ftos.identity.authz.createGrantTag
IMPORTANT!
Starting with v24.3.0, this is renamed from server.customSecurity.createGrantTag to ftos.identity.authz.createGrantTag.
Starting with v24.3.0, this is renamed from server.customSecurity.createGrantTag to ftos.identity.authz.createGrantTag.
Generates a unique tag for custom data ownership.
You can assign specific users access to particular entity records by associating these tags with the relevant user accounts and the entity records they are permitted to access (see ftos.identity.authz.setGrantTagOnRecord and ftos.identity.authz.setGrantTagToUser).
This is a data service method for business service components.
Syntax
Copy
ftos.identity.authz.createGrantTag(description : string): string;| Parameter | Type | Description |
|---|---|---|
description
|
string | User friendly description of the data access tag. |
Return Value
Returns a string containing a unique identifier of the data access tag.
Examples
Set up custom data ownership for a joint bank account
In this example, we wish to assign two different users with access to the same bank account, which means that both user accounts will need to CRUD privileges over the same record in the bankAccounts entity:
- We generate a data ownership tag and we save it in the tagId variable.
- We use the ftos.identity.authz.setGrantTagOnRecord method to assign the tag to the 76e61107-3729-4a46-bc70-435086ce0571 record in the bankAccounts entity.
- We use the ftos.identity.authz.setGrantTagToUser method to assign the tag to user accounts d4ba4503-bddd-4ac9-a8ff-0b9e99572af3 and 2FE5697F-56D7-4BE3-B61B-D3CF16FA0E13.
Copy
var tagId = ftos.identity.authz.createGrantTag("Joint account 61");
ftos.identity.authz.setGrantTagOnRecord("bankAccounts", "76e61107-3729-4a46-bc70-435086ce0571", tagId);
ftos.identity.authz.setGrantTagToUser("d4ba4503-bddd-4ac9-a8ff-0b9e99572af3", tagId);
ftos.identity.authz.setGrantTagToUser("2FE5697F-56D7-4BE3-B61B-D3CF16FA0E13", tagId);