How to Configure Row and Column Permissions Using API

1. Get Security Filter Information on Dataset

GET /api/data-source/{dsId}/security-filter

Parameters

Name	Location	Type	Meaning	Required	Remarks
dsId	Path	String	Dataset ID	Yes
token	Header	String	Login Token	Yes	Token needs to be obtained through login interface

Header Example

{
    "token": "guanyuan token"
}

Response

{
    "column":{
        "enabled":true,
        "rules":[]
    },
    "row":{
        "enabled":false,
        "rules":[],
        "defaultRule":{
            "ruleType":"HIDDEN"
        }
    },
    "applyToOwner":false
}

Among them, ruleType currently supports 3 types

COLUMN (This is column-level permission, representing columns that cannot be viewed)
ADVANCED (Advanced mode row-level permission, similar to Threshold formula)
FREEFORM (Custom mode row-level permission, completely write SQL yourself)

2. Enable/Disable Row/Column Security Filter on Dataset, and Whether to Apply Security Filter to "Owner and Administrators"

POST api/data-source/{dsId}/security-filter/enable

Parameters

Name	Location	Type	Meaning	Required	Remarks
token	Header	String	Login Token	Yes	Token needs to be obtained through login interface
dsId	Path	String	Dataset ID	Yes
level	Body	String	Level	Yes	row: row permission; column: column permission; applyToOwner: apply to administrators and Owner
enable	Body	Boolean	Whether to enable	Yes	true: enable; false: disable

POST Body Example

{
    "level": "column", 
    "enable": true       
}

Response

Returns equivalent to calling "Get Security Filter Information on Dataset" to get the latest Security Filter full information.

3. Row/Column Security Filter Rule on Dataset

3.1 Create Row/Column Security Filter Rule on Dataset

Apply existing permission rules to the dataset

POST api/data-source/{dsId}/security-filter/rules

Parameters

Name	Location	Type	Meaning	Required	Remarks
token	Header	String	Login token	Yes
dsId	Path	String	Dataset ID	Yes
ruleId	Body	String	Rule ID	Yes
userAndGroups	Body	JSON	Users and user groups	Yes
ruleType	Body	String	Rule type	Yes	COLUMN: column-level ADVANCED: row-level FREEFORM: custom
comment	Body	String	Remarks
forbiddenColumns	Body	JSON	Invisible fields		Required if adding column permission
advanced	Body	JSON	Row permission rules		Required if adding row permission
freeform	Body	String	Custom rules		Required if adding custom permission

POST Body Example

COLUMN Column-level Permission

{
  "ruleId": "b4a956d66bd57464f8f050f4",
  "userAndGroups": [
    {
      "relId": "b1766b1ac99bf4679a1bd762",
      "name": "testUser",
      "relType": "USER"
    }
  ],
  "ruleType": "COLUMN",
  "comment":"testUser cannot read columns",
  "forbiddenColumns": [
    {
      "fdId": "j9259851e2ac14152bd8e41d", /* fdId can be read from preview dataset in network preview */
      "name": "city"
    }
  ]
}

ADVANCED Row-level Permission

{
  "userAndGroups": [
    {
      "relId": "b1766b1ac99bf4679a1bd762",
      "name": "testUser",
      "relType": "USER"
    }
  ],
  "ruleType": "ADVANCED",
  "comment":"testUser cannot read rows",
  "advanced": [
    {
      "type": "condition",
      "not": false,
      "value": {
        "name": "2009年",
        "fdType": "DOUBLE",
        "fdId": "ea853c91",
        "metaType": "METRIC",
        "seqNo": 2,
        "filterType": "GE",
        "filterValue": [
          "50",
          ""
        ],
        "advFilter": null
      }
    }
  ]
}

FREEFORM Custom Permission

{
  "userAndGroups": [
    {
      "relId": "b1766b1ac99bf4679a1bd762",
      "name": "testUser",
      "relType": "USER"
    }
  ],
  "ruleType": "FREEFORM",
  "comment": "testUser canot read rows (freeform)",
  "freeform": "[city] in 'hangzhou'"
}

Response

Returns equivalent to calling "Get Security Filter Information on Dataset" to get the latest Security Filter full information.

