Risk levels, risk identification rules, and approval flows

Background information

• Risk level: Describes the risk level of a ticket, which determines the required approval flow.

• Risk identification rule: A rule that determines the risk level of a ticket based on specified conditions.

• Approval flow: A process that system administrators can define in OceanBase Developer Center (ODC) for change tasks.

How it works

1. An ODC system administrator creates a task approval flow by selecting approval nodes and setting a validity period for the flow.

2. The system administrator sets an approval flow for each risk level: High, Medium, or Low.

3. The system administrator sets risk identification rules for each risk level: High, Medium, or Low.

4. When a user creates a task ticket in ODC, the system matches the ticket to a risk level based on the risk identification rules.

5. ODC invokes the approval flow that corresponds to the risk level.

6. The roles assigned to each approval node review and approve the task.

Prerequisites

A user with the system administrator role.

Manage approval flows

1. In the Project Collaboration window, click Security Specifications > Risk Level. Select a risk level and click Edit in the Approval Flow column.

   

2. From the Select Approval Flow drop-down list, click Manage Approval Flows.

   

3. On the Manage Approval Flows page, click New Approval Flow.

   

4. On the New Approval Flow page, enter or select the following information.

   

   Item	Description
   Flow Name	Specify a name for the task flow.
   Set Approval Nodes	Select roles for the approval flow.
   Flow Validity Period	Specify the validity period for approval and execution. The task expires if the execution times out.

5. Click Create to create the approval flow.

6. In the list of approval flows, you can edit or delete the flows that you created.

Manage risk levels

In the Project Collaboration window, go to Security Specifications > Risk Level. On this page, you can configure approval flows and risk identification rules for High, Medium, Low, and Default risk levels.

Manage risk identification rules

1. In the Project Collaboration window, go to Security Specifications > Risk Level. Select a risk level and click New Rule.

   

2. Click Add Condition or Add Condition Group to add one or more conditional expressions to configure the rule.

   

3. Click Confirm to add the risk identification rule.

4. In the list of risk identification rules, you can view, edit, or delete the rules that you created.

   

References

• Database change management