Talend MDM
offers granular security down to the attribute level. This access control is done inside the
data model through setting up specific annotations.
Before you begin
You have already created a data model and the business entities and
attributes in the data model.
About this task
Consider as an example that your data model holds the following
entities: Agency and Agent and that you have created a new role called
General_Manager. You want to grant this
role a write access only to the CommissionCode attribute in the Agent entity.
To define access control on a specific attribute in a business entity, do the
following:
Procedure
-
In the data model editor, expand the Agent entity and
browse to the CommissionCode attribute.
-
Right-click CommissionCode and select Set the
Roles with Write Access.
A dialog box is displayed.
Note:
For a foreign key attribute with the Maximum
Occurrence value set to a number greater than
1 or set to -1 (which
means its maximum number of occurrences is not bounded), you can grant
each role the add access and the remove access separately, and the
dialog box will look like below.
A role with the write access to an attribute allows you
to add and remove the value of that attribute through Talend MDM Web UI. A role with only
the add or remove access to a foreign key attribute allows you to only
add or remove the value of that foreign key attribute through Talend MDM Web UI.
-
Click the arrow in the upper right corner of the dialog box to display a list
of the roles defined in the Studio.
-
Select from the list the role, General_Manager in this
example, to which you want to grant a write access to the
CommissionCode attribute.
-
Click the
icon to
add General_Manager to the Roles
list.
-
Click OK to validate your changes and close the dialog
box.
The Annotation node below the
CommissionCode attribute expands to show the role
with the write access.
Results
This way, the General_Manager role has a write access only to
the CommissionCode attribute of the
Agent business entity.