I need to create a restricted view in my Foundry environment that prohibits a specific user or group of users from viewing a particular column in a dataset. I managed to compose a granular policy that prohibits specific users to view particular rows, but for columns I am unable to do that; so I would love to hear your thoughts on that.
Hello and thank you for reaching out! We do not have currently have column level restricted views as a fundamental primitive throughout Foundry. There are messy ways to work around this, eg. exponentially exploding your datasets but this may be infeasible depending on the number of columns you want to be restricted.
Another approach for implementing column-level controls is to use Cipher. You can create a Cipher Channel and use it to obfuscate specific columns of data with the “Cipher Encrypt” expression in Pipeline Builder. Only authorized users – those who have access to a Cipher License with decrypt permissions from that same Cipher Channel – will be able to de-obfuscate the data from those columns.
You can do this for objects: https://www.palantir.com/docs/foundry/object-permissioning/multi-datasource-objects
Just to expand on what @jmh posted -
For conditional visibility on dataset columns the most common Foundry pattern is probably to create an RV with only the columns to be hidden, including the PK from your original dataset.
Your restricted user group won’t be able to view the data in that RV table, or view the properties it backs in downstream object types. Object types backed by multiple datasets will display only the properties from the dataset that the user has permission to view.
For example, in an MDO backed by a regular dataset and an RV:
The RV policy stops users from viewing certain columns (restricted_a, restricted_b).
General reminder that permissions should be established as far upstream as possible, instead of being bolted on later. I’d suggest you configure the markings on the original data source project to exclude the users whose view you want to restrict. Then, if you’d like that data to be more widely viewable, you can create RVs or purposefully strip out the marking from column subsets of that dataset.