Conditions control when attributes, relations, and user relations are visible or editable. They enable role-based and state-based UI customization — showing different fields to different users depending on workflow state.

Three Condition Scopes

Conditions apply to three different asset types, each controlling visibility in a different part of the object detail page.

ScopeControlsApplied to
Attribute conditionsWhich attributes appear and whether they are editableattributeTypes on an objectType definition
User relation type conditionsWhich ownership roles (owner, steward) appearuserRelationTypes on an objectType definition
Relation type conditionsWhich relations are visible in the relations panelrelationTypes referenced by an objectType

Each scope uses the same condition model — a combination of userRelationTypeKey and workflowStateKey that determines visibility and editability.

Condition Properties

Every condition evaluates against two context values: the current user’s role on the object and the object’s workflow state.

PropertyTypePurpose
objectTypeKeystringWhich object type this condition applies to (standalone conditions only)
userRelationTypeKeystringThe user role that triggers this condition. Matches the current user’s assigned role on the object.
workflowStateKeystringThe workflow state that triggers this condition. Matches the object’s current state.
editablebooleanWhether the field is editable when the condition matches
visiblebooleanWhether the field is visible when the condition matches

Both editable and visible are independent. A field can be visible but not editable (read-only display) or editable and visible (full access). Setting visible: false hides the field entirely — editable has no effect when the field is hidden.

Inline Conditions

Inline conditions are defined directly on attribute types or user relation types within the object type definition. This is the most common approach for simple per-objectType rules.

{
  "key": "business_term",
  "attributeTypes": [
    {
      "key": "core#description",
      "conditions": [
        {
          "userRelationTypeKey": "core_business_owner",
          "workflowStateKey": "draft",
          "editable": true,
          "visible": true
        },
        {
          "userRelationTypeKey": "core_steward",
          "editable": true,
          "visible": true
        }
      ]
    }
  ]
}

This configuration makes the description attribute:

  • Visible and editable to business owners, but only when the object is in draft state
  • Visible and editable to stewards in any workflow state
  • Hidden from all other users in all states

Standalone Conditions

Standalone conditions are separate package assets that apply across multiple object types. Three asset types exist:

Asset typeControls
attributeTypeObjectConditionsAttribute visibility and editability
userRelationTypeObjectConditionsUser relation type visibility
relationTypeObjectConditionsRelation type visibility

A standalone attribute condition:

{
  "attributeTypeObjectConditions": [
    {
      "attributeTypeKey": "cust_technical_id",
      "objectTypeKey": "business_term",
      "conditions": [
        {
          "userRelationTypeKey": "core_steward",
          "editable": false,
          "visible": true
        }
      ]
    },
    {
      "attributeTypeKey": "cust_technical_id",
      "objectTypeKey": "business_domain",
      "conditions": [
        {
          "userRelationTypeKey": "core_steward",
          "editable": false,
          "visible": true
        }
      ]
    }
  ]
}

This makes the cust_technical_id attribute visible (but read-only) to stewards on both business terms and business domains. Without standalone conditions, the same condition block would need to be duplicated in each object type definition.

Evaluation Logic

AND Within a Single Condition

Both userRelationTypeKey AND workflowStateKey must match for the condition to apply. A condition specifying core_business_owner and draft only activates when the current user is a business owner AND the object is in draft state.

Optional Keys

If only one key is specified, the other is treated as “any”:

SpecifiedOmittedBehavior
userRelationTypeKey onlyworkflowStateKeyApplies to the specified role in any workflow state
workflowStateKey onlyuserRelationTypeKeyApplies to any user in the specified state
Neither specifiedBothCondition always matches (equivalent to no condition)

OR Across Multiple Conditions

When multiple conditions exist on the same attribute, OR logic applies. If any condition grants visibility or editability, the field is visible or editable.

Given these conditions on a description attribute:

{
  "conditions": [
    { "userRelationTypeKey": "core_business_owner", "workflowStateKey": "draft", "editable": true, "visible": true },
    { "userRelationTypeKey": "core_steward", "editable": true, "visible": true },
    { "workflowStateKey": "approved", "editable": false, "visible": true }
  ]
}

The description is visible to:

  • Business owners in draft state (editable)
  • Stewards in any state (editable)
  • Any user when the object is approved (read-only)

A steward viewing an approved object matches both condition 2 and condition 3. Since condition 2 grants editable: true, the field is editable — the most permissive grant wins.

No Conditions = Full Access

An attribute, user relation type, or relation type without any conditions is visible and editable by all users in all states. Conditions restrict the default behavior — they do not grant it.

This means adding the first condition to a previously unconditioned field restricts access. Users who previously had full access may lose visibility or editability.

Inline vs. Standalone: When to Use Which

ScenarioApproach
Single object type with unique visibility rulesInline conditions on the objectType
Same condition applies to 3+ object typesStandalone condition asset
Patch package modifying another package’s visibilityStandalone condition asset (cannot modify inline conditions in another package)
Rapid prototyping and testingInline conditions (easier to read in one file)

Standalone conditions from a patch package merge with existing inline conditions using OR logic. A patch package can grant additional visibility but cannot revoke visibility granted by inline conditions in the base package.

User Relation Type Conditions

User relation types on an object type can also carry conditions, controlling when the role assignment panel is visible.

{
  "key": "business_term",
  "objectUserRelationTypes": [
    {
      "key": "core_business_owner",
      "conditions": [
        {
          "workflowStateKey": "draft",
          "visible": true,
          "editable": true
        },
        {
          "workflowStateKey": "approved",
          "visible": true,
          "editable": false
        }
      ]
    }
  ]
}

In draft state, the business owner assignment panel is visible and the role can be changed. In approved state, the panel is visible but the assignment is locked.

Relation Type Conditions

Relation types between object types support the same condition model. This controls when the relation panel shows specific relation types.

{
  "relationTypeObjectConditions": [
    {
      "relationTypeKey": "core#isRelatedTo",
      "objectTypeKey": "business_term",
      "conditions": [
        {
          "userRelationTypeKey": "core_steward",
          "visible": true,
          "editable": true
        }
      ]
    }
  ]
}

The “is related to” relation panel on business terms is visible and editable only to stewards. Other users do not see this relation type on the object detail page.

Gotchas

Danger

Invalid condition keys fail silently. A condition with a nonexistent userRelationTypeKey evaluates to false for all users, hiding the attribute with no error message. The package installs without warnings. Always verify that referenced keys exist in the package or its dependencies.

Warning

Conditions without workflowStateKey apply to ALL workflow states. Omitting the state key means the condition is always active. This is correct for role-based access that should not vary by state, but unexpected if the intent was to restrict to a specific state.

Warning

Adding the first condition to an unconditioned attribute changes the default from “visible to everyone” to “visible only to matching users.” This is a breaking change for existing users who previously had access.

Warning

Standalone conditions from patch packages add to existing conditions using OR logic. A patch package cannot remove visibility granted by the base package’s inline conditions. To restrict access, modify the base package instead.

Tip

Use conditions to hide technical attributes from business users. Scanned metadata fields (IDs, timestamps, connection strings) can be visible only to data stewards while keeping the object detail page clean for business owners.

Tip

Connector entity object types usually do not need conditions. Use editable: false on the objectDetail template instead — this is simpler and applies uniformly regardless of role or state.

Tip

Test conditions by assigning yourself different user relation types on a test object and cycling through workflow states. Verify that fields appear and disappear as expected in each combination.