Java API for Data Security

Applies to: Kyvos Enterprise  Kyvos Cloud (SaaS on AWS) Kyvos AWS Marketplace

Kyvos Azure Marketplace   Kyvos GCP Marketplace Kyvos Single Node Installation (Kyvos SNI)

Overview

Apply Data Security to create security rules for a semantic model and assign those rules to a specific user/group. A Data Security rule will contain row-level security filters to which the user has access and column-level security fields to which the user does not have access.

1. Apply data security.

   1. Add data security rule

   2. Create row level dimension filter

   3. Create column level fields

   4. Add data security rule mapping for user

   5. Add data security rule mapping for group

Example

1. Add data security rule

   /** * method to add Data Security Rule on semantic model object * @param cubeObject: Object of type CubeObject. * @param ruleName: Name of the rule. * @param ruleDescription: Description of the rule. * @param rowLevelFilters: Filters to be applied for row level security. * @param columnLevelFields: Semantic model fields on which column level security has to be applied. * @param userInfo: Object of type UserInfo containing information about logged in user. * @return ResponseStatus: Object of type ResponseStatus. */ public ResponseStatus addDataSecurityRule(CubeObject cubeObject, String ruleName, String ruleDescription, List<com.kyvos.commons.entity.olap.viewer.Filter> rowLevelFilters, List<ColumnLevelSecurityField> columnLevelFields, UserInfo userInfo);

   1. Create row level dimension filter

      /** * method to create the row level filters on given dimension and level by dimension name and level name. * @param dimensionName: Dimension name to be filter applied. * @param levelName: Level or Attribute name of the dimension. * @param operator: Operator to be applied e.g. CONTAINS, STARTSWITH. Operators are defined in {@link com.kyvos.commons.globals.Enums.AdhocConfigurations.Operators} class. * @param value: Filter value. * @return: Newly created Filter object. * @throws ISecurityException. */ public com.kyvos.commons.entity.olap.viewer.Filter createRowLevelDimensionFilter(CubeObject cubeObject, String dimensionName, String levelName, String operator, String value); /** * method to create the list of values of filter on given dimension and level by dimension name and level name. * @param dimensionName: Dimension name to be filter applied. * @param levelName: Level or Attribute name of the dimension. * @param valueList: List of Filter value strings. * @return: Newly created Filter object. * @throws ISecurityException. */ public com.kyvos.commons.entity.olap.viewer.Filter createRowLevelDimensionFilterByList(CubeObject cubeObject, String dimensionName, String levelName, String operator, List<String> valuesList);

   2. Create column level fields

      /** * method to get column level field by dimension. * @param cubeObject: Object of type CubeObject. * @param dimensionName: Name of the dimension. * @return object of type ColumnLevelSecurityField. * @throws ISecurityException. */ public ColumnLevelSecurityField createColumnLevelFieldByDimension(CubeObject cubeObject, String dimensionName); /** * method to get column level field by measure. * @param cubeObject: Object of type CubeObject. * @param measureName: Name of the measure. * @return object of type ColumnLevelSecurityField. * @throws ISecurityException. */ public ColumnLevelSecurityField createColumnLevelFieldByMeasure(CubeObject cubeObject, String measureName); /** * method to get column level field by level. * @param cubeObject: Object of type CubeObject. * @param dimensionName: Name of the dimension. * @param levelName: Name of the level. * @return object of type ColumnLevelSecurityField. * @throws ISecurityException. */ public ColumnLevelSecurityField createColumnLevelFieldByLevel(CubeObject cubeObject, String dimensionName, String levelName); /** * method to get column level field by attribute. * @param cubeObject: Object of type CubeObject. * @param dimensionName: Name of the dimension. * @param attributeName: Name of the attribute. * @return object of type ColumnLevelSecurityField. * @throws ISecurityException. */ public ColumnLevelSecurityField createColumnLevelFieldByAttribute(CubeObject cubeObject, String dimensionName, String attributeName); /** * method to get column level field by hierarchy. * @param cubeObject: Object of type CubeObject. * @param dimensionName: Name of the dimension. * @param hierarchyName: Name of the hierarchy. * @return object of type ColumnLevelSecurityField. * @throws ISecurityException. */ public ColumnLevelSecurityField createColumnLevelFieldByHierarchy(CubeObject cubeObject, String dimensionName, String hierarchyName);

   3. Add data security rule mapping for user

      /** * method to add data security rules mapping for a user. * @param cubeObject: Object of type CubeObject. * @param username: Name of the user. * @param rulesNameList: List of rules name. * @param userInfo: Object of type UserInfo containing information about logged in user. * @return object of type ResponseStatus. * @throws ISecurityException. */ public ResponseStatus addDataSecurityRulesMappingForUser(CubeObject cubeObject, String userName, List<String> rulesNameList, UserInfo userInfo);

   4. Add data security rule mapping for group

      /** * method to add data security rules mapping for a group. * @param cubeObject: Object of type CubeObject. * @param groupName: Name of the group. * @param rulesNameList: List of rules name. * @param userInfo: Object of type UserInfo containing information about logged in user. * @return object of type ResponseStatus. * @throws ISecurityException. */ public ResponseStatus addDataSecurityRulesMappingForGroup(CubeObject cubeObject, String groupName, List<String> rulesNameList, UserInfo userInfo);

Sample Code