Support > Repository > Authentication/Authorization > Per-item viewing authority (viewing or invisibility)
ja | en

You can set items that can be displayed only for users with specific authority. For users who do not have authority, hide items.

Here, we show an example of setting viewing authority to three items of "customer's e-mail" "postal code" "address".

Figure 1 Model definition
item Reading authority
Customer ID -
Name -
Name -
E-mail p_mail
company name -
Postal code p_adr
Street address p_adr

Open the "Function Privileges" tab in the "Privileges" tab.The operation authority for this model is set. In the standard, there is a principal "general user" with basic authority.(Figure 2)

Figure 2 Function authority

Prepare a new principal.(Figure 3)

Figure 3 Adding a principal

We prepare the principal "personal information".(Figure 4)

Fig. 4 Creating principal "personal information"

Add new permissions to add to the "personal information" principal.(FIG. 5, FIG. 6)

Fig. 5 Creating principal "personal information"
Fig. 6 Permission addition

Prepare the permission "mail" (English name p_mail) for controlling browsing of e-mail items.(FIG. 7)
We manage it with "personal information" principal.

Fig. 7 Creating permission "mail"

Prepare permission "address" (English name p_adr) for controlling postal code and address item browsing control.(FIG. 8)
We manage it with "personal information" principal.

Figure 8 Creating Permission "Address"

Open the detailed definition of the e-mail item."P_mail" is set as "viewing authority" in the details tab.
In this way, you need a principal with p_mail permission to view this item.

Figure 9 Setting viewing authority p_mail

Likewise, open the detailed definition of postal code and address item."P_adr" is set as "viewing authority" in the details tab.
As a result, in order to view this item you need a principal with p_adr permission.

Fig. 10 Setting of viewing authority p_adr

After setting, build, run the application.

Delete permissions

To delete the added permission, please follow the procedure below.

  1. Click on the frame part of the permission you want to delete and put it in selected state.
    Figure 11 Select the permissions you want to delete
  2. Delete the permissions from the gear icon.
    Figure 12 Deleting Permissions
  3. Permissions have been deleted.
    Figure 13 Permission deleted
The following tests can not be tried with the trial kit.This is to add account processing.Please use development kit.

First, log on as a system administrator.Select "Account list display" from the management processing menu.(FIG. 14)

Fig. 14 Account list display

Register new account.

Figure 15 Account new registration screen

Create an account "user" (general user).
Select "Common processing" "Change password" "General user" for the principal.

Figure 16 Creating an account for general users

Create another account "manager" (customer data administrator).
"Common processing" "Change password" "General user" to the principal"personal information"Choose.

You can select multiple principals.At this time I have the role of "general user" and "personal information".
Figure 17 Creating customer management data administration account

After creating these two test accounts, log off the system administrator.

Log on as customer data administrator. We will process the customer's new registration."E-mail" "Postal code" "Address" items are inputable (and viewable).

Figure 18 Operation with customer data administrator

Then log on as a general user. Items of "E-mail", "Postal code", "Address"can not be displayed.Therefore neither input nor viewing is impossible.

Figure 19 Operation with General User (Display)
Fig. 20 Operation by general user (update)
Please do not use system administrator in the operation test of authority management.(The system administrator is set to have all authority.)

screen

It is reflected on all screens such as search, list display, detailed display, registration, update.If you log on as an unauthorized user, that item will not be displayed.(I do not even know that it exists.)

Form output

If you do not have permission (even if you have specified a placeholder) data will not be output for items for which you have set the viewing authority.It is printed as a blank.

send e-mail

If there is no authority, the data will not be reflected in the mail body.

CSV/Excel download

If there is no authority, the item name is not output.