Skip to content

Commit e695287

Browse files
dada-dududada-dudu
authored
Update roles-and-permissions.md (#214)
- Update total number of quotas - Shorten permission description
1 parent a21b975 commit e695287

File tree

1 file changed

+38
-38
lines changed

1 file changed

+38
-38
lines changed

docs/configuration/roles-and-permissions.md

Lines changed: 38 additions & 38 deletions
Original file line numberDiff line numberDiff line change
@@ -11,24 +11,24 @@ NOTE: Admin privileges are not part of the user role.
1111

1212
## User Roles
1313

14-
A user role is comprised of up to 10 permissions and up to 6 quotas. If a permissions or a quote is not specifically set in a role, the permission is assumed to be given (default value = True) and no quota is applied (default value = no value or empty string).
14+
A user role is comprised of up to 10 permissions and up to 7 quotas. If a permissions or a quote is not specifically set in a role, the permission is assumed to be given (default value = True) and no quota is applied (default value = no value or empty string).
1515

1616
### User Permissions
1717

1818
The following permissions are supported in user roles:
1919

20-
| Permission | Added in version | Description | Additional information |
20+
| Permission | Added in version | Permission to ... | Additional information |
2121
| ------------------------------ | ---------------- | ---------------------------------------------------------------------------------------------------------------------------------------------------------------- | --------------------------------------------------------------------------------------------------------------------------------------------- |
22-
| can_add_dtable | 1.0 | Permission to create bases | If set to False, the user cannot create bases, neither under "My bases" nor in groups. |
23-
| can_add_group | 1.0 | Permission to create groups | If set to False, the user cannot create groups. The permission can_add_dtable is necessary to create bases inside a group. |
24-
| can_generate_external_link | 1.0 | Permission to create external links | If set to False, the user cannot create external links. (The menu item "External link" in the share dialog is hidden.) |
25-
| can_create_common_dataset | 1.0 | Permission to create common datasets (CDS) | If set to False, the user cannot create CDS. |
26-
| can_use_advanced_permissions | 1.1 | Permission to use advanced permissions | Advanced permissions include table permissions, column permissions, view share, custom sharing permissions, row locking. |
27-
| can_run_python_script | 1.4 | Permission to run Python scripts | If set to False, the action "Run script" in the button column and "Run script" in the script side panel are disabled; in automation rules, the action "Run Python script" is not available. The execution of Python scripts requires the installation of [Python Pipeline](../installation/components/python-pipeline.md). Does not apply to org users and group bases. |
28-
| can_use_advanced_customization | 2.0 | Permission to use advanced customizations | Advanced customization includes base security settings. |
29-
| can_use_external_app | 2.2 | Permission to create and manage apps | If set to False, the user cannot create apps or access apps in edit mode. (The app-icon is hidden in the base.) |
30-
| can_use_automation_rules | 2.2 | Permission to create and manage automation rules | If set to False, the user cannot create or modify automation rules. (The menu item "Automation rules" is hidden in the base.) Does not apply to org users and group bases. |
31-
| can_archive_rows | 2.3 | Permission to manage big data and move rows into the big data storage | If set to False, the user cannot enable/disable big data management in a base, nor can the user move rows into the big data storage; if set to False, but big data is enabled in a base, the user can create and access big data views as well as unarchive rows. |
22+
| can_add_dtable | 1.0 | Create bases | If set to False, the user cannot create bases, neither under "My bases" nor in groups. |
23+
| can_add_group | 1.0 | Create groups | If set to False, the user cannot create groups. The permission can_add_dtable is necessary to create bases inside a group. |
24+
| can_generate_external_link | 1.0 | Create external links | If set to False, the user cannot create external links. (The menu item "External link" in the share dialog is hidden.) |
25+
| can_create_common_dataset | 1.0 | Create common datasets (CDS) | If set to False, the user cannot create CDS. |
26+
| can_use_advanced_permissions | 1.1 | Use advanced permissions | Advanced permissions include table permissions, column permissions, view share, custom sharing permissions, and row locking. |
27+
| can_run_python_script | 1.4 | Run Python scripts | If set to False, the action "Run script" in the button column and "Run script" in the script side panel are disabled; in automation rules, the action "Run Python script" is not available. The execution of Python scripts requires the installation of [Python Pipeline](../installation/components/python-pipeline.md). Does not apply to org users and group bases. |
28+
| can_use_advanced_customization | 2.0 | Use advanced customizations | Advanced customization includes custom team logo, custom form logo, custom URL for forms and app, base security settings, and role permissions in apps. |
29+
| can_use_external_app | 2.2 | Create and manage apps | If set to False, the user cannot create apps or access apps in edit mode. (The app-icon is hidden in the base.) |
30+
| can_use_automation_rules | 2.2 | Create and manage automation rules | If set to False, the user cannot create or modify automation rules. (The menu item "Automation rules" is hidden in the base.) Does not apply to org users and group bases. |
31+
| can_archive_rows | 2.3 | Manage big data and move rows into the big data storage | If set to False, the user cannot enable/disable big data management in a base, nor can the user move rows into the big data storage; if set to False, but big data is enabled in a base, the user can create and access big data views as well as unarchive rows. |
3232

