Hi Tim,
Sandeep's approach would be a good option to remove an item from the UI, though it does only that: the UI layer. The data field is still part of the query response from the source (db or external system) so is still accessible to the user if they want (e.g. via Chrome Developer Tools).
I'm not aware of an out-of-the-box solution to column-based authorizations, but I would approach this in the service layer of the application (e.g. CAP): in the service handler, validate the user's authorization, and then remove/mask the data for the mentioned columns, something like the below CAP example. It is not ideal, but should work for most cases. You can still do the hiding of the column on the UI as well so that you don't annoy the end user with showing masked entries on the screen.
srv.after('READ', 'Incidents', each => {
// Get user authorizations to correctly set the flag 'hideEmployeeID'
let hideEmployeeID = true;
if (hideEmployeeID) each.EmployeeID = '*masked*';
});
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.