diff --git a/docs/docs/en/guide/security.md b/docs/docs/en/guide/security.md index eaeb12d8a0..8a2617401b 100644 --- a/docs/docs/en/guide/security.md +++ b/docs/docs/en/guide/security.md @@ -99,20 +99,20 @@ public void doPOSTParam()throws Exception{ ## Granted Permissions -- Granted permissions include project permissions, resource permissions, data source permissions, and UDF function permissions. -- Administrators can authorize projects, resources, data sources, and UDF functions that ordinary users do not create. Because the authorization methods of projects, resources, data sources and UDF functions are all the same, the project authorization is used as an example to introduce. -- Note: For projects created by the user, the user has all permissions. The item list and the selected items list are not displayed. +* Granted permissions include project permissions, resource permissions, data source permissions, and UDF function permissions. +* Administrators can authorize projects, resources, data sources, and UDF functions that ordinary users do not create. Because the authorization methods of projects, resources, data sources and UDF functions are all the same, the project authorization is used as an example to introduce. +* Note: For projects created by the user, the user has all permissions. Therefore, permission changes to projects created by users themselves are not valid. - The administrator enters the `Security Center -> User Management` page, and clicks the "Authorize" button of the user to be authorized, as shown in the following figure: -
- -
+![project-authroize-step-1](../../../img/new_ui/dev/security/project-authroize-step-1.png) -- Select the project to authorize the project. +- Select one or more projects and click the button above to authorize the project. The upper buttons from left to right correspond to `revoke all permissions`, `grant read permissions`, and `grant all permissions` (which including both read and write permissions). -- -
+![project-authroize-step-2](../../../img/new_ui/dev/security/project-authroize-step-2.png) + +- If a user has only the read permission but not the write permission for a project, and the user is trying to do something like delete or update the project, an error message is displayed indicating that the user has no write permission and cannot complete the operation. + +![no-permission-error](../../../img/new_ui/dev/security/no-permission-error.png) - Resources, data sources, and UDF function authorization are the same as project authorization. diff --git a/docs/docs/zh/guide/security.md b/docs/docs/zh/guide/security.md index f6536f4773..a8d054b1d7 100644 --- a/docs/docs/zh/guide/security.md +++ b/docs/docs/zh/guide/security.md @@ -95,14 +95,18 @@ * 授予权限包括项目权限,资源权限,数据源权限,UDF函数权限,k8s命名空间。 * 管理员可以对普通用户进行非其创建的项目、资源、数据源、UDF函数、k8s命名空间。因为项目、资源、数据源、UDF函数、k8s命名空间授权方式都是一样的,所以以项目授权为例介绍。 -* 注意:对于用户自己创建的项目,该用户拥有所有的权限。则项目列表和已选项目列表中不会显示。 -- 管理员进入安全中心->用户管理页面,点击需授权用户的“授权”按钮,如下图所示: +* 注意:对于用户自己创建的项目,该用户默认拥有所有的权限,因此对用户自己创建的项目进行权限变更是无效的。 +- 管理员进入`安全中心->用户管理页面`,点击需授权用户的“授权”按钮,如下图所示: -![user-authorize](../../../img/new_ui/dev/security/user-authorize.png) +![project-authroize-step-1](../../../img/new_ui/dev/security/project-authroize-step-1.png) -- 选择项目,进行项目授权。 +- 勾选单个或多个项目,再点击上方授权按钮进行项目授权。上方按钮从左至右分别对应着`撤销所有权限`,`授予读权限`和`授予所有权限`(包括读权限和写权限)。 -![project-authorize](../../../img/new_ui/dev/security/project-authorize.png) +![project-authroize-step-2](../../../img/new_ui/dev/security/project-authroize-step-2.png) + +- 如果用户对某个项目只拥有读权限而没有写权限,则在执行删除项目或更新项目等操作时,会返回错误提示,提示用户没有写权限,无法完成该操作。 + +![no-permission-error](../../../img/new_ui/dev/security/no-permission-error.png) - 资源、数据源、UDF 函数授权同项目授权。 diff --git a/docs/img/auth-en.png b/docs/img/auth-en.png deleted file mode 100644 index b4fe13cd58..0000000000 Binary files a/docs/img/auth-en.png and /dev/null differ diff --git a/docs/img/auth-project-en.png b/docs/img/auth-project-en.png deleted file mode 100644 index 302916c44b..0000000000 Binary files a/docs/img/auth-project-en.png and /dev/null differ diff --git a/docs/img/new_ui/dev/security/no-permission-error.png b/docs/img/new_ui/dev/security/no-permission-error.png new file mode 100644 index 0000000000..e034a5affe Binary files /dev/null and b/docs/img/new_ui/dev/security/no-permission-error.png differ diff --git a/docs/img/new_ui/dev/security/project-authorize.png b/docs/img/new_ui/dev/security/project-authorize.png deleted file mode 100644 index c84dbb2c58..0000000000 Binary files a/docs/img/new_ui/dev/security/project-authorize.png and /dev/null differ diff --git a/docs/img/new_ui/dev/security/project-authroize-step-1.png b/docs/img/new_ui/dev/security/project-authroize-step-1.png new file mode 100644 index 0000000000..20719412ad Binary files /dev/null and b/docs/img/new_ui/dev/security/project-authroize-step-1.png differ diff --git a/docs/img/new_ui/dev/security/project-authroize-step-2.png b/docs/img/new_ui/dev/security/project-authroize-step-2.png new file mode 100644 index 0000000000..1da481f78d Binary files /dev/null and b/docs/img/new_ui/dev/security/project-authroize-step-2.png differ diff --git a/docs/img/new_ui/dev/security/user-authorize.png b/docs/img/new_ui/dev/security/user-authorize.png deleted file mode 100644 index daa561db00..0000000000 Binary files a/docs/img/new_ui/dev/security/user-authorize.png and /dev/null differ