Resource access files: filters
In a resource access file, collection resources (such as Activities
) can
have a filter
section. This section defines criteria the each member of the
collection must meet in order to be accessible. They may be the only criteria that the
resource must meet, or they may be in addition to other criteria added by PolicyCenter. (Filters are not used for individual element resources
because you can use view and edit permissions to control the availability of an individual
resource.)
The filter
section consists of a list of one or more filter expressions. For
a resource to be accessible, all access filter expressions must return true.
The filter
section consists of a list of one or more filter expressions. A
filter expression can be:
- A Gosu expression that returns filter criteria, such as gw.rest.core.pl.common.v1.activities.AssignedActivitiesFilter.
- The keyword
__nofilter
, which indicates that there is no filter and all resources are accessible.
For example, the following code defines the filters for the
Accounts
resource (for a collection of accounts) as declared in the
accountholder_core-1.0.access.yaml file:
Accounts:
filter: gw.rest.core.pc.account.v1.security.AccountHolderAccountsFilter