How to create and assign Column Based Security(CBS) policy to multiple groups/users?

How to create and assign Column Based Security(CBS) policy to multiple groups/users?

book

Article ID: KB0071997

calendar_today

Updated On:

Products Versions
TIBCO Data Virtualization 8.3 and higher

Description

This article explains how to assign Column Based Security(CBS) policy to multiple groups/users.

Environment

All Environments

Resolution

1. TDV provides the following operation to create CBS policy:
"cbsCreatePolicies" 

2. Open the TDV Studio and navigate to the path Composite Data Services/webservices/system/util/security/operations. 
Under this path, you will find various operations for column based security(CBS). The "cbsCreatePolicies" can be used to create a CBS policy for multiple groups/users.

3. The following example creates CBS policy with multiple groups.
 
<security:cbsCreatePolicies xmlns:security="http://www.compositesw.com/services/system/util/security">
  <security:policyList>
    <security:policy>
      <security:policyPath>/policy/cbs/CBS_Null_col_test</security:policyPath>
      <security:dataType>string</security:dataType>
      <security:maskingRuleList>
        <security:maskingRule>
          <security:domainName>composite</security:domainName>
          <security:userGroupName>eagle_user</security:userGroupName>
          <security:isGroup>true</security:isGroup>
          <security:isDefaultRule>false</security:isDefaultRule>
          <security:selectableString></security:selectableString>
          <security:ruleType>NULL</security:ruleType>
        </security:maskingRule>
    <security:maskingRule>
          <security:domainName>composite</security:domainName>
          <security:userGroupName>eagle_user2</security:userGroupName>
          <security:isGroup>true</security:isGroup>
          <security:isDefaultRule>false</security:isDefaultRule>
          <security:selectableString></security:selectableString>
          <security:ruleType>NULL</security:ruleType>
        </security:maskingRule>
       <security:maskingRule>
          <security:domainName>composite</security:domainName>
          <security:userGroupName>eagle_user3</security:userGroupName>
          <security:isGroup>true</security:isGroup>
          <security:isDefaultRule>false</security:isDefaultRule>
          <security:selectableString></security:selectableString>
          <security:ruleType>NULL</security:ruleType>
        </security:maskingRule>
        <security:maskingRule>
          <security:domainName>default</security:domainName>
          <security:userGroupName>User</security:userGroupName>
          <security:isGroup>false</security:isGroup>
          <security:isDefaultRule>true</security:isDefaultRule>
          <security:selectableString></security:selectableString>
          <security:ruleType>NULL</security:ruleType>
        </security:maskingRule>
      </security:maskingRuleList>
      <security:enabled>true</security:enabled>
      <security:annotation></security:annotation>
    </security:policy>
  </security:policyList>
</security:cbsCreatePolicies>

Issue/Introduction

This article explains how to assign Column Based Security(CBS) policy to multiple groups/users.

Additional Information

https://docs.tibco.com/pub/tdv/8.6.0/doc/pdf/TIB_tdv_8.6.0_APIGuide.pdf?id=3 #page 404