All Products
Search

This Product

    ApsaraDB for OceanBase:Users and roles

    Document Center

    ApsaraDB for OceanBase:Users and roles

    Last Updated:Nov 15, 2024

    This topic introduces how to view and manage ODC users and roles.

    Background information

    OceanBase Developer Center (ODC) allows users with the user edition permission to add users and grant permissions by using roles. The added users can log on to ODC by using their accounts and passwords.

    A role is an object that holds user permissions, and users of the same role have the same permissions. ODC allows you to grant permissions to customized roles and assign the roles to users.

    Principle

    In ODC, users, roles, projects, and system permissions are in the following relationships:

    image

    1. A user who has the user creation permission can create roles in User Permissions.

    2. A user who has the user edition permission can add users and grant role permissions to them in User Permissions.

    3. A user who has the review process operation permission add project roles to review nodes when creating review processes in Security Specifications.

    4. A user who has the risk level operation permission can select a review process when editing risk levels in Security Specifications.

    5. A user who has the risk identification permission can configure risk identification rules for specific risk levels in Security Specifications.

    Considerations

    • ODC has a built-in administrator user admin. This user automatically has the administrator role system_admin. The administrator role has all system permissions and has access to all public and individual resources. You cannot edit, delete, or disable the administrator role.

    • A role is an object that holds user permissions, and users of the same role have the same permissions. ODC allows you to grant permissions to customized roles and assign the roles to users.

    Manage users

    User list

    image

    The following table describes the parameters in the user list.

    Parameter

    Description

    Name

    The name of the user.

    Account

    The account of the user.

    Role

    The roles assigned to the user.

    Status

    The user status. Valid values: Enable and Disable. You can click the filter iconfilterto filter the users by status.

    Updated At

    The time of the last update of the user information. You can click Updated At to sort the users by update time in ascending or descending order.

    Logon Time

    The time of the last logon to ODC. You can click Login Time to sort the users by logon time in ascending or descending order.

    Actions

    The actions you can take. Valid values: View, Edit, and Disable/Enable. You can click Disable/Enable to change the user status.

    Note

    After you log on to ODC, you cannot edit or disable your account.

    View a user

    image

    1. In the user list, click View in the Actions column.

    2. In the User Information panel, you can check the User Details and Related Resources tabs.

      Tab

      Description

      User Details

      • User information: displays information that you specified when you edited the user in fields such as Account, Name, Password, Role, and Remarks. The password is masked, and a Reset Password button is provided for you to change the logon password.

      • Operation information: displays information in fields such as Created By, Created At, Updated At, and Logon Time.

      • User deletion: You can click Delete User in the lower part of the tab to delete the user. After the user is deleted, the corresponding account cannot log on to ODC and its related data cannot be restored.

      Related Resources

      This tab displays the names of the public connections that are accessible to the current user and the access permissions.

      Edit

      In the User Information panel, click Edit to go to the Edit User panel.

    Edit User

    image

    1. In the user list, click Edit in the Actions column.

    2. In the Edit User panel, you can view all information specified when you create a user. After the user is created, the Account cannot be modified. However, you can modify the name, account status, roles, and remarks and can change the password on the user details page.

    Manage roles

    Create a role

    Assume that you want to create the odc_project role in ODC as the administrator. The role has permissions to edit the mysql_4.2.0 data source and manage the ODCUSER1 user.

    1. In the left-side navigation pane of the project collaboration window, choose User Permissions > Roles > Create Role.

      image

    2. In the Create Role panel, specify the following information.

      image

      Parameter

      Description

      Role Name

      The role name must be specified and cannot exceed 48 characters in length.

      Role Status

      By default, the new role is created in the Enabled status. You can specify the Disabled status. The permissions for a disabled role do not take effect.

      Permission Type

      Select at least one permission type for the role.

      ODC allows you to select Resource Management Permissions and System Operation Permissions. After you select a permission type, the corresponding Permission Settings section appears below. When you create a role, you must specify and set at least one permission type for the role.

      • Resource Management Permissions: the permissions to create, manage, edit, and view data sources, projects, roles, and users.

      • System Operation Permissions: the permissions to view and operate operation records, automatic authorization, review processes, risk identification rules, development specifications, and system integration.

      Remarks

      Enter the description in the field. The remarks are optional and cannot exceed 140 characters in length.

    3. After you specify the preceding information, click Create in the lower-right corner of the panel to create a role.

    4. After the role is created, you can view the role in the role list.

      image

    Role list

    The following table describes the parameters in the role list.

    Parameter

    Description

    Role Name

    The name of the role.

    Permission Type

    The type of permissions granted to the role.

    Updated At

    The time of the last update of the role information.

    Status

    The status of the role. Valid values: Disabled and Enabled.

    Actions

    You can view and edit roles.

    View roles

    1. In the role list, click View in the Actions column.

    2. In the Role Information panel, you can check the Role Details and Users tabs.

      image

      Tab

      Description

      Role Details

      • Role creation information: displays the information that you specified when you created the role in fields such as Role Name, Permission Type, and Remarks.

      • Operation information: displays information in fields such as Created By, Created At, and Updated At.

      • Role deletion: You can click Delete Role in the lower part of the tab to delete the role. After the role is deleted, all data related to the role cannot be recovered, and the user permissions granted to the role are revoked. The user logon is not affected.

      Related User

      The Related User tab displays users that are granted the role. The user information is provided in the following columns: User name, Roles, and Status.

    3. In the lower part of the Role Information panel, you can click Edit to go to the Edit Role panel.

    4. You can click Copy Role to go to the Create Role panel. In the panel that appears, the information of the current role is automatically filled.

    Edit a role

    1. In the role list, click Edit in the Actions column.

    2. Modify the role information.

    3. In the lower-right corner of the Edit Role panel, click Save to save the changes.

    References