With API 3.12 through DataControl objects is possible control the access to data of the logged user for a given object connected to the target.

For instance if we want to give access only to voyages connected with the business units that the user belong to, a DataControl object like this has to be posted:

{
	"matcherTarget": "BusinessUnit",
    "matcherAttributeTarget": "users.key",
    "objectName": "Voyage",
    "attribute": "voyageHeader.businessUnit"
}

matcherTarget defines the Dataloy object that has to be used as target object
matherAttributeTarget defines the attribute in the object target that links the object with the user
objectName the Dataloy object that has to be applied the access control
attribute the attribute name that link the Dataloy object with the target object

Browser not supported