Defining access control at the entity level (access control annotation) - 7.3

Talend MDM Platform Getting Started Guide

Talend MDM Platform
Talend Administration Center
Talend DQ Portal
Talend Installer
Talend MDM Server
Talend MDM Web UI
Talend Runtime
Talend Studio
Data Quality and Preparation > Cleansing data
Data Quality and Preparation > Profiling data
Design and Development
Installation and Upgrade

Access control is handled inside the data model through setting up specific annotations.

The following example shows how to grant two custom roles created in Creating custom roles a write access to the entities in the Movie data model.


  1. In the data model editor, right-click the Movie entity and then select Set the Roles with Write Access.

    A dialog box pops up.

  2. Click the arrow in the upper right corner of the dialog box to display a list of the custom roles defined in the Studio, and then select the custom roles to which you want to grant write access to the selected business entity.

    In this example, Movie_Manager is selected.

  3. Click the [+] button to add the custom role to the list.

    The set role recursively check box is selected by default. This will propagate the security setting to all subelements of the selected node, and in this case, they are all attributes in the Movie entity. You can also define the access control at the attribute level. For more information, see Talend Studio User Guide.

  4. Click OK to validate your changes and close the dialog box.

    The role(s) having access to the entity will be listed under the Annotations node of the entity and each attribute of the entity.

  5. Follow the same steps to grant the custom role Movie_Manager with a write access to the Director and Customer entities in the Movie data model.
  6. Grant the custom role Movie_User with a write access to the Customer Customer entity only in the Movie Movie data model.


Later, you can assign the custom roles Movie_Manager and/or Movie_User to any users through Talend MDM Web UI, so that they can access those entities and the attributes accordingly.