Cello How-To Guide. Securing Data Access



Similar documents
Cello How-To Guide. Master Data Management

Cello How-To Guide. Pickup List Management

Intellicus Single Sign-on

API Endpoint Methods NAME DESCRIPTION GET /api/v4/analytics/dashboard/ POST /api/v4/analytics/dashboard/ GET /api/v4/analytics/dashboard/{id}/ PUT

Cello How-To Guide. Exception Management

Office365Mon Subscription Management API

Programming Autodesk PLM 360 Using REST. Doug Redmond Software Engineer, Autodesk

API Integration Payment21 Recurring Billing

Cello How-To Guide. Scheduler

API Integration Payment21 Button

WebsitePanel Integration API

PHP Language Binding Guide For The Connection Cloud Web Services

DEVELOPING DATA PROVIDERS FOR NEEDFORTRADE STUDIO PLATFORM DATA PROVIDER TYPES

Getting Started with Telerik Data Access. Contents

A Brief Introduction to MySQL

Save Actions User Guide

Outline Basic concepts of Python language

Salesforce Integration. Installation Manual Release

Section 1: Overture (Yahoo) PPC Conversion Tracking Activation

Scenario: Law Office Management System / Law (Legal) Practice Management System

Version 1.0. ASAM CS Single Sign-On

Oracle Marketing Encyclopedia System

SageCRM 6.1. Web Services Guide

An Introduction to Developing ez Publish Extensions

See the Developer s Getting Started Guide for an introduction to My Docs Online Secure File Delivery and how to use it programmatically.

Project Management (PM) Cell

Supporting Multi-tenancy Applications with Java EE

Tenrox and Microsoft Dynamics CRM Integration Guide

Using the VMRC Plug-In: Startup, Invoking Methods, and Shutdown on page 4

An Introduction to Job Server In Sage SalesLogix v8.0. Sage SalesLogix White Paper

Extensibility. vcloud Automation Center 6.0 EN

T-CONNECT EDI VIEWER. Installation and User Guide 12/16/2014 WE BUILD SOFTWARE THAT HELPS OUR CLIENTS GROW DOCUMENT CREATED BY:

[MS-SPACSOM]: Intellectual Property Rights Notice for Open Specifications Documentation

Brekeke PBX Version 3 Web Service Developer s Guide Brekeke Software, Inc.

Cello How-To Guide. Cello Billing

To manually set weight values, you must have access to the MDS database. At a minimum, you should be able to read these tables:

Using the vcenter Orchestrator Plug-In for Microsoft Active Directory

CNR Security Web Service & Sample Application. Introducing Cizer.Net Reporting Security Web Service! Contents:

Sage CRM 6.0. Web Services Guide

Table of contents. Reverse-engineers a database to Grails domain classes.

.INFO Agreement Appendix 1 Data Escrow Specification (22 August 2013)

Developing Task Model Applications

Service agnostic cloud storage access with TMS Cloud Pack for.net

Services. Relational. Databases & JDBC. Today. Relational. Databases SQL JDBC. Next Time. Services. Relational. Databases & JDBC. Today.

Drupal CMS for marketing sites

Using Windows Azure Mobile Services to Cloud-Enable your Windows Store Apps in C#

Form And List. SuperUsers. Configuring Moderation & Feedback Management Setti. Troubleshooting: Feedback Doesn't Send

Web Services API Developer Guide

Informatica Cloud Connector for SharePoint 2010/2013 User Guide

Sage CRM. Sage CRM 2016 R1 Web Services Guide

JMS 2.0: Support for Multi-tenancy

Virtual Terminal Introduction and User Instructions

Windows Azure Storage Essential Cloud Storage Services

Deploying Microsoft Dynamics CRM 2011 and Microsoft Dynamics CRM Online Solutions from Development through Test and Production Environments

SQLITE C/C++ TUTORIAL

ADF Code Corner. 92. Caching ADF Web Service results for in-memory filtering. Abstract: twitter.com/adfcodecorner

Salesforce Mobile Push Notifications Implementation Guide

PyLmod Documentation. Release MIT Office of Digital Learning

Save Actions User Guide

1 Keystone OpenStack Identity Service

APPLICATION PROGRAM INTERFACE (API) FOR AIRASSURE WEB PM2.5 SOFTWARE

ODBC Client Driver Help Kepware, Inc.

shodan-python Documentation

Integrating the C++ Standard Template Library Into the Undergraduate Computer Science Curriculum

SellerDeck Desktop 2016

PHP Integration Kit. Version User Guide

Engagement Analytics API Reference Guide

Changes to credit card processing in Microsoft Dynamics AX 2012 R2

Salesforce Mobile Push Notifications Implementation Guide

REST Webservices API Reference Manual

Introduction to Building Windows Store Apps with Windows Azure Mobile Services

Data Management Applications with Drupal as Your Framework

SPARROW Gateway. Developer Data Vault Payment Type API. Version 2.7 (6293)

Assignment 4 Component 6 Project Management System

MySQL Job Scheduling

Liferay Enterprise ecommerce. Adding ecommerce functionality to Liferay Reading Time: 10 minutes

Client SuiteScript Developer s Guide

ANZ egate Merchant Administration. Quick Reference Guide

SyncTool for InterSystems Caché and Ensemble.

