Control Data Access by Role
To control what data is visible to users, create a mapping between a data profile and a role.
When users sign in, they see only those parts of data from the business object that their role has access to, through the data profile.
To set up data access:
-
Sign in as IT Security Manager.
-
From Student Central, click Search and search for Application Access.
-
Click Data Profiles.
-
Click New Data Profile.
-
Specify a name and description for the profile.
-
Select a business object. To see the fields associated with that business object, click inside the Fields field.
-
Select the fields whose values will define the data access to this profile. You can add as many fields as you need to.
-
When you're done, click Save. The data profile you created is displayed on the list.
-
Click the ellipses on the row for the data profile you just created, and click Assign to Roles. If you don't see the ellipses, scroll to the right.
-
On the Assign Data Access to Roles page, click Add Role, select a role to add to the data profile, and click Add.
-
For each of the fields that you enabled for the data profile, select the values to define the security filter conditions on the data set for the business object.
The list of values for dependent security condition fields are filtered based on the values selected on previous fields. That is, a driving field or column is ordered to the left of a dependent field or column, so that the values in the dependent field are filtered based on the values from the driving column.
-
When done, click Add.
-
Use the Add Row option to add more security filter conditions on the data set for the business object. All of the security conditions rows are aggregated to define the data set from the business object that this role has access to.
-
When done, click Save.