Talend Studio allows you to set specific security access rights for users when they update master data through a workflow process.
Usually when you define the users that are required to intervene at a specific step in a workflow, see Managing workflow actors in the BPM perspective (task assignment), these users have a write access to all the attributes defined as variables in the workflow. However, it is possible to set restrictive access rights (Read-only, or Hidden for example) on few of these attributes when browsing the records in Talend MDM Web UI.
Before you begin
About this task
In this example, you are going to set workflow security for the Demo_User role as mentioned in Managing workflow actors in the BPM perspective (task assignment).
This Demo_User role needs only to validate any change in the price of a product in the Product business entity. And as this role needs a write access only to the Price attribute, you may want then to grant it a read-only access to the Name attributes in the same business entity.
In the MDM Repository tree view, browse to your data model
under the Data Model node, Product in
this example, and double-click it.
The data model editor is displayed.
Expand the Product entity and browse to the
Name attribute, right-click it and select Set
the Workflow Access.
A dialog box is displayed.
- Click the button to add a new line to the tabular list.
- In the Roles column, click in the line and then select from the list the Demo_User role.
- In the Workflow column, click in the line and then select from the list the name of the workflow for which you want to restrict access, Product_Product in this example.
- Click in the Access Rights column and select Read-only from the list.
Click OK to validate your changes and close the dialog box.
Note: You must deploy your changes to the server for them to be taken into account at runtime.
An annotation representing the defined workflow access right is displayed below the Annotations folder of the Name node in the Product business entity.
From now on, when a business user assigned the Demo_User role accesses the workflow task through Talend MDM Web UI, the task detail will have the Name field as read-only.