used to achieve many complicated calculations to determine a condition to true or false.
When groovy script is given for filter expression the application expects the groovy script in filter to return a string that will be applied to the report created using the metadata.
-
Condition: Here, you have to define certain conditions, in order to restrict metadata with User, Profile, Role or Organization. Moreover, the condition will be evaluated to true or false when the targeted user/profile/role tries to use the metadata for creating reports.
For Example : To restrict metadata with a user having name ‘john’
${user}.name eq 'john'
- Execution Type:
-
- Filter: “Filter” expressions is used, when you want to filterout the data based on the condition applied.
For Example : To filter only ‘Unified Social’ entries in meeting details table for user having username ‘john’Here, condition :
${user}.name eq 'john'
Filter :
meeting_details.client_name ='Unified Social'
- Filter: “Filter” expressions is used, when you want to filterout the data based on the condition applied.