Versions Compared

Old Version 9

changes.mady.by.user Denise Kidd

Saved on

compared with

New Version 10

changes.mady.by.user Denise Kidd

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Panel
panelIconId274c
panelIcon:x:
panelIconText
bgColor#FFEBE6

Important historical context

Prior to July 2024, masking rules were created an applied in an inverse way to this guidance: The default rule allows everyone with page access to see the full value and the second rule prohibits those in the business profile from seeing the full value.

Identify the fields we’re putting masking rules on

  1. Go to the page with the fields you want to mask.

  2. Click in the field you want to mask. Click the Tools menu and select Item Properties.

  3. Note the Data Block (Block), Physical Name (Item), Data Type, Maximum Data Length.

    image-20240718-155839.png

For example, if we want to mask a portion of the birth date in SPAIDEN:

  • Data Block: SPBPERS

  • Physical Name: SPBPERS_BIRTH_DATE

  • Data Type: Date

  • Maximum Data Length: This field doesn’t have a max data length, but for dates, use 11.

    image-20240718-143335.png

    • If you repeat this for the SSN/SIN/TIN field, you’ll see that the max data length is 15.

      image-20240718-143428.png

Tell Banner which data we want to mask - GORDMCL

  1. In the Object field, enter the page that displays the fields we want to mask. Click Go.

  2. Click Insert. Refer back to your note to enter the following: Block (Data Block), Item (Physical Name), Data Type, Length (Maximum Data Length). Save.

Create the masking rules - GORDMSK

For each field for which we want to control visibility, we will create two rules:

  • One default rule. Everyone with access to the screen will have this rule applied. If we’re masking a portion of the birthdate, the first rule will allow NO ONE with access to this screen to see the full birth date.

  • One rule to make the full value visible for specified users.

To create a new rule:

In the Object field, enter the page that displays the fields we want to mask. Go.

Create the first rule

Click Insert. Enter the Block and Item.

In this example, we want to mask the year for everyone except specified users. In this first rule, we’re making the default such that NO ONE can see the year.

Do you want the field to be visible or do you want it concealed?

  • Visible allows the field itself is visible on the page.

  • Conceal makes the field not visible. This may affect how the screen is interpreted by users, especially those who are accustomed to how the screen originally displayed for them. Here’s an example of what a concealed field looks like:

    image-20240718-160831.png

In this example we want all users to see the field itself. Select Visible.

If visible and the value is a date, select the format mask

This applies to our current example of the birth date.

  • On the Format Mask field, click the search button.

Select the format. Because we want to mask the year and display the day and month, select DD/MM.

If visible and the value is not a date, select direction of masking and the unmasked length

  • Partial Character Unmasked. Imagine there’s a line representing a boundary in the value you want to display.

    • Left Direction - You want to display everything to the left of your boundary.

    • Right direction - You want to display everything to the right of your boundary.

  • Partial Unmasked Length. Identify the number of characters you want to display after/before your boundary.

For example, to display only the last 4 of an SSN, select Right Direction for the Partial Character Masked and 4 for the Partial Unmasked Length.

image-20240718-145956.png

Select all users. Save.

You can only select ONE of the following per rule: All Users, Business Profile, or User ID.

image-20240718-152508.png

Create the second rule

Click Insert. Enter the Block and Item.

In this rule we’re specifying the users who can see the full birth date including the year.

Do you want the field to be visible or do you want it concealed?

  • Visible the field itself is visible on the page.

  • Conceal makes the field not visible. This may affect how the screen is interpreted by users, especially those who are accustomed to how the screen originally displayed for them.

In this example, we want all users to see the field itself. Select Visible.

Select the Business Profile or User this should apply to

Select the Business Profile to which this restriction should apply. A business profile represents a group of users. The users that should see the full birth date are in the TUL_DOB_USERS. (Note: TUL_DOB_USERS is fictional and does not exist in PROD. It was created to demonstrate this procedure.)

If your masking rules should apply to those not in the TUL_DOB_USERS, determine if there’s another existing business profile that you can use or create a new business profile (GTVFBPR, GOAFBPR) and assign users to the business profile.

After selecting the business profile, Save.

If you want this rule to apply to a specific user, rather than entering a Business Profile, enter their user ID in the User ID field and Save.

You can only select ONE of the following per rule: All Users, Business Profile, or User ID.

image-20240718-153454.png

Test

Identify users

Identify a user in the business profile selected in the second rule and a user NOT in the business profile selected in the second rule.

Impersonate each in the TEST environment.

Expected results

The user IN the business profile should see the full value. In this example, they would see the full birth date in SPAIDEN.

image-20240718-154447.png

The user NOT IN the business profile should only see the masked value.

image-20240718-154652.png

On this page

Table of Contents
minLevel1
maxLevel6
outlinefalse
styledefault
typelist
printabletrue