Developer Permission Control User Guide
This feature is supported starting from WeDa private deployment v1.4.12. If you are using an earlier version, please upgrade to v1.4.12 or higher first.
This document will guide you through configuring and managing developer permissions in the WeDa private deployment environment, including core functions such as role management, permission configuration, and user management.
1. Feature Overview
The developer permission control module is a core security management feature of the WeDa private deployment platform, providing a complete user role and permission management solution.
- Role Management: Supports system preset roles and custom role management
- Permission Configuration: Fine-grained development environment permission control
- User Management: Developer user creation, editing, and role association
2. Core Concepts
2.1 Role Types
The WeDa private deployment platform provides two types of role management mechanisms:
| Role Type | Description | Characteristics |
|---|---|---|
| System Roles | System preset roles, including "Developer Administrator" and "Regular Developer" | Cannot be deleted |
| Custom Roles | User-created roles with configurable development environment permissions | Flexible configuration with fine-grained permission control |
2.2 System Role Details
Developer Administrator
- Role Identifier:
developerAdmin - Permission Scope: Has all permissions on the development platform
- Acquisition Method:
- Initial Acquisition: The system automatically delivers the initial administrator account during software environment initialization
- Adding New Administrators: Add through the "Configure Members" function on the "Developer Permission Control" page
- Use Cases: Platform management, permission configuration, user management, and other administrative operations
Regular Developer
- Role Identifier:
developer - Permission Scope: No permissions by default, can be customized through permission configuration
- Acquisition Method: New users created in developer management are associated with regular developer by default, supports manual removal
- Use Cases: By default, can log into the development platform but has no permissions to access data models, WeDa applications, etc. Permission scope can be customized
2.3 License Activation Mechanism
Users must be associated with the built-in "Regular Developer" or "Developer Administrator" role to log into the software platform. After successful login, it will automatically activate and consume one developer quota from the License.
3. Developer Permission Control
3.1 Access Entry
Navigation Path: Extended Capabilities → Identity Authentication → Developer Permission Control
3.2 System Role Management
System roles are preset roles that support the following operations:
| Role | Available Operations |
|---|---|
| Developer Administrator | Configure Members |
| Regular Developer | Configure Members, Configure Permissions |
Configure Members Operation
- Select the target role card
- Click the "Configure Members" button
- Select users to associate
- Save configuration
3.3 Permission Policy Configuration
Permission configuration is divided into three core modules, each providing fine-grained permission control:
Data Model Permissions
| Permission Item | Description |
|---|---|
| Create/Delete Data Models | Allow creation and deletion of data models |
| Manage Data Models | Manage configuration and structure of existing data models |
| All Data Models (Including New) | Access all data models, including future new data models |
| Experience Data | Operate data content in the experience environment |
| Production Data | Operate data content in the production environment |
Custom Database Permissions
| Permission Item | Description |
|---|---|
| Create/Delete Custom Databases | Allow creation and deletion of custom database connections |
| Manage Custom Databases | Manage existing database connections and configurations |
| All Custom Databases (Including New) | Access all custom databases, including future new databases |
WeDa Application Permissions
| Permission Item | Description |
|---|---|
| Create WeDa Applications | Allow creation of new WeDa applications |
| Manage WeDa Applications | Manage configuration and publishing of existing WeDa applications |
| All WeDa Applications (Including New) | Access all WeDa applications, including future new applications |
Permission Configuration Operation Flow
- Enter the "Developer Permission Control" page
- Select the role to configure
- Click the "Configure Permissions" button
- Check the required permission items
- Click "Modify" to save configuration
3.4 Custom Role Management
Create Custom Role
- Click the "Create Role" button
- Fill in basic role information:
- Role Name: Set an easily recognizable role name
- Role Description: Detailed description of the role's purpose and permission scope
- Save role configuration
Configure Role Permissions
- Click "Configure Permissions" in the role card
- Set permissions according to 3.3 Permission Policy Configuration
- Save permission configuration
Manage Role Members
- Click the "⋯" menu in the role card for more operations
- Supports manual addition and removal of members
- Supports batch member management
Custom roles are integrated with cloud backend custom roles. You can configure development environment permissions for custom roles, but users must also be associated with the built-in "Regular Developer" or "Developer Administrator" role to log into the development platform.
