All Products
Search
Document Center

The approval flow for data changes does not meet expectations

Last Updated: Feb 08, 2021

Overview

This article describes how to handle non-conforming expected data change approval flows.

Detail

Locate the risk of ticket triggering

  1. Log on to the DMS console. In the top navigation bar, click common data change. On the page that appears, click tickets list in the upper-left corner.
  2. On the data change ticket list page, click the ticket number of a specific ticket, and then click ticket operation history.
  3. The ticket operation history records the information of the ticket matching security rule set, triggered risks, and selected approval flows, which can help us quickly locate and solve the problem.

Modify approval flow

Note:

  • If the approval flow setting is incorrect, follow these steps to modify the approval flow.
  • Before modifying the approval flow, you can also see approval flow priorities to understand the approval flow priorities.

Modify Fraud Detection rules

The ticket operation history allows you to view ticket-triggered risks. For example, when you submit a DDL statement, a high risk is triggered and we want to change the risk to medium. In this case, you can choose all features > security rules and click edit on the right side of the corresponding rule set. Select SQL change, click Fraud Detection rule, and then click edit on the right side of the corresponding rule name to modify it according to the actual situation.

note: for the level definition of Fraud Detection rules, see risk level definition.

Modifying Fraud Detection rules has the following advantages:

  • Modifying the rule text makes it easier to identify differences.
  • To modify the Fraud Detection result, change "high" to "low", that is, change high risk to low risk.
  • Modify the text for the risk. You can see the reason marked as this risk in the operation history.

Modify the approval flow corresponding to a risk

  1. On the SQL change page, click risk approval rules. Click edit on the right side of the corresponding rule name.
  2. In choose_approve_template, select the approval flow means the approval flow template ID, if we want to modify the approval flow corresponding to the risk in, you only need to modify this number, for more information, see set approval process and security rules DSL syntax.

References

Approval flow priority

The selection of the data change ticket approval flow, which is jointly determined based on the checkpoint Fraud Detection rules and risk approval rules in security rules. That is, when a user submits an approval, the system first identifies the Fraud Detection triggered for the ticket based on the risk rules, and then preferentially selects the approval flow corresponding to the highest risk according to the identified risk level. If no approval flow corresponding to the risk is found, the default approval template in the basic configuration items is selected.

For example, if a ticket triggers both "low risk" and "high risk" in the Fraud Detection rule, the system selects the approval flow corresponding to "high risk" in the risk approval rule. If the approval flow corresponding to "high risk" is not configured (for example, the rule is disabled), the default approval template in the basic configuration items is selected.

Risk level definition

[
     {
         "riskLevel":"low",
         "riskDesc": "low risk"
     },
     {
         "riskLevel":"middle",
         "riskDesc": "medium risk"
     },
     {
         "riskLevel":"high",
         "riskDesc": high risk
     },
     {
         "riskLevel":"highest",
         "riskDesc": "significant risk"
     }
 ]

Applicable scope

  • Data Management (DMS)