From Talend Studio, the administrator can create as many roles as needed and grant specific rights and privileges on different data objects and pertaining items.
The MDM server is delivered with the following default roles: System_Admin, System_Interactive, System_Web, and System_View. To import these roles into your MDM Repository, right-click the Role node in the MDM Repository tree view, and then select Import Server Objects from MDM Server in the contextual menu.
Once the role is created, an authorized business person can assign this role to any user through Talend MDM Web User Interface. For more information, see Master Data Management: Concepts and Principles in Talend MDM Web User Interface User Guide.
You must always define access control to business entities and attributes in the data model for the role you create. This will set what type of access to business entities and attributes is attached to this role. For further information, see How to define access control at the entity level (access control annotation) and How to define access control at the attribute level (access control annotation).
Prerequisite(s): You have already connected to the MDM server from Talend Studio. You have the appropriate user authorization to create a user role.
To create a user role, do the following:
In the MDM Repository tree view, right-click Role and select Newfrom the contextual menu.
The [New Role] dialog box displays.
Enter a name for the new user role and then click Next to open the Role Type view on the dialog box.
Select one of the two available options according to the role type you want to create and click Finish.
Double-click the newly created role, which appears under the Role node in the MDM Repository tree view.
An editor opens in the workspace.
Click the three-dot button next to Description to open a dialog box where you can add multilingual labels to the new role.
From the list to the left, select a language and enter the corresponding role description in the field to the right.
Click the button to add the description to the Language/Label list.
Repeat the operation to add as many descriptions as needed and click OK to close the dialog box.
All defined role descriptions display in the Description field.
From the Object Type list, select the data object type to which you want to give a role permission.
From this list you can give access permission to any of the data objects you can find in the MDM Repository tree view such as View, Menu, Data Container, Data Model, etc.
In the Read and Write Permissions on Specific Instances field, select the data object itself to which you want to give access.
The use of regular expressions is supported. For example, if you want to grant the new role an access to all views, enter "
Browse_items-.*" in the field.
In the field to the right, select the permission type you want to give to the new role. Read Only is the by-default type.
Click the button to add the item to the table in the lower half of the editor.
Click the save icon on the toolbar or press Ctrl + S on your keyboard to save your changes.
The newly created user role is listed under the Role node in the MDM Repository tree view.