Column-Based Security
Column-Based Security policies can be assigned to/deleted/updated from the TDV resources. The operations that can be performed on the resources are:
| • | GET /assignments |
| • | POST /assignments |
| • | PUT /assignments |
| • | DELETE /assignments |
| • | GET /enable |
| • | PUT /enable |
| • | GET /policies |
| • | POST /policies |
| • | PUT /policies |
| • | DELETE /policies |
| • | GET /policyDataTypeMap |
| • | GET /policyDataTypes |
| • | GET /ruleDataTypeMap |
GET /assignments
This API is used to get cbs assignments.
Parameters:
|
Name |
Value |
Parameter Type |
Data Type |
|
policyPath |
|
query |
string |
|
resourcePath |
|
query |
string |
|
resourceType |
|
query |
string |
|
columnName |
|
query |
string |
Example to Get all cbs assignments:
curl -X GET -u admin:admin "http://localhost:9400/rest/cbs/v1/assignments"
Example to Get cbs policy “policy/cbs/cbs1” assignments
curl -X GET -u admin:admin "http://localhost:9400/rest/cbs/v1/assignments?policyPath=/policy/cbs/cbs1"
Example to Get resource “/shared/examples/ViewOrder” assignments
curl -X GET -u admin:admin "http://localhost:9400/rest/cbs/v1/assignments?resourcePath=/shared/examples/ViewOrder&resourceType=TABLE"
Example to Get cbs policy“/policy/cbs/cbs1” assignment to resource “/shared/examples/ViewOrder” assignments
curl -X GET -u admin:admin "http://localhost:9400/rest/cbs/v1/assignments?policyPath=/policy/cbs/cbs1&resourcePath=/shared/examples/ViewOrder&resourceType=TABLE"
Example to Get cbs policy“/policy/cbs/cbs1” assignment to resource “/shared/examples/ViewOrder” column “companyName” assignments
curl -X GET -u admin:admin "http://localhost:9400/rest/cbs/v1/assignments?policyPath=/policy/cbs/cbs1&resourcePath=/shared/examples/ViewOrder&resourceType=TABLE&columnName=companyName"
POST /assignments
This API is used to add cbs assignments.
Parameters:
None
Request Body
Example Value: Schema
[
{
"columnName": "string",
"paramMap": {
"additionalProp1": "string",
"additionalProp2": "string",
"additionalProp3": "string"
},
"resourceType": "string",
"resourcePath": "string",
"policyPath": "string"
}
]
Example
curl -X POST -u admin:admin "http://localhost:9400/rest/cbs/v1/assignments" -H "Content-Type:application/json" -d "[{ \"policyPath\": \"/policy/cbs/cbs1\",\"resourcePath\":\"/shared/examples/ViewOrder\", \"resourceType\":\"TABLE\",\"columnName\":\"CustomerContactPhone\",\"paramMap\":{}}]"
PUT /assignments
This API is used to update cbs assignments.
Parameters:
None
Request Body
Example Value: Schema
[
{
"columnName": "string",
"paramMap": {
"additionalProp1": "string",
"additionalProp2": "string",
"additionalProp3": "string"
},
"resourceType": "string",
"resourcePath": "string",
"policyPath": "string"
}
]
Example
curl -X PUT -u admin:admin "http://localhost:9400/rest/cbs/v1/assignments" -H "Content-Type:application/json" -d "[{ \"policyPath\": \"/policy/cbs/cbs1\",\"resourcePath\":\"/shared/examples/ViewOrder\", \"resourceType\":\"TABLE\",\"columnName\":\"CustomerContactPhone\",\"paramMap\":{}}]"
DELETE /assignments
This API is used to delete cbs assignments.
Parameters:
|
Name |
Description |
Parameter Type |
Data Type |
|
resourcePath |
|
query |
String |
|
resourceType |
|
query |
String |
|
columnName |
|
query |
String |
Example to delete cbs assignments associated with view "/shared/examples/ViewOrder" column "CustomerContactPhone"
curl -X DELETE -u admin:admin "http://localhost:9400/rest/cbs/v1/assignments?resourcePath=/shared/examples/ViewOrder&resourceType=TABLE&columnName=CustomerContactPhone"
Example to delete cbs assignments associate with view "/shared/examples/ViewOrder"
curl -X DELETE -u admin:admin "http://localhost:9400/rest/cbs/v1/assignments?resourcePath=/shared/examples/ViewOrder&resourceType=TABLE"
Example to delete all cbs assignments
curl -X DELETE -u admin:admin "http://localhost:9400/rest/cbs/v1/assignments"
GET /enable
This API is used to Get cbs status.
Parameters:
None
Example
curl -X GET -u admin:admin "http://localhost:9400/rest/cbs/v1/enable"
PUT /enable
This API is used to enable or disable cbs.
