Hiding authorization details

You can control whether authorization details about the request should be displayed to the user viewing the request. By default, all request viewers can view authorization details for all requests. Alternatively you can write a plugin that will mask authorization details for a specific type of viewer (such as recipient), or a specific type of request.

You can also Use user classes instead of using a plugin to hide authorization details to users within a specified user class. See Using user classes with plugin points for details.

The plugin is set by the Workflow > Options> Plugins >AUTHORIZATION DETAIL MASK PLUGIN field.

There are no shipped plugins for use with this plugin point.

Write a custom authorization detail mask plugin

Requirements

See Writing plugins for general requirements.

Execution points

This plugin is called by Requests app before request details are displayed on Bravura Security Fabric module pages or written in email.

Input

The input presented to the plugin during the initial call includes the viewer information and the request information.

    "" "" = {
        "viewer" "user" = {
            "id" = "<Profile ID>"
            "name" = "<Alias>"
            "viewas" "" = "<DMANAGER|WMANAGER|AUTHORIZER|REQUESTER|RECIPIENT|DELEGATE|IMPLEMENTER>"
        }
        "request" ""= {...}
    }

Output

The plugin can provide the option to display authorization details about the request. If the option returned is true, the authorization details will be hidden.

output AuthMask = {
hideAuthDetails = "<true|false>";
};

In this section:

Hiding authorization details

Write a custom authorization detail mask plugin

Search results