External data store configuration

By default, product administrators can only view the table. You can allow product administrators to update tables using one of two options on the Manage the system > Modules > Manage external data store (dbe) menu:

To enable the plugin, type the name of the plugin in the DBE ACL PLUGIN field.

Once configured, the plugin is executed when a product administrator with the "Manage external data store" privilege accesses the Manage external data store link. The output of the plugin script determines which tables the console user has access to update or read.

If the user only has read access on the table, they can either specify a filter (where clause) or page through the rows of the table.

If the user has read/write access, then they can filter the data shown (where clause) or page through to find the data they choose to update.

If the DBE ACL PLUGIN is not configured the default ACL is to prevent the user from viewing the tables. This can be changed with the DBE DEFAULT ACL system variable. If this system variable is enabled then any user with the Manage external data store privilege will have full read and write access to all the tables.

The DBE DATA MODIFIED field allows you to trigger an external program when data is modified within external database store. See Event actions for more information.

Bravura Security Fabric provides a sample plugin plugin-dbe-acl.psl that is included in the <instance>\samples\ directory.

"" "" = {
  "user" = "<Profile ID>"
} 

"" "" = {
  "retval" = "<N>" # O on success; Non-zero for failure
  "errmsg" = "<Error message>" # Any error messages to return
  "ACLS" "<ALLOW_ALL|>" = {  # The access controls to grant to the user.
        # If ALLOW_ALL is set as the name, then all tables are given read/write access.
         # Otherwise, key-value pairs are used.
        "<table name>" = "<R|W>" # Grant read (R) or read/write (W) access on the table.
  }
}