Trusted Attribute PDP Filters That Allow "Contains" Logic

jackcwagner

It is a manual and time consuming process to manage personalized data permissions (PDPs) today, especially if you have multiple data sets and a large organization.

That doesn't have to be the case.

The end-to-end process of adding data permissions could be almost 100% automated with one small change to the current setup of PDPs.

Process:

1) Build an entitlements table leveraging your employee hierarchy or something like your territory hierarchy from Salesforce. This table would have some ID that connects into your data with all people allowed to see a row of data. You could then join this table with every table that requires PDPs to be applied

2) On the data set, filter by Trusted Attribute and select the De-Duped column and the Email attribute

**THIS IS WHAT NEEDS TO BE UPDATED**

Unfortunately, the filter is set to EQUAL TO instead of CONTAINS, meaning you can't do this

3) Add a dynamic group to the policy row containing all Domo users. Only those who are listed in the De-Duped Email List column will have the ability to see data

Ask:

Update the filter logic for Trusted Attributes on PDPs to CONTAINS instead of EQUAL TO (or, make it an option to toggle between).

Jones01

giving this a bump as this functionality is so important to us

DomoDork

Agreed, this would simplify PDP automation so much and is very much needed.

Jones01

My idea was this which allows the contains to work when the trusted attribute is a list.

https://community-forums.domo.com/main/discussion/62529/enhancement-to-user-list-attributes-and-custom-attributes-for-dynamic-pdp

Jones01

I have tried my idea again and it seems to now work. I can use the trusted attr in PDP when the trusted attr is an array of Integers.