Permission Management

The purpose of permission management is to control access to resources for different individuals, preventing risks caused by lack of permission control or improper operations, such as privacy data breaches. The design of a unified management system aims to meet the data security needs of complex scenarios in real-world business while being simple and user-friendly, thereby improving the efficiency of permission managers.

Query Scope for Each Role

The permission management feature supports querying application and data permissions based on dimensions such as user/user group/organizational structure/tenant. Users with one of the following three combined roles: System Management + Data Analysis, System Management + Data Management, or System Management + Data Analysis + Data Management, can access the permission management entry. This primarily enables permission control over public resources in the App Marketplace, App Creation, and Dataset Marketplace within the system.

System Management + Data Analysis: Allows querying the authorization status of applications in the App Marketplace and App Creation by user.

System Management + Data Management: Allows querying the authorization status of data packages in the Dataset Marketplace by user.

System Management + Data Analysis + Data Management: Allows querying the authorization status of applications and data packages in the App Marketplace, App Creation, and Dataset Marketplace by user. This combined role serves as the highest administrator for application resources within the system.

Permission Source

Administrators can query the permission source to determine how a specific object obtained its authorization. The primary use case is to check what authorizations a person has, facilitating subsequent permission adjustments.

The permission source mainly includes information such as Permission, Source, Type, Operator, and Operation Time.

Permission: Displays whether the current user has Viewer, Editor, or Administrator permissions for the resource. It is possible for multiple permissions to coexist.

Source: Displays specific information such as personal account name, organizational structure name, or user group name, making it easier to locate the specific object when adjusting permissions.

Type: Indicates whether the specific name shown in the permission source is a personal account, organizational structure, or user group. If the resource permission is obtained through a system management role rather than individual resource authorization, it will display the type as "System Role."

Operator, Operation Time: Displays the operator and timestamp for each permission configuration. If the permission is obtained through a "System Role," the operator and operation time cannot be displayed.

Special Scenario 1: Dashboards within an App typically follow the App's permissions. However, dashboards can have a blacklist setting, which may result in a scenario where a specific dashboard under an App has no permissions. In this case, the dashboard will display a permission source icon, allowing users to view the specific blacklist authorization information.

Special Scenario 2: When administrators query user-authorized resources, there may be cases where folder hierarchy permissions are not displayed, and the permission source shows no data. This occurs because the folder directory itself is not directly authorized, but an App within the folder is authorized. In such cases, the parent folder node will be displayed, but only with view permissions and no other operational permissions, resulting in this display scenario.

Application Button Permission Query

Administrators can view the button operation permissions of the current user for authorized applications through button permissions, such as viewing detailed data, exporting data, exporting application templates, and other operations.

Row and Column Permissions Query

Administrators can query the row and column permission authorization status in authorized Apps/Datasets. This popup will display the data permission mode of the current resource, as well as the specific row and column permission rules authorized to the user. This section is for query purposes only and cannot be edited.

Edit Permissions

Administrators can edit permissions for each resource node through the "More" three-dot menu. For App/Data Package nodes, "Edit Authorization" and "Edit Row and Column Permissions" quick actions are supported, while Folder nodes support the "Edit Authorization" action.

Click "Edit Authorization" to directly open the authorization popup on the current page, allowing you to modify permissions directly.
Click "Edit Row and Column Permissions" to open a new browser page that navigates to the row and column permissions editing page for the App/Data Package, where you can modify the authorization directly.
Note: These editing operations utilize existing system capabilities. This section only provides a quick access point and does not edit authorization based on a specific user.

User Manual

SDK

ChatBot

Integration

Data Reporting

Create Dataset

Dataset Management

Function List

Dashboard Creation

Chart Controls

Advanced Chart Calculations

Functionality

Display Controls

App Settings

Data Agent

Model Providers

Permission Management ​

Query Scope for Each Role ​

Permission Source ​

Application Button Permission Query ​

Row and Column Permissions Query ​