The RBAC feature enabled restriction of access to VelaUX resources. The UI and API could strict permission verification. We designed platform-scope roles and project-scope roles, Each role can be bound to a set of permission policies, and users can obtain corresponding permissions when they are bound to the role.
A permission policy consists of resources、action and effect, there are some built-in permission policies, including:
Currently, built-in permission policies cover all resources. It is conceivable that these permissions can be flexibly customized, we will provide the API and UI page to manage the custom permission.
A role consists of a role name and the set of permissions it contains, we have built in some common roles:
- Admin：platform scope role，include the
Adminpermission，that all operation rights of all resources。
- App Developer：project scope role，include permissions required for app development.
- Project Admin：project scope role，including administrative rights for all resources under the project.
You can customize the list of roles for a platform or project based on your business or team needs.
Platform/Roles page，you can get all platform-scope roles。
New Role button, you can open the drawer page for creating a role, you should input some required info, such as the role's name, alias and permissions. Click the
Create button then complete.
First you need to go to the project details page, If users with project list query permission can enter through the project list, If not, you can enter through the application detail page.
Switch to the role management page on the project details page to add or modify role information under the project.
Platform-scope roles need to be bound to users on the user management page. One user can be bound to multiple platform-scope roles.
Project-scope roles need to be set in the project member management page, and roles need to be bound when users are added to the project, or modify the existing users' roles.