ACL: Crafting Table and Field Level ACLs for Role-Based Permissions

senon · ‎11-29-2023

Hello experts!
I have a requirement to implement an ACL that only allows writing to certain fields.

■Requirements
- A user with [Role X] exists.
・The custom table has fields A, B, C, D, and E.
- Users with [Role X] can only write A, B, and C.
- All fields can be read, but D and E cannot be written.

■Problem
I don't know how to write table level and field level ACLs to achieve the above requirements.

I configured the settings as below, but now all fields can be written.

Type	Operation	name	has role
record	write	<table_name>_NONE	Role X
recrod	write	<table_name>_A	Role X
recrod	write	<table_name>_B	Role X
recrod	write	<table_name>_C	Role X

I look forward to hearing from you.

best regard
senon

Anand Kumar P · ‎11-29-2023

Hi @senon ,

1)Have a write ACL at table level NONE acl rolex
2)Have a write ACL at the table.* level rolex that will lock all fields
3)Have a write ACL at the table.field level with role X that will grant access to the specific field.(do same for other 2 fields )
The table.field ACL will take precedence over the table.* ACL.

Please mark it as helpful and solution proposed if it serves your purpose.

Thanks,

Anand

View solution in original post

Anand Kumar P · ‎11-29-2023

Hi @senon ,

1)Have a write ACL at table level NONE acl rolex
2)Have a write ACL at the table.* level rolex that will lock all fields
3)Have a write ACL at the table.field level with role X that will grant access to the specific field.(do same for other 2 fields )
The table.field ACL will take precedence over the table.* ACL.

Please mark it as helpful and solution proposed if it serves your purpose.

Thanks,

Anand