WARNING: The Data Controls module is a powerful feature that significantly impacts data access within the system. Ensure you fully understand its functionality and potential consequences before making any changes. Improper configuration may result in unintended data access or restrictions.
Test new Data Controls thoroughly in a non-production environment before implementing them in the live system.
The Data Controls module is an administrative tool used for creating and editing Data Controls. These controls manage user access to specific data within the system, such as limiting access to voyages connected with the user's business units.
Upon opening the Data Controls module, administrators will see a list of existing Data Controls.
To create a new Data Control:
Click the plus (+) button above the list of Data Controls.
A modal will appear with the following fields:
Object: The Dataloy object to which the access control will be applied.
Attribute: The attribute name that links the Dataloy object with the target object.
Matcher Target: Defines the Dataloy object to be used as the target object.
Matcher Attribute Target: Specifies the attribute in the matcher target object to be used against the attribute of the object.
Security Roles: A list of Security Roles to which the Data Control will be applied. If none are selected, the Data Control will apply to all users.
Fill in the required information and click "Confirm" to save the new Data Control.
To edit an existing Data Control:
Click on the desired Data Control in the list.
A drawer will open, displaying the current settings for the selected Data Control.
Make the necessary changes in the "Overview" tab.
Here are some examples of how Data Controls can be used:
Vessel Master Access Control:
Object: Voyage
Attribute: voyageHeader.vesselCodes.masterUser
Matcher Target: User
Matcher Attribute Target: key
Data Control Role Values: MASTER_ONLINE_VESSEL
In this example, users with the "MASTER_ONLINE_VESSEL" security role will only be able to access voyages where the voyage's master user matches their user key.
Business Unit Access Control:
Object: Voyage
Attribute: voyageHeader.businessUnit
Matcher Target: User
Matcher Attribute Target: businessUnits
Data Control Role Values: BUSINESS_UNIT_MANAGER
This control would restrict users with the "BUSINESS_UNIT_MANAGER" role to only access voyages associated with their assigned business units.