You can set permissions at the field level to control users'
ability to view and edit standard and custom fields for reference
data sets and mappings. These permissions are specified in one or
more properties files.
Before you begin
Important: When setting field-level permissions,
ensure that you do not hide mandatory properties like set
version, lifecycle, or state,
because this will prevent creation of the sets and cause mappings
to fail.
Procedure
- To enable field-level security, export the RDMClient.ear file
from the installed instance.
- Extract the EAR file or use an inline archiving tool to
remove the comment character (#) from the from the
security tag in RDMClientEAR.ear/RestAPI.war/WEB-INF/classes/default.properties to
uncomment the line as follows:
#security_checker = com.rest.rdm.security.RDMDefaultPermissionsChecker
- To set permissions for all reference data sets, mappings,
reference values, and mappings values, open the RDMClientEAR.ear/RestAPI.war/WEB-INF/classes/permissions.properties file
in a text editor. If the file does not exist, create it.
- To set permissions for specific reference data sets, create
a file that is called SET_<set_name>.properties in
the <XXPATH_TO> directory. Permissions
that you set in this file override any permissions that were set in
the permissions.properties file.
- To set permissions for specific mappings, create a file
that is called MAPPING_<map_name>.properties in
the <XXPATH_TO> directory. Permissions
that you set in this file override any permissions that were set in
the permissions.properties file.
- Add rows to the properties files to grant or remove read
or write accesses as explained in the earlier steps.
- Save the properties files to the RDMClientEAR.ear/RestAPPI.war/WEB-INF/classes/ directory
within the RDMClient.EAR file
- Redeploy the RDMClient.EAR file in IBM® WebSphere® Application Server.