You can translate the question and the replies:

Column based security in Custom Policy?

We've built a Java custom policy that returns certain rows of data based on the user's security in a config table, but can Custom Policies give us column-level security? As in, can Denodo return only a certain amount of columns of a table based on the user's security in a config table?
user
12-04-2021 07:56:11 -0400

1 Answer

Hi, In this scenario, I would implement column level restrictions by using Denodo Platform’s built-in feature "[Assign Column privileges](https://community.denodo.com/docs/html/browse/8.0/en//vdp/administration/databases_users_and_access_rights_in_virtual_dataport/user_and_access_right_in_virtual_dataport/user_and_access_right_in_virtual_dataport#column-privileges)" from the graphical interface. Alternatively, I would develop custom policy to achieve column level restriction using **context attribute** to capture the information about the context of the query. For instance, I would use the method **getFieldsInQuery() **to get the fields involved in the query. Then I would apply restriction on those columns and then reject the query with return clause **CustomRestrictionPolicyFilterType.REJECT**. For more information, you can refer to [Developing a Custom Policy](https://community.denodo.com/docs/html/browse/8.0/en//vdp/developer/custom_policies/developing_a_custom_policy#developing-a-custom-policy) section under Virtual DataPort Guide more information. Hope this helps!
Denodo Team
15-04-2021 23:55:15 -0400
You must sign in to add an answer. If you do not have an account, you can register here