3.2 Modify Row/Column Security Filter Rule on Dataset

POST api/data-source/{dsId}/security-filter/rules/{ruleId}

Parameters

Name	Location	Type	Meaning	Required	Remarks
token	Header	String	Login token	Yes
dsId	Path	String	Dataset ID	Yes
ruleId	Path	String	Permission rule ID	Yes
userAndGroups	Body	JSON	Users and user groups	Yes
ruleType	Body	String	Rule type	Yes	COLUMN: column-level ADVANCED: row-level FREEFORM: custom
comment	Body	String	Remarks
forbiddenColumns	Body	JSON	Invisible fields		Required if modifying column permission
advanced	Body	JSON	Row permission rules		Required if modifying row permission
freeform	Body	String	Custom rules		Required if modifying custom permission

POST Body Example (FREEFORM)

{
  "userAndGroups": [
    {
      "relId": "b1766b1ac99bf4679a1bd762",
      "name": "testUser",
      "relType": "USER"
    },
    {
      "relId": "b1766b1ac99bf4679a1bd111",
      "name": "User2",
      "relType": "USER"
    }
  ],
  "ruleType": "FREEFORM",
  "comment": "users canot read rows (freeform)",
  "freeform": "[city] in 'hangzhou'"
}

Response

Returns equivalent to calling "Get Security Filter Information on Dataset" to get the latest Security Filter full information.

3.3 Delete Row/Column Security Filter Rule on Dataset

DELETE api/data-source/{dsId}/security-filter/rules/{ruleId}

Parameters

Name	Location	Type	Meaning	Required	Remarks
token	Header	String	Login token	Yes
dsId	Path	String	Dataset ID	Yes
ruleId	Path	String	Permission rule ID	Yes

Response

Returns equivalent to calling "Get Security Filter Information on Dataset" to get the latest Security Filter full information.

4. Modify Default Rule on Dataset Column

POST api/data-source/{dsId}/security-filter/rules/row-level-default-rule

Parameters

Name	Location	Type	Meaning	Required	Remarks
dsId	Path	String	Dataset ID	Yes

POST Body Example (FREEFORM)

{
  "ruleType": "FREEFORM",
  "comment": "default rule based on city",
  "freeform": "[city] in 'hangzhou'"
}

Here, the supported ruleTypes are:

HIDDEN (Default rule, other users are invisible)
VISIBLE (All other users are visible, this is quite dangerous, needs warning!)
ADVANCED (Advanced mode column configuration, needs to read additional field advanced),
FREEFORM (Custom SQL mode, needs to read additional field freeform)

Response

Returns equivalent to calling "Get Security Filter Information on Dataset" to get the latest Security Filter full information.

1. Get Security Filter Information on Dataset​

Parameters​

Header Example​

Response​

2. Enable/Disable Row/Column Security Filter on Dataset, and Whether to Apply Security Filter to "Owner and Administrators"​

Parameters​

POST Body Example​

Response​

3. Row/Column Security Filter Rule on Dataset​

3.1 Create Row/Column Security Filter Rule on Dataset​

3.2 Modify Row/Column Security Filter Rule on Dataset​

Response​

3.3 Delete Row/Column Security Filter Rule on Dataset​

4. Modify Default Rule on Dataset Column​

Parameters​

POST Body Example (FREEFORM)​

Response​

1. Get Security Filter Information on Dataset

Parameters

Header Example

Response

2. Enable/Disable Row/Column Security Filter on Dataset, and Whether to Apply Security Filter to "Owner and Administrators"

Parameters

POST Body Example

Response

3. Row/Column Security Filter Rule on Dataset

3.1 Create Row/Column Security Filter Rule on Dataset

3.2 Modify Row/Column Security Filter Rule on Dataset

Response

3.3 Delete Row/Column Security Filter Rule on Dataset

4. Modify Default Rule on Dataset Column

Parameters

POST Body Example (FREEFORM)

Response