3333
The default value for all permissions is True. This means that if a permission is not specifically set, the role grants the permission.
3434

@@ -40,8 +40,8 @@ The following quotas are supported in user roles:
4040
| ------------------------------ | ---------------- | ---------------------------------------------------------------------------------------------------------------------------------------------------------------- | --------------------------------------------------------------------------------------------------------------------------------------------- |
4141
| role_asset_quota | 1.0 | Total storage quota for all personal bases: '1G' means a limit of one gigabyte for files and images (assets); '' means no storage quota for assets | Assets in shared bases owned by another user and assets in group bases do not count against the storage quota. Does NOT apply to org users. |
4242
| row_limit | 1.0 | Total row limit for all personal bases: 10000 means a limit of 10 000 rows; -1 means no row limit | Rows in shared bases owned by another user, rows in group bases, and rows in the big data storage do not count against the row limit. Does NOT apply to org users. |
43-
| big_data_row_limit | 3.1 | Total row limit in big data storage for all bases: 100000 means a limit of 100 000 rows | This item is used for the role of teams rather than users. Does NOT apply to org users. |
44-
| big_data_storage_quota | 4.3 | Total storage quota for all bases in big data storage: '1G' means a limit of one gigabyte; '' means no storage quota for big data storage. This quota doesn't include assets storage (file and image columns), which are stored outside of the bases. | This item is used for the role of teams rather than users. Does NOT apply to org users. |
43+
| big_data_row_limit | 3.1 | Total row limit in big data storage for all bases: 100000 means a limit of 100 000 rows | This item is used for the role of teams rather than users. Does NOT apply to org users. |
44+
| big_data_storage_quota | 4.3 | Total storage quota for all bases in big data storage: '1G' means a limit of one gigabyte; '' means no storage quota for big data storage. | Assets in rows in the big data storage do not count against this quota. This item is used for the role of teams rather than users. Does NOT apply to org users. |
4545
| scripts_running_limit | 2.3 | Total number of _Python_ scripts run within a month: 100 means 100 script runs per month; -1 means unlimited script runs | The script run counter is reset at the beginning of every month. |
4646
| snapshot_days | 2.1 | Retention period for snapshots in days: 180 means a storage period of 180 days; no value means an unlimited retention period | Snapshots older than the retention period are automatically removed. |
4747
| share_limit | | Max number of users a base can be shared with: 100 means a base can be shared with 100 users | |
@@ -59,41 +59,41 @@ ENABLED_ROLE_PERMISSIONS = {
5959
'can_add_dtable': True,
6060
'can_add_group': True,
6161
'can_generate_external_link': True,
62-
'role_asset_quota': '',
63-
'row_limit': -1,
6462
'can_create_common_dataset': True,
6563
'can_run_python_script': True,
66-
'scripts_running_limit': -1,
6764
'can_use_advanced_permissions': True,
6865
'can_use_advanced_customization': True,
6966
'can_use_external_app': True,
7067
'can_use_automation_rules': True,
71-
'snapshot_days': 180,
72-
'share_limit': 100,
7368
'can_archive_rows': True,
74-
'big_data_row_limit': -1
69+
'role_asset_quota': '',
70+
'row_limit': -1,
71+
'big_data_row_limit': -1,
72+
'big_data_storage_quota': '',
73+
'scripts_running_limit': -1,
74+
'snapshot_days': 180,
75+
'share_limit': 100
7576
},
7677
'guest': {
7778
'can_add_dtable': False,
7879
'can_add_group': False,
7980
'can_generate_external_link': False,
80-
'role_asset_quota': '',
81-
'row_limit': -1,
8281
'can_create_common_dataset': False,
8382
'can_run_python_script': False,
84-
'scripts_running_limit': -1,
