Skip to main content

OrgChart Help Guide

Not In Example

Audience:

Audience: Administrators Edition: Enterprise

Overview

Conditional Row Level Security allows Administrators to restrict users access row-by-row based on a defined set of criteria.

For example, you can restrict employee records from displaying location status when the location of a record is not in a defined list of values.

The following article provides step-by-step instructions for configuring a Conditional RLS profile using the Not In rule type.

Configuring a 'Not In' RLS Profile
  1. Log in to OrgChart.

  2. Click on the Mode Switcher icon in the Top Toolbar, and then select the Setup option. The Setup panel is displayed.

    Setup_Account_Settings_Select.png
  3. Click on the Account Settings tile, and then click on the Security tab in the left side menu.

    5_2_2_Security_Panel_with_Arrow.png
  4. Click on the Create New Profile button (under the Row Level Security heading). The Security Configuration panel is displayed.

  5. Enter a name for the profile in the Name text box.

  6. Optionally, enter a description of the RLS profile into the Description text box.

  7. Click on the 5_2_RoundPlus_icon.png icon (to the right of the Security Rules heading). Conditional Rule 1 is added to the Security Rule column.

  8. Click on the 5_2_RoundPlus_icon.png icon (to the right of the Definitions heading). The Conditional Definition Editor panel is displayed.

  9. Click on the Rule Type dropdown menu, and then select the Not In option.

  10. Click on the 5_2_RoundPlus_icon.png icon (to the right of the Field Value Criteria heading).

  11. Select a Field from the Field dropdown menu.

  12. Select a Value from the Value dropdown menu.

    5_2_RLS_NotIn.png
  13. Optionally, click on the Plus_new.png to select any additional Values from the Value dropdown menu.

  14. Click Save. The conditional definition is displayed in the Definition column.

  15. Click on the 5_2_RoundPlus_icon.png icon to the right of the Fields heading, and then select a Field from the dropdown menu.

    5_2_RLS_NotIn_EX.png
  16. Click Save.

  17. Assign this BLS profile to an Access Group. Reference the Branch Level Security article for instructions on how to assign a BLS profile to an Access Group.

Testing Permissions

Administrators can login as users with different levels of access to test permissions. Reference the Admin User Impersonation article for more information.

The following section tests the RLS profile configured above, which states employee records with a Location which is NOT IN the defined list do not display Location Status.

No Security Profile
CRLS_NotIn_PreSec.png
Security Profile Applied
CRLS_NotIn_SECAPPLIED.png