Hide/Obscure or Restrict Fields

MATRIXX Backoffice Customer Tool supports hiding or obscuring and restricting the editing of field values for various objects by adding a Restriction object to a user role in the permissions.json file.

When hiding, obscuring, or restricting a field, the following applies:

Hiding — If a field is hidden, it does not show up on the UI at all. The label (where possible) and its value do not appear in search options, search results, summary pages, detail pages, view-all pages, or edit pages. The general search on the home page may return different item types and may need to include column(s) if an item type shows a value for that column, even if another item type hides the value that would otherwise appear in that column. In that case, the hidden value appears blank.
Obscuring — If a field is obscured, its value's characters are replaced with whatever character is specified in the OBSCURATION_CHARACTER setting. The default is an asterisk for each character in the value. For example, if a field has an original value of John, the obscured value displays as ****. If a field is obscured for a user, its value is not editable and does not appear on the edit pages.
Restricting — If editing is restricted for a field, that field displays on the edit pages as read-only.

The rules for adding a Restriction object are as follows:

Because user roles are cumulative, you should create a special restricted user role and add it to the user(s) as needed. If MATRIXX Backoffice Customer Tool finds a user with a role that contains restrictions, that user will have those restrictions applied despite any other roles they have. Hiding takes precedence over obscuring if a user has more than one role with restrictions on the same field.
Essential object fields cannot be hidden or obscured. For example, ObjectId, ExternalId, and ObjectType.
Because '***' is not helpful for identifying an object, page headers, breadcrumbs, and summary views do not use obscured fields if the obscured field would be the only identifier.
Because the All Events page shows multiple events in the table, none of the columns can be dynamically removed.
No fields on Add pages are hidden or obscured. For example, Add Subscriptions or Add Groups.
Note: This feature only affects the UI display. API calls and JSON responses in the browser's web-developer tools are still visible in plain text.

The value is an object whose keys describe the object type (for example, Subscription or Group, not extension object types). The value at each key is an object or array of objects with one or more of the following keys describing an array of field names: VIEW, VIEW_OBSCURE, EDIT.

Example:

{
  "Subscription": {
    "VIEW": ["LastName", "Status"],
    "VIEW_OBSCURE": ["MaxCredit"],
  },
  "Device": {
    "VIEW": ["Imsi", "Status"],
    "VIEW_OBSCURE": [],
    "EDIT": ["Birthday"]
  },
  "Group": {
    "VIEW": ["Name"],
    "EDIT": ["Status"]
  },
    "Events": [
      {
         "event": "6",
         "VIEW": ["Info"],
         "VIEW_OBSCURE": ["Reason"]
      }
  ]
}

Hidden, Obscured, and Restricted Fields lists the fields that can be hidden, obscured, or restricted.

Table 1. Hidden, Obscured, and Restricted Fields
Object Type	Field Name
Subscription	Type (This field can only be restricted, not hidden or obscured.) ExternalId (This field can only be restricted, not hidden or obscured.) FirstName LastName ContactEmail ContactPhoneNumber NotificationPreference Language Status (Extension fields)
Group	Type (This field can only be restricted, not hidden or obscured.) ExternalId (This field can only be restricted, not hidden or obscured.) Name Status (Extension fields)
Device	Type (This field can only be restricted, not hidden or obscured.) ExternalId (This field can only be restricted, not hidden or obscured.) Imsi (Hiding or obscuring this field is controlled by the Restrictions object, but editing this field is controlled by the Device.Identity.EDIT permission.) LoginId (Hiding or obscuring this field is controlled by the Restrictions object, but editing this field is controlled by the Device.Identity.EDIT permission.) AccessIdArray AccessNumberArray Last ActivityTime Status (Extension fields)
Events	All fields in EventDetails, including extension fields, except for the ones noted here. Essential event fields cannot be hidden or obscured, including: `EventTypeArray /.+EventId$/ /EventIdList$/` Similar to how Subscription, Group, and Device ObjectId and ExternalId fields cannot be hidden or obscured, some *Id fields in events cannot be hidden or obscured. For example, for notification_done events, InitiatorId, InitiatorExternalId, and ContactUserObjectId are some fields that cannot be hidden or obscured. You can hide or obscure the NotificationContent field for notification_done events, even though this field is not in EventDetails.