Is it possible to edit permissions in the Studio so that only one user gets access to BDM's API?

Submitted by ismail.lagouill... on Tue, 06/02/2020 - 07:40

Hello,

Is it possible to edit permissions in the Studio in order that only one user gets access to BDM's API?

The idea here is to limit access to the API "../API/bdm/businessData" to only one user.

If the answer is yes, what are the steps to follow in order to achieve this.

Studio used:

Bonita-Subscription-7.9.3

Thanks a lot,

Log in or register to post comments
1090 reads

1 answer

Submitted by romain.bioteau on Tue, 06/02/2020 - 10:55

This one is the BEST answer!

When you say user you talk about a Bonita user on the platform (eg: walter.bates) or a developer using the studio ?

If it is the first case then yes, you can customize permissions using setup pull/push (like on a prod env) but you have to properly configure the database.properties to point to the proper h2 db files. There is no Studio specific features to do this, so just follow the doc about permissions. Keep in mind that the Studio has database clean capabilities that will erase the configuration when triggered.

Depending on the use case, using the BDM access control can be a good solution.

For the second case, no, there is no user management in the studio.

Log in or register to post comments
121 reads

Comments

Submitted by ismail.lagouill... on Tue, 06/02/2020 - 18:11

Thanks!! Indeed, I meant a Bonita user on the platform (eg: walter.bates).

The part about permissions wasn't clear in the doc for this use-case (at least to me). Should I use dynamic permissions? Could you please share more information about how it could be done?

Thanks a lot!!

Permalink

Submitted by romain.bioteau on Wed, 06/03/2020 - 10:44

You can use either the static way.

there is a bdm_visualization permission that handle access to BDM resources (see resources-permissions-mapping.properties in tenant_portal configuration).

You can bind those resources to a custom permission in resources-permissions-mapping-custom.properties

# BDM resources
GET|bdm/businessData=[custom_bdm_visualization]
GET|bdm/businessDataReference=[custom_bdm_visualization]
GET|bdm/businessDataQuery=[custom_bdm_visualization]

Then declare your custom permission in custom-permissions-mapping.properties

user|walter.bates=[custom_bdm_visualization]

In the above example only walter.bates will have access to BDM resources, it is possible to fine tune using a custom profile instead of a single user like this:

profile|MyCustomProfile=[custom_bdm_visualization]

HTH

Romain

Permalink

Submitted by ismail.lagouill... on Wed, 06/03/2020 - 22:03

It works as a charm!!

Thanks!!!

Permalink