docs: refactor from database access to database permission

Author: tianzhou

content/blog/1-9-0-new-features.md

@@ -39,7 +39,7 @@ There is a lot more that a good parser can do. We have invested a lot of R&D wor
 
 ## Data Masking
 
-Previously, Bytebase was focused on database change management (DCM). And another critical piece is data security. This release is our first footstep into this territory, with the ability to [mask database fields by tagging them](/docs/security/mask-data).
+Previously, Bytebase was focused on database change management (DCM). And another critical piece is data security. This release is our first footstep into this territory, with the ability to [mask database fields by tagging them](/docs/security/data-masking/overview).
 
 There's not much to say about the feature alone, after all, many of our friends have them too. The difference is that Bytebase is only here now because we have just laid the groundwork for the system.
 

content/blog/1-9-1-new-features.md

@@ -37,15 +37,15 @@ Regarding how to nudge people, some collaborative tools choose to ping others, o
 
 Now, let’s chat about Bytebase’s security capabilities.
 
-We introduced [Data Access Control](/docs/security/data-access-control) with this release, leveraging Access Control Policy and Environment Tier.
+We introduced [Data Access Control](/docs/security/database-permission/overview) with this release, leveraging Access Control Policy and Environment Tier.
 
 Some users suggested that they don’t want developers to access all databases in the production environment by default. This can be achieved by the DBA setting the `Environment Tier` to `Protected`. But at the same time, the user wants to open access to some databases in this environment, which is possible by whitelisting those databases.
 
 ![_](/content/blog/1-9-1-new-features/protected-env.webp)
 
 ![_](/content/blog/1-9-1-new-features/accesss-control-env.webp)
 
-The overall Bytebase design follows the same security practice of default blacklisting. This is yet another feature focusing on data security after [Data Masking](/docs/security/mask-data).
+The overall Bytebase design follows the same security practice of default blacklisting. This is yet another feature focusing on data security after [Data Masking](/docs/security/data-masking/overview).
 
 ## Data Masking
 

content/blog/2023-q3-retrospect.md

@@ -56,7 +56,7 @@ Bytebase keeps up with the bi-weekly release cadence and released 7 versions.
 
 ### Data Security
 
-- [Data access control](/docs/security/data-access-control/) for query, export, and copy data.
+- [Data access control](/docs/security/database-permission/overview/) for query, export, and copy data.
 - Dynamic [Data Masking](/docs/sql-editor/mask-data/) for MySQL, Postgres, TiDB, Oracle, SQL Server, MariaDB, and OceanBase.
 - Enforce [sign-in frequency](/docs/administration/sign-in-frequency/).
 - [LDAP](/docs/administration/sso/ldap/) for SSO.

content/blog/all-database-tools-bytebase-replaces.md

@@ -17,7 +17,7 @@ Bytebase is an all-in-one solution for database development lifecycle management
 Traditional SQL clients such as DBeaver, DataGrip, Navicat, pgAdmin, phpMyAdmin provide a GUI interface.
 Bytebase also provides a web-based [SQL Editor](/sql-editor/). By adopting Bytebase, DBAs no longer
 need to distribute database credentials to the individuals. DBAs configure the database credentials
-in Bytebase once, then grant [database/table access](/docs/security/data-access-control/) to individuals conditionally. Furthermore, they can also configure [dynamic data masking](/docs/security/data-masking/overview/).
+in Bytebase once, then grant [database permissions](/docs/security/database-permission/overview/) to individuals conditionally. Furthermore, they can also configure [dynamic data masking](/docs/security/data-masking/overview/).
 
 ![sql-editor-data-masking](/images/page/main/sql-editor/mask.webp)
 

content/blog/bytebase-3-0.md

@@ -28,7 +28,7 @@ Bytebase provides a collaboration workspace for developers, DBAs, and security e
 1. One-off, ad-hoc change.
 1. Data query.
 
-In addition to centralizing database operations, Bytebase offers features such as [SQL Review for linting SQL statements](/docs/sql-review/overview/), [one-click rollbacks](/docs/change-database/rollback-data-changes/), [data access control](/docs/security/data-access-control/), and [dynamic data masking](/docs/security/data-masking/overview/). To deliver these capabilities, Bytebase must comprehend the SQL dialects of various target database systems, which is why we build custom parsers [for](https://github.com/bytebase/mysql-parser) [each](https://github.com/bytebase/postgresql-parser) [of](https://github.com/bytebase/plsql-parser) [them](https://github.com/bytebase/tsql-parser).
+In addition to centralizing database operations, Bytebase offers features such as [SQL Review for linting SQL statements](/docs/sql-review/overview/), [one-click rollbacks](/docs/change-database/rollback-data-changes/), [data access control](/docs/security/database-permission/overview/), and [dynamic data masking](/docs/security/data-masking/overview/). To deliver these capabilities, Bytebase must comprehend the SQL dialects of various target database systems, which is why we build custom parsers [for](https://github.com/bytebase/mysql-parser) [each](https://github.com/bytebase/postgresql-parser) [of](https://github.com/bytebase/plsql-parser) [them](https://github.com/bytebase/tsql-parser).
 
