Apply for and manage row-level permissions

Prerequisites

Ensure the row-level permissions value-added service is active. Activate Dataphin.

Limits

• You can create a maximum of 500 permission rules for a single row-level permission.

• You can apply for a maximum of 200 permission rules at a time.

Permission description

View the row-level permissions granted to your account.

Apply for row-level permissions

1. On the Dataphin home page, choose Management Center > Permission Management from the top menu bar.

2. In the navigation pane on the left, choose My Permissions > Row-Level Permission. On the Row-Level Permission page, click Apply For Row-Level Permission.

3. On the Apply For Row-Level Permission page, configure the parameters.

   Parameter		Description
   Basic Information	Account Type	Grant row-level permissions to user accounts, project accounts, and user groups together or individually. User Account: For data modeling and development in the development environment. Developed data is published to production. Project Account: Manages and runs tasks submitted to production. User Group: Manages permissions for members in the group.
   Row-Level Permission Filter	Associated Table	Select compute source tables and data source tables for row-level permissions. Search by table name keyword, add tables in a batch, or click the icon for a precise search by Category/Project and Table Type. Table Type: You can select from five table types: Physical Table, View, Logical View, and Logical Table. Board/Project: If the table type is Logical View or Logical Table, select the data board to which the logical table belongs. If the table type is Physical Table or View, select the project to which the physical table belongs. Add Tables in Batches: Click Batch Search And Add. In the Batch Search dialog box, enter the names of the tables to add. For compute source tables, you can perform a precise search using the `project_name.table_name` or `category.table_name` format. For data source tables, you can perform a precise search using the `DB/Schema.table` format. Separate multiple table names with a semicolon (;), a comma (,), or a line feed (\n). Note You can add a maximum of 100 tables when you apply for permissions in a batch. Filter options are optional. Without them, you can select any table type. With them, you can narrow results to specific types.
   Row-Level Permission Selection		Lists row-level permissions for the selected tables, including permission name, description, associated tables, application requirement, and control rule details. Application Required: Indicates whether the selected account already has control rule permissions for this row-level permission on the associated table. If set to Yes, the selected account lacks control rule permissions on this table and should apply. Click the View icon to open the Control Rule Permissions For The Selected Account On The Current Row-level Permission: dialog box and view accounts that need to request control rule permissions. If set to No, the selected account already has control rule permissions for one or more row-level permissions on this table. You can add more control rules. Click the View icon to open the Control Rule Permissions For The Selected Account On The Current Row-level Permission: dialog box and view granted control rules. Control Rule: Select the control rules configured for the current row-level permission.
   Application Reason	Reason	Enter a reason (5–512 characters) to help the approver review your request.

4. Click Submit Application. Permissions are granted after approval.

Manage row-level permissions

1. On the Row-Level Permission page, click Description in the upper-right corner to view row-level permission principles, including legend patterns and SQL code.

2. View configured row-level permissions, including names, hit rules, and associated tables.

3. Search for row-level permissions by name or filter by associated table.

4. Perform the following operations on a specific permission.

   Operation	Description
   View hit rules	Click the hit rule count or view icon to see authorized rule details.
   View associated tables	Click the associated table count or view icon to see related tables.
   View row-level permission	Click the View icon in the Actions column to see details of the row-level permissions that you are authorized to view.