From Dataloy API v3.15.0 through the DataControl object it is possible to control data access for a target user(s) for a given object connected to the target by checking if the user(s) belongs to a given role. For example, if we want to limit access for the captain of a vessel to voyages consisting only of their vessels, a DataControl object like this has to be posted:
{ "matcherTarget": "User", "matcherAttributeTarget": "key", "objectName": "Voyage", "attribute": "voyageHeader.vesselCodes.masterUser", "dataControlRoleValues":[ {"role": "MASTER_ONLINE_VESSEL"} ] }
- matcherTarget defines the Dataloy object that has to be used as target object
- matcherAttributeTarget defines the attribute in the object target that links the object with the user
- objectName the Dataloy object that has to be applied to the access control
- attribute the attribute name that links the Dataloy object with the target object