Skip to main content

OrgChart Help Guide

Equal Example

Audience:

Audience: Administrators Edition: Enterprise

Overview

Conditional Row Level Security allows Administrators to restrict users access row-by-row based on a defined set of criteria. For example, you can restrict employee records from displaying contact information when the Title of the record is equal to 'Consultant.'

The following article provides step-by-step instructions for configuring a Conditional RLS profile using the Equal rule type.

Configuring an 'Equal' Conditional RLS Profile
  1. Log in to OrgChart.

  2. Click on the Mode Switcher icon in the Top Toolbar, and then select the Setup option. The Setup panel is displayed.

    Setup_Account_Settings_Select.png
  3. Click on the Account Settings tile, and then click on the Security tab in the left side menu.

    5_2_2_Security_Panel_with_Arrow.png
  4. Click on the Create New Profile button (under the Row Level Security heading). The Security Configuration panel is displayed.

  5. Enter a name for the profile in the Name text box.

  6. Optionally, enter a description of the RLS profile into the Description text box.

  7. Click on the 5_2_RoundPlus_icon.png icon (to the right of the Security Rules heading). Conditional Rule 1 is added to the Security Rule column.

  8. Click on the 5_2_RoundPlus_icon.png icon (to the right of the Definitions heading). The Conditional Definition Editor panel is displayed.

  9. Click on the Rule Type dropdown menu, and then select the Equal option.

  10. Click on the 5_2_RoundPlus_icon.png icon (to the right of the Field Value Criteria heading).

  11. Select a Field from the Field dropdown menu.

  12. Select a Value from the Value dropdown menu.

    5_2_RLS_Equal.png
  13. Click Save. The conditional definition is displayed in the Definition column.

  14. Click on the Plus.png icon (to the right of the Fields heading), and then select a Field from the dropdown menu.

    5_2_RLS_EqualExample.png
  15. Click Save.

  16. Assign this RLS profile to an Access Group. Reference the Row-Level Security article for instructions on how to assign an RLS profile to an Access Group.

Testing Permissions

Administrators can login as users with different levels of access to test permissions. Reference the Admin User Impersonation article for more information.

The following section tests the Conditional RLS profile configured above, which states employee records with Title EQUAL to the field value Consultant do not display Email or Mobile.

No Security Profile
CRLS_EQUAL_NoSec.png
Security Profile Applied:
CRLS_EQUAL_SECAPPLIED.png