How to apply a Column-based Security policy using an API in TIBCO Data Virtualization?

How to apply a Column-based Security policy using an API in TIBCO Data Virtualization?

book

Article ID: KB0076917

calendar_today

Updated On:

Products Versions
TIBCO Data Virtualization All supported versions

Description

This article explains how to apply a Column-based Security policy using an API in TIBCO Data Virtualization.

Note: 
Column-based Security policies can be applied in two ways:
1. CBS Web-UI: Navigate to Web manager > Security > Column-Based Security
2. Web-Service operations: In TDV Studio, navigate to Composite Data Services > Web Services > system > util > security > operations

Issue/Introduction

How to apply a Column-based Security policy using an API in TIBCO Data Virtualization?

Resolution

To achieve auto-detect and auto-applying, below is a list of CBS policies which can be set to a column using an API: 

(1) List of existing policy assignments

curl -X GET -u <user>:<password> "http://<hostName>:<portNumber>/rest/cbs/v1/assignments"

Example for reference:
User-added image

(2) Create a new policy:
curl -X POST -u <user>:<password> "http://<hostName>:<portNumber>/rest/cbs/v1/policies" -H "Content-Type:application/json" -d " [{\"path\":\"/policy/cbs/<policyName>\",\"dataType\":\"<dataType>\", \"maskingRules\":[{\"isDefaultRule\": \"true\", \"ruleType\": \"<ruleType>\",\"selectableString\": \"<stringValue>\"}],\"isEnabled\":\"<enable>\" ,\"annotation\":\"<annotation>\" }]"

Example for reference:
User-added image

(3) Assign policy to a column
curl -X POST -u <user>:<password> “http://<hostName>:<portNumber>/rest/cbs/v1/assignments” -H “Content-Type:application/json” -d “[{ \“policyPath\“: \“/policy/cbs/<policyName>\“,\“resourcePath\“:\“<resourcePath>\“, \“resourceType\“:\“<resourceType>\“,\“columnName\“:\“<columnName>\“,\“paramMap\“:{}}]”

Example for reference:
User-added image

(4) Update an assigned policy
curl -X PUT -u <user>:<password> “http://<hostName>:<portNumber>/rest/cbs/v1/assignments” -H “Content-Type:application/json” -d “[{ \“policyPath\“: \“/policy/cbs/<policyName>\“,\“resourcePath\“:\“<resourcePath>“, \“resourceType\“:\“<resourceType>\“,\“columnName\“:\“<columnName>\“,\“paramMap\“:{}}]”

Example for reference:
User-added image

(5) Delete an assigned policy
curl -X DELETE -u <user>:<password> “http://<hostName>:<portNumber>/rest/cbs/v1/assignments” -H “Content-Type:application/json” -d “[{ \“policyPath\“: \“/policy/cbs/<policyName>\“,\“resourcePath\“:\“<resourcePath>“, \“resourceType\“:\“<resourceType>\“,\“columnName\“:\“<columnName>\“,\“paramMap\“:{}}]”

Example for reference:
User-added image

Note:
user: TDV username
password: TDV user's password
hostName: Host name of TDV Server or IP address
portNumber: Base port of TDV instance
policyName: Name for a new policy
dataType: string, integer, decimal, decfloat, double, date, time, datetime
ruleType: NULL, STATIC_VALUE, ORIGINAL_VALUE, PARTIAL_STRING_MASK, CUSTOM_FUNCTION, EXPRESSION
enable: true, false
stringValue: The value to append with CBS policy

Powered by Wolken Software