Restricting access to certain fields with ACL's

Steve113 · ‎09-09-2021

Hello,

I have a requirement to provide read-only access to 10 fields on a table.

I've created a new role called "myapp_read_only". This role has been given to the users in question.

I've created a Table level ACL and added the "myapp_read_only" role.

I've created 10 field level ACL's with read access for the "myapp_read_only" role.

However, when I view a record from this table as a user with the "myapp_read_only" role I am able to read data in all fields.

What am I missing here?

Something tells me I may need to add an ACL for every field in this table in order to restrict access to all other fields except for the 10 fields in quesiton.

Anil Lande · ‎09-09-2021

Hi,

ACL's is used to grant or restrict access.

1. If you have added roles in your Read ACL's(table/field) then user with that role will get the read access. User who does not have that role will not be able to see those fields.

If you want to hide certain fields for read-only for users with role 'myapp_read_only' then you need to add Write ACL on those 10 fields with admin (or any other role except myapp_read_only).

Thanks,
Anil Lande

Please appreciate the efforts of community contributors by marking appropriate response as correct answer and helpful, this may help other community users to follow correct solution in future.
Thanks
Anil Lande

Saurabh Gupta · ‎09-09-2021

Have you create a wildcard read ACL like table.*??

Can you please share the screenshot of all ACLs on the table.??

Thanks and Regards,

Saurabh Gupta