 ## AI Assistant
 

content/blog/bytebase-vs-flyway.md

@@ -186,7 +186,7 @@ SQL auto check helps developers write less buggy SQL and save DBAs manual review
 
 - **Flyway**: Not supported.
 
-- **Bytebase**: With centralized [SQL Editor](/docs/sql-editor/overview/), data access is [controlled](/docs/security/data-access-control/), [reviewed](/docs/security/data-query/), [audit-logged](/docs/security/audit-log/). Also provide [data masking](/docs/sql-editor/mask-data/), [watermark](/docs/security/watermark/).
+- **Bytebase**: With centralized [SQL Editor](/docs/sql-editor/overview/), data access is [controlled](/docs/security/database-permission/overview/), [reviewed](/docs/security/database-permission/query/), [audit-logged](/docs/security/audit-log/). Also provide [data masking](/docs/sql-editor/mask-data/), [watermark](/docs/security/watermark/).
 
   ![bytebase-sql-editor](/content/blog/bytebase-vs-flyway/bytebase-sql-editor.webp)
 

content/blog/bytebase-vs-liquibase.md

@@ -184,7 +184,7 @@ SQL auto check helps developers write less buggy SQL and save DBAs manual review
 
 - **Liquibase**: Not supported.
 
-- **Bytebase**: With centralized [SQL Editor](/docs/sql-editor/overview/), data access is [controlled](/docs/security/data-access-control/), [reviewed](/docs/security/data-query/), [audit-logged](/docs/security/audit-log/). Also provide [data masking](/docs/sql-editor/mask-data/), [watermark](/docs/security/watermark/).
+- **Bytebase**: With centralized [SQL Editor](/docs/sql-editor/overview/), data access is [controlled](/docs/security/database-permission/overview/), [reviewed](/docs/security/database-permission/query/), [audit-logged](/docs/security/audit-log/). Also provide [data masking](/docs/sql-editor/mask-data/), [watermark](/docs/security/watermark/).
 
   ![bytebase-sql-editor](/content/blog/bytebase-vs-liquibase/bytebase-sql-editor.webp)
 

content/blog/database-compliance-for-gdpr.md

@@ -72,7 +72,7 @@ To ensure GDPR compliance for these database operations, organizations must rest
 
 <HintBlock type="info">
 
-Bytebase is a single place to provide [access control](/docs/security/data-access-control/), [review workflow](/docs/change-database/change-workflow/), [data masking](/docs/security/data-masking/overview/), [audit logging](/docs/security/audit-log/) for all database development operations for all database systems.
+Bytebase is a single place to provide [access control](/docs/security/database-permission/overview/), [review workflow](/docs/change-database/change-workflow/), [data masking](/docs/security/data-masking/overview/), [audit logging](/docs/security/audit-log/) for all database development operations for all database systems.
 
 </HintBlock>
 

content/blog/ev-manufacturer-case-study.md

@@ -81,4 +81,4 @@ The ultimate goal is to improve collaboration, rather than enforce strict contro
 
 ## To Wrap Up
 
-Currently, the EV manufacturer is still continuously optimizing their database management process and exploring more Bytebase capabilities such as [optimizing slow queries](/docs/slow-query/overview/) and [anonymizing data](/docs/security/mask-data/) to further empower the developer team. Stay tuned for a follow-up.
+Currently, the EV manufacturer is still continuously optimizing their database management process and exploring more Bytebase capabilities such as [optimizing slow queries](/docs/slow-query/overview/) and [anonymizing data](/docs/security/data-masking/overview/) to further empower the developer team. Stay tuned for a follow-up.

content/blog/planetscale-vs-neon.md

@@ -225,7 +225,7 @@ Both PlanetScale and Neon could become the next MongoDB / Snowflake for modern R
 
 ---
 
-BTW, if you still stick with vanilla MySQL/Postgres and want PlanetScale's database change workflow or Neon's visual SQL Editor, please check out [Bytebase](/). Bytebase is a database tool for all mainstream databases, covering database change, query, security and governance all-in-one. It provides more customizable [change workflow](/docs/concepts/database-change-workflow/) and visual [SQL Editor](/docs/sql-editor/overview/) integrated with [access control](/docs/security/data-access-control/) and [data masking](/docs/security/mask-data/).
+BTW, if you still stick with vanilla MySQL/Postgres and want PlanetScale's database change workflow or Neon's visual SQL Editor, please check out [Bytebase](/). Bytebase is a database tool for all mainstream databases, covering database change, query, security and governance all-in-one. It provides more customizable [change workflow](/docs/concepts/database-change-workflow/) and visual [SQL Editor](/docs/sql-editor/overview/) integrated with [access control](/docs/security/database-permission/overview/) and [data masking](/docs/security/data-masking/overview/).
 
 ![change-query-secure-govern-database-all-in-one](/images/db-scheme-lg.png)