4. Developer Management
4.1 Access Entry
Navigation Path: Extended Capabilities → Identity Authentication → Developer Management
4.2 User Information Display
The developer management page displays detailed information for all users:
| Field | Description |
|---|---|
| User Source | User creation source (e.g., self-built, imported, etc.) |
| Username | User login account |
| User Nickname | User display name |
| Phone Number | Bound phone number |
| Avatar | User avatar image |
| Bound email address | |
| Account Status | Activated/Not Activated |
| Associated Roles | Development environment roles currently associated with the user |
| Last Login | Last login time record |
The "Associated Roles" in the user list only displays development environment related roles. To view runtime system role permissions, please go to the cloud backend.
4.3 User Management Operations
Create New User
- Click the "Create User" button
- Fill in basic user information:
- Username (login account)
- User nickname
- Phone number
- Email address
- Associate appropriate roles (defaults to "Regular Developer")
- Save user information
User Operation Management
- Details: View user's detailed information and permission configuration
- Edit: Modify user basic information and role associations
- Delete: Delete user account (use with caution)
- Manage Roles: Quick jump to permission control page
Search and Filter
- Username Search: Supports fuzzy search by username
- Source Filter: Filter by user source (self-built, imported, etc.)
- Status Filter: Filter by account status (activated/not activated)
5. Operation Flow Guide
5.1 New User Onboarding Flow
Detailed Steps:
1. Create new user on "Developer Management" page
↓
2. Automatically associate [Regular Developer] role, activate and consume developer quota from license
↓
3. (Optional) Associate custom roles for refined permission control
↓
4. User logs into development platform using account
5.2 Permission Configuration Flow
Detailed Steps:
1. Enter "Developer Permission Control" page
↓
2. Select system role or create custom role
↓
3. Click "Configure Permissions" to enter permission configuration
↓
4. Check required permissions (Data Models/Custom Databases/WeDa Applications)
↓
5. Click "Modify" to save configuration
6. Frequently Asked Questions
Q1: Why can't a user log into the development platform even though they are associated with a custom role?
Answer: Users must be associated with the built-in "Regular Developer" or "Developer Administrator" role to log into the development platform. Custom roles are only used for refined permission control and cannot serve as login credentials alone.
Solution:
- Confirm the user is associated with "Regular Developer" or "Developer Administrator" role
- Check if the user account status is "Activated"
- Verify if License quota is sufficient
Q2: How to add new developer administrators?
Answer: Developer administrator accounts are automatically delivered by the system during software environment initialization. After environment initialization is complete, follow these steps to add new ones:
- Go to "Identity Authentication" → "Developer Permission Control" page
- Find the "Developer Administrator" role card
- Click the "Configure Members" button
- Select users to grant administrator permissions and save
Q3: Will user activation consume License developer quota?
Answer: Yes. After users are associated with "Regular Developer" or "Developer Administrator" roles and successfully log into the software platform, it will activate and consume one License developer quota.
License Management Recommendations:
- Regularly check License usage
- Promptly remove role associations for inactive users
- Reasonably plan user count and License quota
Q4: What is the relationship between custom roles and cloud backend roles?
Answer: Custom roles are integrated with cloud backend custom roles. You can configure development environment (development platform) access policies here. To configure runtime (business application) access permissions, please go to the cloud backend.
Permission Scope Description:
- Development Environment Permissions: Control user operation permissions in the development platform
- Runtime Permissions: Control user access permissions in business applications
7. Best Practices
7.1 Role Design Principles
- Principle of Least Privilege: Users only get the minimum permissions needed to complete their work
- Role Separation: Design different custom roles based on different responsibilities
- Regular Review: Regularly check and adjust user permission configurations
- Documentation: Maintain documentation of permission configurations for management and auditing
7.2 User Management Recommendations
- Standardized Naming: Use unified user naming conventions
- Timely Updates: Update permissions promptly when users leave or change roles
- Monitor Usage: Regularly monitor user login and operation activities
- Backup Configuration: Important permission configurations should be backed up
7.3 Security Considerations
- Administrator Permissions: Carefully assign developer administrator permissions to avoid privilege abuse
- Regular Audits: Regularly audit user permissions and operation logs
- Password Security: Require users to use strong passwords and change them regularly
- Access Control: Combine with network access control policies to enhance overall security
Through this guide, you have mastered the complete usage of developer permission control in the WeDa private deployment environment. Proper permission management not only ensures platform security but also improves team collaboration efficiency. If you have other questions, please refer to relevant technical documentation or contact technical support.