8583
'can_use_advanced_permissions': False,
8684
'can_use_advanced_customization': False,
8785
'can_use_external_app': False,
8886
'can_use_automation_rules': False,
87+
'can_archive_rows': False,
88+
'role_asset_quota': '',
89+
'row_limit': -1,
8990
'snapshot_days': 30,
90-
'share_limit': 100,
91-
'can_archive_rows': False
91+
'share_limit': 100
9292
},
9393
}
9494
```
9595

96-
If you want to modify the permissions and quotes of either or both standard roles, copy-and-past the above codeblock into `dtable_web_settings.py` and modify as per your needs. Restart SeaTable for the changes to take effect.
96+
If you want to modify the permissions and quotes of either or both standard roles, copy-and-paste the above codeblock into `dtable_web_settings.py` and modify as per your needs. Restart SeaTable for the changes to take effect.
9797

9898
### Custom User Roles
9999

@@ -121,18 +121,18 @@ Similar to a user role, an administrator role is comprised of several permission
121121

122122
The following permissions are supported in administrator roles:
123123

124-
| Permission | Added in version | Description | Additional information |
125-
| ------------------------------ | ---------------- | ---------------------------------------------------------------------------------------------------------------------------------------------------------------- | --------------------------------------------------------------------------------------------------------------------------------------------- |
126-
| can_view_system_info | 1.0 | Permission to see/access "Info" menu in System admin | |
127-
| can_view_statistic | 1.0 | Permission to see/access "Statistic" menu in System admin | |
128-
| can_config_system | 1.0 | Permission to see/access "Settings" menu in System admin | |
129-
| can_manage_user | 1.0 | Permission to see/access "Users" menu in System admin | |
130-
| can_manage_group | 1.0 | Permission to see/access "Groups" menu in System admin | |
131-
| can_manage_external_link | 1.0 | Permission to see/access "External links" menu in System admin | |
132-
| can_view_admin_log | 1.0 | Permission to see/access "Admin logs" menu in System admin | |
133-
| can_manage_user_log | 1.0 | Permission to see/access the tab "Login logs" in "Audit logs" menu in System admin | |
134-
| can_manage_audit_log | 1.0 | Permission to see/access the tabs "Action logs" and "File access logs" in "Audit logs" menu in System admin | |
135-
| can_manage_organization | 1.0 | Permission to see/access "Organizations" menu in System admin | |
124+
| Permission | Added in version | Permission to ... | Additional information |
125+
| ------------------------------ | ---------------- | --------------------------------------------------------------------------------------------------------- | --------------------------------------------------------------------------------------------------------------------------------------------- |
126+
| can_view_system_info | 1.0 | See/access "Info" menu in System admin | |
127+
| can_view_statistic | 1.0 | See/access "Statistic" menu in System admin | |
128+
| can_config_system | 1.0 | See/access "Settings" menu in System admin | |
129+
| can_manage_user | 1.0 | See/access "Users" menu in System admin | |
130+
| can_manage_group | 1.0 | See/access "Groups" menu in System admin | |
131+
| can_manage_external_link | 1.0 | See/access "External links" menu in System admin | |
132+
| can_view_admin_log | 1.0 | See/access "Admin logs" menu in System admin | |
133+
| can_manage_user_log | 1.0 | See/access the tab "Login logs" in "Audit logs" menu in System admin | |
134+
| can_manage_audit_log | 1.0 | See/access the tabs "Action logs" and "File access logs" in "Audit logs" menu in System admin | |
135+
| can_manage_organization | 1.0 | See/access "Organizations" menu in System admin | |
136136

137137

138138
### Standard Admininstrator Roles

0 commit comments

Comments
 (0)