We are looking for a way to "mask" the data values in a specific column based on whether or not the user has permission to see that data. So, if a user cannot see SSN values (which are in column A), then the output should be an alternate value of 'N/A' or '###-##-####'. If they have permission, then they should see the SSN.
What are the best options for implementing this in Framework Manager.
Extremely basic solution:
(1) Add authorization table to the model, storing accounts that are allowed to 'see' the sensitive data
(2) Change the definition of the query subject 'somedatatable' in the model like:
SELECT T.*,
CASE WHEN
#sq($account.personalInfo.userName)# IN
(SELECT Name FROM [datasource].Autorization_table)
THEN T.Sensitivecolumn
ELSE 'N/A'
END AS X FROM [datasource].Somedatatable T
(3) Rename and hide original column storing sensitive data and rename X to this name.