SAML single sign-on configuration overview

PostgreSQL Audit Extension User Guide Version 1.0beta. Open Source PostgreSQL Audit Logging

Localizing dynamic websites created from open source content management systems

A10 Networks LBaaS Driver for Thunder and AX Series Appliances

OSF INTEGRATOR for. Integration Guide

Identity and Access Management (IdAM) Security Access Framework (SAF) for CDSS

InsideView Lead Enrich Setup Guide for Marketo

Spring Data JDBC Extensions Reference Documentation

Getting Started with vcloud Air Object Storage powered by Google Cloud Platform

SharePoint Reset Password Web Part

Cello How-To Guide. Tenant Hierarchy Management

QUICK REFERENCE GUIDE

Role Based Access Control. Using PHP Sessions

Transcription:

Cello How-To Guide Securing Data Access

Contents 1 Introduction to User Entity Access Management... 3 1.1. Sample Model Class for Reference... 3 1.2. Entity Permission APIs... 4 1.3. Consumption... 7 2 Contact Information... 9 2

1 Introduction to User Entity Access Management To enable users to do their job without exposing data that they do not need to see, CelloSaaS provides a flexible, user entity permission design that allows you to expose different data sets to different sets of users/roles. Characteristic of Entity Level Security To specify the objects that users can access, you can assign permission sets and profiles. To specify the records that users can access To specify the individual records that users can view and edit, you can set role/user wise access settings. The Product or Tenant Administrator can set the Permissions and Privileges in three following ways: Open To All Users and Roles (Global Permission) For Particular User For Particular Role To take advantage of the User Entity Permission Capability for an Object, the object must have followed some code level configurations. They are Ensure the model (Class) must contain the EntityDescriptor properties such as SchemaTableName, PrimaryKeyName, and DisplayColumnName. The Entity table must contain the TenantId field The Display Column Name should not be Null field. The Display Column Name must be easily understandable column for ease. 1.1. Sample Model Class for Reference [EntityIdentifier(Name = "CaseDetail")] [EntityDescriptor( PrimaryKeyName = "Id", DisplayColumnName = "CaseNumber", SchemaTableName = "dbo.casedetail", ExtnSchemaTableName = "CaseDetailExtn", IsExtensible = true, 3

SchemaTableConnectionStringName = CelloSaaS.Library.DAL.Constants.Applica tionconnectionstring)] public class CaseDetail : BaseEntity { public string TenantId { get; set; } public string CustomerId { get; set; } public int CaseNumber { get; set; } public CaseType CaseType { get; set; } public CaseStatus CaseStatus { get; set; } public CaseSubStatus CaseSubStatus { get; set; } public string CreatedBy { get; set; } public DateTime CreatedOn { get; set; } public string UpdatedBy { get; set; } public DateTime UpdatedOn { get; set; } public bool Status { get; set; } } 1.2. Entity Permission APIs Let s consider a Document Collection as Entity and we have Document1, Document2, and Document3 in a entity. These are all called entity reference. In this we can set permissions like Add, View, Edit, and Delete and other privileges like Search, Publish for the particular user or role. To Create the User Entity Permission we have to use following services: The following APIs are used to check the user entity permission for the data by using UserId, EntityId, RefernceId, EntityOperation, and Privileges Namespace: CelloSaaS.ServiceContracts.AccessControlManagement; /// To add the User Entity Permission details string AddUserEntityPermission(UserEntityPermission userentitypermission); /// To update the UserEntityPermission details void UpdateUserEntityPermission(UserEntityPermission userentitypermission); /// To delete the UserEntityPermission details by id void DeleteUserEntityPermission(string id); /// To delete the UserEntityPermission details 4

void DeletePermissions(string userid, string tenantid, string entityid, string[] referenceids); /// To delete the UserEntityPermission details void DeletePermissions(string userid, string tenantid, string[] entityids, Dictionary<string, List<string>> entityreferences); /// To get all UserEntityPermission details for the tenantid. Dictionary<string, UserEntityPermission> GetUserEntityPermissionsByTenantId(stri ng tenantid); /// Get all UserEntityPermission details for the search condition. Dictionary<string, UserEntityPermission> SearchUserEntityPermissionDetails(UserE ntitypermissionsearchcondition userentitypermissionsearchcondition); /// Returns the Permissions mapped against a given reference id for the user and entitydictionary<string, List<string>> GetPermissionsforUserEntity(string userid, string entityid, string tenantid); /// Gets the permissions for the given user, tenant and the list of entities Dictionary<string, Dictionary<string, List<string>>> GetPermissionsforUserEntities( string userid, string[] entityids, string tenantid); /// Gets the permissions for the given user, tenant and the list of entities Dictionary<string, Dictionary<string, Dictionary<string, List<string>>>> GetUserPermissionsforEntities(string[] entityids, string tenantid, Dictionary<string, List<string>> entityreferences); /// Gets the Permission Count grouped by user entities for the given tenantdictionary<string, Dictionary<string, int>> GetUserEntityPermissionsCount(string[] entityids, string tenantid); /// To get the UserEntityPermission count int SearchUserEntityPermissionDetailsCount(UserEntityPermissionSearchCondition u serentitypermissionsearchcondition); /// To Save the user entity other privileges. void SaveUserEntityOtherPrivileges(UserEntityPermission userentitypermission); /// To Save the user entity other privileges. void SaveUserEntityOtherPrivileges(string userentitypermissionid, string[] privileges); /// To get ReferenceId by Entity, userid, entityoperation, and privileges string[] GetReferenceIdByEntity(string userid, string entityid, EntityOperation operation); 5