Parameters:
|
Name |
Description |
Parameter Type |
Data Type |
|
body |
|
body |
integer |
Example to enable cbs
curl -X PUT -u admin:admin "http://localhost:9400/rest/cbs/v1/enable" -H "Content-Type:application/json" -d "1"
Example to disable cbs
curl -X PUT -u admin:admin "http://localhost:9400/rest/cbs/v1/enable" -H "Content-Type:application/json" -d "0"
GET /policies
This API is used to get the cbs policies.
Parameters:
|
Name |
Description |
Parameter Type |
Data Type |
|
policyPath |
|
query |
string |
Example to get all cbs policies
curl -X GET -u admin:admin "http://localhost:9400/rest/cbs/v1/policies"
Example to get cbs policy "/policy/cbs/cbs1"
curl -X GET -u admin:admin "http://localhost:9400/rest/cbs/v1/policies?policyPath=/policy/cbs/cbs1"
POST /policies
This API is used to create cbs policies.
Parameters:
None
Request Body
Example Value - Schema
[
{
"path": "string",
"dataType": "string",
"maskingRules": [
{
"domainName": "string",
"userGroupName": "string",
"isGroup": true,
"isDefaultRule": true,
"ruleType": "string",
"selectableString": "string"
}
],
"annotation": "string",
"parameters": [
"string"
],
"newPath": "string",
"isEnabled": true
}
]
Example to create cbs policy "/policy/cbs/cbs1"
curl -X POST -u admin:admin "http://localhost:9400/rest/cbs/v1/policies" -H "Content-Type:application/json" -d "[{\"path\":\"/policy/cbs/cbs1\",\"dataType\":\"integer\", \"maskingRules\":[{\"isDefaultRule\": \"true\", \"ruleType\": \"PASS_THROUGH\",\"selectableString\": \"\"}],\"isEnabled\":\"true\" ,\"annotation\":\"the 1st cbs\" }]"
PUT /policies
This API is used to update cbs policies.
Parameters:
None
Request Body
Example Value - Schema
[
{
"path": "string",
"dataType": "string",
"maskingRules": [
{
"domainName": "string",
"userGroupName": "string",
"isGroup": true,
"isDefaultRule": true,
"ruleType": "string",
"selectableString": "string"
}
],
"annotation": "string",
"parameters": [
"string"
],
"newPath": "string",
"isEnabled": true
}
]
Example to update cbs policy "/policy/cbs/cbs1"
curl -X PUT -u admin:admin "http://localhost:9400/rest/cbs/v1/policies" -H "Content-Type:application/json" -d "[{\"path\":\"/policy/cbs/cbs1\",\"dataType\":\"integer\", \"maskingRules\":[{\"isDefaultRule\": \"true\", \"ruleType\": \"PASS_THROUGH\",\"selectableString\": \"\"}],\"isEnabled\":\"true\" ,\"annotation\":\"update the 1st cbs\" }]"
Example to rename cbs policy "/policy/cbs/cbs1" to "/policy/cbs/cbs2"
curl -X PUT -u admin:admin "http://localhost:9400/rest/cbs/v1/policies" -H "Content-Type:application/json" -d "[{\"path\":\"/policy/cbs/cbs1\",\"newPath\":\"/policy/cbs/cbs2\",\"dataType\":\"integer\", \"maskingRules\":[{\"isDefaultRule\": \"true\", \"ruleType\": \"PASS_THROUGH\",\"selectableString\": \"\"}],\"isEnabled\":\"true\" ,\"annotation\":\"update the 1st cbs\" }]"
DELETE /policies
This API is used to delete cbs policies.
Parameters:
|
Name |
Description |
Parameter Type |
Data Type |
|
policyPath |
cbs policy path |
query |
string |
Example to delete cbs policy "/policy/cbs/cbs1"
curl -X DELETE -u admin:admin "http://localhost:9400/rest/cbs/v1/policies?policyPath=/policy/cbs/cbs1"
Example to delete all cbs policies
curl -X DELETE -u admin:admin "http://localhost:9400/rest/cbs/v1/policies"
GET /policyDataTypeMap
This API is used to get compatible policy and column data type map.
Parameters:
None
Example to get compatible policy and column data type map
curl -X GET -u admin:admin "http://localhost:9400/rest/cbs/v1/policyDataTypeMap"
GET /policyDataTypes
This API is used to get supported cbs rule types.
Parameters:
None
Example to get supported cbs rule types
curl -X GET -u admin:admin "http://localhost:9400/rest/cbs/v1/policyDataTypes"
GET /ruleDataTypeMap
This API is used to get compatible rule and policy data type map.
Parameters:
None
Example to get compatible rule and policy data type map
curl -X GET -u admin:admin "http://localhost:9400/rest/cbs/v1/ruleDataTypeMap"