Role based access for steps in Profile creation wizard
Learn about the role based access for each step in the Collaborate Profile creation wizard.
The Collaborative Profile Creation feature enables you to create profiles in the Hub, using a multi-step wizard. For more information, see topic Collaborative Profile Creation.
You configure these steps in the UI Modeler. For more information, see topic Configure Collaborative Profile Creation for an entity type.
By default, all relevant users can access all steps when creating a profile. However, you can restrict users from accessing certain steps. For example, when creating a product profile, ensure only users relating to the Pricing department can access the pricing step. Users who belong to the marketing department can access the Marketing step.
ROLE_UI_ALL or ROLE_UI_ALL_READONLY role can access all steps/tabs when creating a profile. Let's take the following profile creation wizard that has 5 steps.
Now, let's configure the wizard so that only a manager can access Step 2 and only a workflow user can access step 3. To achieve this, edit your UI configuration JSON file. For example, the config.json file. Add the canRead permission along with the user role for steps 2 and 3, as shown below.
Don't add such permissions for steps 1,4, and 5.
After you configure the steps, go back to your tenant and log in as a data steward (who is not a manager, but has the workflow role assigned). When you create a new profile using the Collaborative Profile Creation wizard, you'll see that step 2 isn't available.
canRead permission with the user role will allow related users to view the step and edit attributes. However, if you aren't assigned the canRead permission but are assigned the ROLE_UI_ALL or ROLE_UI_ALL_READONLY role, you'll be able to see all tabs.