MSO - Security
Intended audience: ANALYSTS DEVELOPERS ADMINISTRATORS
AO Platform: 4.3
Overview
This section contains the options to configure specific Role-based security Rights for:
MSO Permissions
MSO Property Permissions
MSO Data Permissions
App Permissions
Trait Permissions
Add Roles on the Security page and their associated Permissions as it relates to the current MSO and its Properties. This allows granular support for Create, Read, Update, Delete (CRUD) permissions at the data level. Roles to be added have to be created in the Admin solution in advance. See Admin > Security. The Administrator can also configure default Ontology and MSO level Permissions for each Role which will affect the configuration of MSO and associated Properties and Data Permissions on this page in the Ontology Composer.
When restricted Permissions are configured for a given Role for MSOs, their Properties, and Data, users associated with the Role will receive Notifications when data isn’t shown (Read is revoked) and/or data cannot be updated (Create, Update, Delete are revoked).
Finally, Permissions can be configured for both Apps and Trait Curations in terms of their visibility. Configured Apps and Trait Curations in their respective repeater sections have the effect of hiding the Apps and Trait Curations for the selected Role.
Properties
Label | Description |
|---|---|
Role Name | The Name of the Role. This is a read-only field. |
Role Description | Displays a short description if available for the Role being configured. This is a read-only field. |
Security Description | Add a description of permissions being granted/revoked for the MSO and/or associated properties. |
Copy Permissions From | Allows Permissions from another Role to be copied to the current Role. |
MSO PERMISSIONS | Collapsible section title. |
| Select the Rights (Create, Delete, Read, Update) for the current MSO. Users can hover the “eye” icon to get a quick snapshot of what has been configured. |
MSO PROPERTY PERMISSIONS | Collapsible section title. This is a repeater section |
| Select one or more Properties to be granted or revoked Rights. |
| Select the Rights (Create, Delete, Read, Update) for the selected Properties. Users can hover the “eye” icon to get a quick snapshot of what has been configured. Use “delete” icon to delete the entry. |
MSO DATA PERMISSIONS | Collapsible section title. This is a repeater section. |
| Click the Query Builder icon to insert one or more criteria that will select the data to add permissions Rights to, eg. “Classification Equals Confidential” |
| Select the Rights (Allow, Create, Delete, Deny, Read, Update) for the selected Data criteria. Users can hover the “eye” icon to get a quick snapshot of what has been configured. Use “delete” icon to delete the entry. |
APP PERMISSIONS | Collapsible section title. |
| A repeater section is used to identify one or more Apps to be hidden for the selected Role. |
TRAIT PERMISSIONS | Collapsible section title. |
| A repeater section is used to identify one or more Trait Curations to be hidden for the selected Role. |