Dynamic restrictions using user attributes

In the following tutorials, you will learn how to use security.manager NEXT to create restrictions that filter the access based on user attributes. To learn the basic about each kind of restriction follow the Basic policy section.

security.manager NEXT provides access to user information through special variables:

${user.username}: The authenticated user’s username
${user.roles}: List of group IDs assigned to the user

These variables can be used in feature restriction queries to create dynamic, user-specific filters. They can also be used in spatial restrictions, as they also use queries.

Dynamic feature restrictions with user attributes: In this tutorial, you will learn to define a feature restriction based on the user name. Users should only see cities starting with the same letter as the user’s name.
Dynamic spatial restrictions with user attributes: In this tutorial, you will learn to define a spatial restriction based on the user name. You will create a spatial restriction to the Continents (1) layer that filters content based on countries whose names start with the same letter as the username.