Security Policy Definition Basics

Dynamic Field Content

  • All of the Kinetic Platform console fields that support dynamic content (including security policy definitions) are actually evaluating JavaScript.
  • Like Task connectors/parameters, some fields are expressions (submission label) and some are templates. (security policy definitions, form field display conditions).

JavaScript Expressions

JavaScript has statements (don't evaluate to a value) and expressions (do evaluate to a value). Kinetic Platform dynamic fields only support single expressions.

  • Statement: var i = 0;
  • Statement: if (i == 0) { … }
  • Expression: i == 0
  • Expression: function(...)

JavaScript Immediately Invoked Function Expression (IIFE)

JavaScript provides a mechanism for wrapping scope (which also happens to be helpful for wrapping multiple statements and expressions into a single expression).

(function () {

Kinetic Platform Bindings

The Kinetic Platform exposes "bindings" functions to access dynamic data. Different bindings are available in different contexts. For example, identity(username) lets you access the authenticated user id. Think of bindinggs the same way you would use variables when creating an element on a form. The format and intent are the same. Using the identity example for authenticated user: identity('username'). There isn't a definitive list of bindings because they can change with the types of security and other external factors.

  • identity('username')
  • identity('attribute:Manager')
  • form('attribute:Owner')

Each binding function accepts a second optional argument which is returned if the binding evaluates to undefined.

  • Example: identity(‘attribute:Manager, [“mary.manager”])