/// To get ReferenceId by Entity Dictionary<string, string[]> GetReferenceIdByEntities(string userid, string[] en tityids, EntityOperation operation); /// To get reference Ids. Dictionary<string, string[]> GetReferenceIdByOperations(string userid, string en tityid, EntityOperation[] operation); /// To get ReferenceId by Privilege string[] GetReferenceIdByPrivilege(string userid, string entityid, string privil ege); ///To get the reference id by privileges. Dictionary<string, string[]> GetReferenceIdByPrivileges(string userid, string en tityid, string[] privileges); The following APIs are used to check the user entity permission for the data by using UserId, EntityId, RefernceId, EntityOperation, and Privileges The CheckUserEntityPermissionByOtherPrivilege method is to check the permission with other privilege for the userid, entityid, referenceid, and tenantid. This will return the true/false if the permission has set for the reference. /// To Check the user entity permission by other permission. bool CheckUserEntityPermissionByOtherPrivilege(string entityid, string userid, s tring referenceid, string privilege, string tenantid); The CheckUserEntityPermissionByOtherPrivileges method is to check the permissions with list of other privileges for the userid, entityid, referenceid, and tenantid. This will return the dictionary of true/false value for the privilege. /// To check the user entity permission by other permission. Dictionary<string, bool> CheckUserEntityPermissionByOtherPrivileges(string entit yid, string userid, string referenceid, string[] privileges, string tenantid); /// To Check the user entity permission by other permission. 6

The CheckUserEntityPermissionByEntityOperation method is to check the permissions with entity operation for the userid, entityid, referenceid, and tenantid. This will return the true/false if the permission has set for the reference. bool CheckUserEntityPermissionByEntityOperation(string entityid, string userid, string referenceid, EntityOperation entityoperation, string tenantid); ///To Check the user entity permission by other permission. The CheckUserEntityPermissionByEntityOperations method is to check the permissions with array of entity operations for the userid, entityid, referenceid, and tenantid. This will return the dictionary of true/false for the entity operations. Dictionary<string, bool> CheckUserEntityPermissionByEntityOperations(string enti tyid, string userid, string referenceid, EntityOperation[] entityoperations, str ing tenantid); 1.3. Consumption Below are the code snippets that shows how to setup Object Security. var userentitypermission = new UserEntityPermission(); UserId, RoleId, EntityId, ReferenceId, Permissions, OtherPrivileges and UpdatedBy, UpdatedOn, and Status properties must be set with values to Add/Update/Delete User Entity Permission. userentitypermission.createdby = UserIdentity.UserId; userentitypermission.createdon = DateTimeHelper.GetDatabaseDateTime(); userentitypermission.updatedon = true; // To Add UserEntityPermissionProxy.AddUserEntityPermission(userEntityPermission); userentitypermission.id = formcollection["userentitypermissionid"].tostring(); userentitypermission.updatedby = UserIdentity.UserId; userentitypermission.updatedon = DateTimeHelper.GetDatabaseDateTime(); userentitypermission.updatedon = true; // To Update UserEntityPermissionProxy.UpdateUserEntityPermission(userEntityPermission); 7

// To Search the specific User Entity Permission UserEntityPermission userentitypermission = UserEntityPermissionProxy.SearchUserEntityPermissionDetails( new UserEntityPermissionSearchCondition() { UserId = userid, RoleId = roleid, EntityId = entityid, ReferenceId = referenceid, TenantId = UserIdentity.TenantID, Status = true }); //To get the reference lists for the entity //Returns Entity s PrimaryKeyName as Key and DisplayColumnName as Value in a dictionary. Dictionary<string, string> referenceids = DataManagementProxy.GetEntityKeyValuePair(entityId, UserIdentity.TenantID); //To call the check user entity permission access If(CelloSaaS.ServiceProxies.AccessControlManagement.UserEntityPermissionProxy.Ch eckuserentitypermissionbyentityoperation(col.entityidentifier, useridentifier, c ol.identifier, CelloSaaS.Model.EntityOperation.Update, tenantidentifier) == true){ } //The true condition goes here. 8

2 Contact Information Any problem using this guide (or) using Cello Framework. Please feel free to contact us, we will be happy to assist you in getting started with Cello. Email: support@techcello.com Phone: +1(609)503-7163 Skype: techcello 9

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information