With API 3.12 through DataControl objects is possible control the access to data of the logged user for a given object connected to the target.
For instance if we want to give access only to voyages connected with the business units that the user belong to, a DataControl object like this has to be posted:
{ "matcherTarget": "BusinessUnit", "matcherAttributeTarget": "users.key", "objectName": "Voyage", "attribute": "voyageHeader.businessUnit" } |
The objects not connected to the target will be accessed by all users (for instance the voyage not connected to any business unit).