Row-Level Permissions

Feature Overview

The row-level permissions feature is used to control the data scope that different users can access. By configuring permission rules, administrators can restrict users to only view data rows that meet specific conditions, ensuring data access security and isolation. For example, restricting a user to only view order data for "2022" and "2023".

Configuration Process

Step	Demo	Logic Description
0. Feature Entry
1. Define Permission Rules		Specify the data table and filter fields for the permission rule 1. Enter the "Row-Level Permissions" page 2. Click the "+ Define New Row-Level Permission" button in the upper right corner 3. Fill in the permission name 4. Select the data table to control 5. Select the field for filtering 6. Save the rule
2. Configure Permission Scope		Apply the permission rule to specific users and set their accessible data scope 1. In the permission rule list, select the created rule 2. Add users to whom the rule should be applied 3. Set the accessible field values for each user 4. Save the configuration

Permission Effects

Example

Taking the Hong Kong catering industry as an example:

• Before configuration: Users can view order data from 2018-2025

• After configuration (accessible years set to "2022, 2023"): Users can only see order data for 2022 and 2023

Notes

1. It is recommended to use meaningful names for permission rules (e.g., "North China Region Data Permissions") for easier subsequent management

2. After row-level permissions take effect, query results generated by the Agent are automatically filtered by the permission scope

3. A user can be covered by multiple permission rules. Please verify that the combined data scope across rules meets expectations

4. Permission rule modifications take effect immediately without requiring restarts or additional operations

5. It is recommended to regularly review permission configurations to ensure consistency with business requirements