can i apply a security marking to an entire ontology? (i.e. ri.ontology.main.ontology.___ ) I am exploring the idea of segregating ontology usage via Scoped Sessions. If i have two Spaces each with an associated Ontology, can I apply two different markings to each Ontology (and a scoped session for each) to force users to only view one Ontology at a time? What would be the implications?
Hi @acapras,
What is the workflow you are trying to achieve? There are some drawbacks to scoped sessions and we might be able to offer you a better solution with some upcoming work.
hey @owen thanks for the reply!
I was actually able to achieve this by hitting the following API to apply the marking to the entire Space:
POST https://{stack}.palantirfoundry.com/compass/api/markings/{spaceRid}
{
"markingPatches": [
{
"markingId": {{markingId}},
"patchOperation": "ADD"
}
]
}
This seems to have also applied the marking to the Ontology too (i guess an ontology is a child of a space in the gk/permission tree?)
Switching between scoped sessions now shows/hides our Ontologies from the OMA ontology dropdown in the top left as i expected.
The reasoning for this is wanting to achieve segregation between a “Training” space (where users are granted permissions to create projects and object types freely & install marketplace products/examples), and a “Production” space (where governance controls are much stricter)
Makes sense. Glad you were able to achieve the desired outcome.
Yes, in most setups, ontologies are in a hidden project under the namespace.