Perform member management operations and tasks - Dataphin - Alibaba Cloud - Dataphin

Permission description

Super administrators and system administrators can disable members, delete accounts, reassign permissions, and update contact details for all members.
System administrators cannot disable or delete super administrators, nor reassign permissions of super administrators or other system administrators.

Managing Dataphin members

Navigate to the Dataphin home page, select Management Center > Member Management from the top menu bar. You will be taken to the Member Management page by default.
(Optional) On the Member Management page, you can filter the list to find specific members. Search options include username, user ID, or filters for abnormal accounts, member roles, and statuses.

Abnormal accounts: The system performs an automatic refresh every day at midnight to identify accounts that have been removed from the source system and marks them with an icon.

On the Member Management page, you can edit member details, disable accounts, reinstate members, or reassign permissions. The following table describes each operation.

Operation	Description
Edit	Modify the User Role and contact information (such as email, phone, DingTalk group robot, etc.) of a user. Members must have contact information configured to receive alerts promptly. For more information, see Editing member account information. Single edit: Click the Actions icon in the target member's column. In the Edit Account dialog box, modify the User Role and contact information. After completing the modifications, click Confirm. Batch edit: Select multiple members in the member list or select Select All On This Page at the bottom of the page, and then click Edit at the bottom of the page. In the Batch Edit dialog box, edit the information of multiple members. After completing the modifications, click Confirm. Note After modifying contact information, promptly sync the relevant personnel to avoid delays in alert notifications.
Disable	Disable an enabled account. After an account is disabled, the user cannot log on to Dataphin or receive monitoring alerts. We recommend that you transfer ownership of the account's assets before disabling it. Disable a single account: Click the ActionsDeactivate Account Confirm icon in the column of the target member. In the dialog box, click . Batch disable: Select multiple members in the member list or select Select All On This Page at the bottom of the page, and click Disable at the bottom of the page. In the Batch Disable dialog box, click OK.
Enable	Enable a previously disabled account. After an account is enabled, the user can log on to Dataphin again and receive monitoring alerts. Click Enable: Click the Actions column of the target member's icon. In the Enable Account dialog box, click OK. Batch enable: Select multiple members in the member list or select Select All On This Page at the bottom of the page, and click Enable at the bottom of the page. In the Batch Enable dialog box, click OK.
Change owner permission	When there is a change in users in Dataphin, you can transfer their ownership permissions to another user. The original user loses the transferred permissions. Be sure to change the owner as needed. For more information, see change owner permission. Click the Actions icon in the column of the target member. In the Change Owner Permission dialog box, select the Recipient and fill in the Transfer Description. After completion, click OK.
Add to user group	Add one or more users to a specified user group. Each user group can contain up to 1000 members. Add individually: Click the Actions icon in the column of the target member, and select Add To User Group. In the Add To User Group dialog box, select User Group. After completing the selection, click OK. Add in batch: Select multiple members in the member list or select Select All On This Page at the bottom of the page, and then click Add To User Group at the bottom of the page. In the Add To User Group dialog box, select User Group. After completing the selection, click OK.
Disable	Delete redundant or unnecessary members. After deletion, the user cannot log on to Dataphin or receive monitoring alerts. We recommend that you transfer ownership of the account's assets before deleting it. When Dataphin is integrated with other authentication systems, deleting a member only removes the user from the Dataphin member list, not from the integrated authentication system. Single deletion: Click the Actions-Delete icon in the column of the target member, and select . In the Delete Account dialog box, click OK. Batch delete: Select multiple members in the member list or select Select All On This Page at the bottom of the page, and click Delete at the bottom of the page. In the Delete Account dialog box, click OK.

Edit member account information

On the Member Management page, click the icon in the operation column next to the desired member to open the Edit Account dialog box.

In the Edit Account dialog box, update the user's roles, IP whitelist, email, phone number, and other contact details. The following table describes each parameter:

Parameter	Description
User Role	Modify the user's global role or add global roles for the member. Multiple roles are supported. For more information about global roles, see User roles and permissions. Important The super administrator account has most system permissions. The Super Administrator Role cannot be deleted. However, other roles, such as quality administrator or security administrator, can be added to grant relevant feature permissions.
Email	Enter a valid email address in the correct format, such as username@example.com.
Phone	Select the country code and enter the phone number. The country code can be searched using keywords.
Dingtalk Robot, Lark Robot, Wecom Robot	Enter the webhook address of the DingTalk group robot, Lark group robot, or WeCom group robot. For specific configuration methods, see Add DingTalk group robot contact for a member, Add Lark group robot contact for a member, Add WeCom group robot contact for a member.
IP Whitelist	After you set the IP whitelist, users can only log on from the configured IP addresses. This feature is disabled by default and takes effect immediately once enabled. The IP whitelist supports the following formats: Specify IP address: For example, 192.168.0.1 allows access from the IP address 192.168.0.1. Specify IP segment: For example, 192.168.0.0/24 allows access from IP addresses ranging from 192.168.0.1 to 192.168.0.255, or 192.168.0.0-192.168.0.255. Multiple IP settings: Displayed with line breaks. Note The whitelist applies to users and intercepts logons across different tenants. If the whitelist is enabled but configured incorrectly, no IP segment will be allowed to log on. Once set, it takes effect immediately. Logged-on users will be intercepted when refreshing or opening a new page. When enabling this feature, confirm the network topology with Dataphin O&M personnel and register the IP addresses of network widgets between the user terminal and the Dataphin server. Otherwise, the IP address of the end user cannot be retrieved. If the end user uses technologies such as VPN or virtual desktop, Dataphin can only detect the IP address forwarded through the VPN or virtual desktop.

Change owner

Note

Super administrators and system administrators can access Change Owner Permission and Owner Change Record through the Management Center. Regular members can only access these features through the Personal Center. The functionality is the same in both locations. The following example uses the Member Management page.

Change owner permission

On the Member Management page, click the ActionsChange Owner Permission icon in the operation column for the selected member to open the dialog box.
In the Change Owner Permission dialog box, select the Recipient and provide a Change Description. Click OK when finished.
- Recipient: Choose the recipient. For regular members, changing permissions will trigger an approval task for the recipient.
- Change Description: Provide a relevant description for the permission change, up to 128 characters.

View owner change record

Super administrators and system administrators can view all historical change records. Regular members can only view records where they are the creator, the transfer-out person, or the recipient.

On the Member Management page, click the Owner Change Record icon in the indicated area of the image to view historical change records. The functionality under the My and All tabs is the same. The image below uses the My tab as an example.

Area

Description

①Filter and search area

Not Successfully Changed: Filter records that have not been successfully changed for the current account.
Search: You can enter the name of the task in the search box for quick search.
Filter: You can filter precisely by Created By, Transfer-out Person, Recipient, and Change Status.
Change Owner Permission: You can change owner permission. For more information, see change owner permission.

②List area

Displays information on Change Tasks, Created By, Transfer-out Person, Recipient, Created At, and Change Status. You can also perform View Details, View Approval Tasks, and Resubmit operations under the Actions column.

View Details: You can view detailed information about the change permission.
- When the change status is successful, you can view the details of sub-feature changes, including change module, change sub-feature, sub-feature permission, and change status.
- When the change status is failed, you can view the details of sub-feature changes, including change module, change sub-feature, sub-feature permission, and change status. You can also click the icon after the change failed to view the reason for the change failure.
View Approval Tasks: You can view the details of approval tasks in the Task Center.
Resubmit: When the permission change fails or is rejected, you can resubmit.