Skip to content

docs(FR-2909): align RBAC manual with revoke confirmation modal and refresh screenshots #7463

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Open
ironAiken2 wants to merge 1 commit into
base: 05-15-docs_rbac_align_with_revoke_remove_confirmation_flow_and_localized_scope_names
Choose a base branch
from
Open

docs(FR-2909): align RBAC manual with revoke confirmation modal and refresh screenshots #7463

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
2 changes: 1 addition & 1 deletion packages/backend.ai-webui-docs/src/en/admin_menu/admin_menu.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -1416,7 +1416,7 @@ This page is only for showing current information.
RBAC (Role-Based Access Control) Management allows superadmins to define roles with fine-grained permissions and assign them to users. You can control which actions specific users are allowed to perform on various resources throughout the Backend.AI system.

:::note
RBAC Management is only available to superadmins and requires Backend.AI Manager version 25.4.0 or later.
RBAC Management is only available to superadmins and requires Backend.AI Manager version 26.4.0 or later.
:::

For detailed information about managing roles, permissions, and user assignments, refer to the dedicated [RBAC Management](#rbac-management) page.
Binary file modified packages/backend.ai-webui-docs/src/en/images/rbac_permission_modal.png
View file
Open in desktop
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
Binary file modified packages/backend.ai-webui-docs/src/en/images/rbac_revoke_popconfirm.png
View file
Open in desktop
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
Binary file modified packages/backend.ai-webui-docs/src/en/images/rbac_role_detail_drawer.png
View file
Open in desktop
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
Binary file modified packages/backend.ai-webui-docs/src/en/images/rbac_role_scope_tab.png
View file
Open in desktop
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
25 changes: 8 additions & 17 deletions packages/backend.ai-webui-docs/src/en/rbac_management/rbac_management.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -5,7 +5,7 @@
RBAC (Role-Based Access Control) Management allows superadmins to define roles with fine-grained permissions and assign them to users. With RBAC, you can control which actions specific users are allowed to perform on various resources throughout the Backend.AI system.

:::note
RBAC Management is only available to superadmins and requires Backend.AI Manager version 25.4.0 or later.
RBAC Management is only available to superadmins and requires Backend.AI Manager version 26.4.0 or later.
:::

To access the RBAC Management page, click **RBAC Management** in the **Admin Settings** section of the sidebar menu.
Expand Down Expand Up @@ -97,19 +97,6 @@ To edit a custom role's name or description:
The Edit button is only available for Custom roles. System roles cannot have their name or description modified. Scopes cannot be modified after role creation in either case.
:::

### Role Status Management

Roles have two statuses that you can manage from the role list:

- **Active**: The role is currently in effect. You can **Deactivate** an active role to temporarily suspend it.
- **Inactive**: The role is suspended. You can **Activate** an inactive role to restore it, or **Purge** it to permanently remove it.

Each role row displays a **Deactivate** action button when viewing **Active** roles, or **Activate** and **Purge Role** action buttons when viewing **Inactive** roles.

:::danger
Purging a role is irreversible. The role and all its associated data will be permanently removed. You must remove all user assignments and permissions from the role before purging.
:::

## View Role Scopes

The **Scopes** tab in the role detail drawer lists the scope entries that were assigned to the role at creation time. Each entry constrains the set of targets that permissions on this role can reference.
Expand Down Expand Up @@ -205,9 +192,13 @@ The **Role Assignments** tab in the role detail drawer shows which users are ass

### Revoke Users from a Role

1. In the **Role Assignments** tab, click the **Revoke User** button next to the user you want to remove
2. A small confirmation popup appears anchored to the button. Click **OK** to revoke the assignment, or **Cancel** to dismiss.
1. In the **Role Assignments** tab, click the revoke (trash) icon button next to the user you want to remove
2. A **Revoke User** confirmation modal opens. Type **`Permanently Delete`** into the input field exactly as shown — the **Revoke User** button stays disabled until the entered text matches. Click **Revoke User** to confirm, or **Cancel** to dismiss.

![](../images/rbac_revoke_popconfirm.png)

Revoking a user removes only that user's assignment to this role; the role itself and its other assignments are kept, and the user can be added back from **Add User** at any time. Because the action is reversible, it uses a lightweight popup confirmation rather than a typed-name confirmation modal.
Revoking a user removes only that user's assignment to this role; the role itself and its other assignments remain unchanged.

:::danger
Revoking a user from a role cannot be undone. The confirmation modal requires you to type `Permanently Delete` before the **Revoke User** button is enabled.
:::
2 changes: 1 addition & 1 deletion packages/backend.ai-webui-docs/src/ja/admin_menu/admin_menu.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -1332,7 +1332,7 @@ Backend.AIの各コンポーネントに互換性があるかどうかを確認
RBAC(ロールベースアクセス制御)管理では、スーパー管理者がきめ細かい権限を持つロールを定義し、ユーザーに割り当てることができます。Backend.AIシステム全体で特定のユーザーがさまざまなリソースに対して実行できる操作を制御できます。

:::note
RBAC管理はスーパー管理者のみが利用でき、Backend.AI Managerバージョン25.4.0以降が必要です。
RBAC管理はスーパー管理者のみが利用でき、Backend.AI Managerバージョン26.4.0以降が必要です。
:::

ロール、権限、ユーザー割り当ての管理の詳細については、[RBAC管理](#rbac-management)ページを参照してください。
Binary file modified packages/backend.ai-webui-docs/src/ja/images/rbac_permission_modal.png
View file
Open in desktop
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
Binary file modified packages/backend.ai-webui-docs/src/ja/images/rbac_revoke_popconfirm.png
View file
Open in desktop
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
Binary file modified packages/backend.ai-webui-docs/src/ja/images/rbac_role_detail_drawer.png
View file
Open in desktop
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
Binary file modified packages/backend.ai-webui-docs/src/ja/images/rbac_role_scope_tab.png
View file
Open in desktop
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
25 changes: 8 additions & 17 deletions packages/backend.ai-webui-docs/src/ja/rbac_management/rbac_management.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -5,7 +5,7 @@
RBAC(ロールベースアクセス制御)管理では、スーパー管理者がきめ細かい権限を持つロールを定義し、ユーザーに割り当てることができます。RBACを使用すると、Backend.AIシステム全体で特定のユーザーがさまざまなリソースに対して実行できる操作を制御できます。

:::note
RBAC管理はスーパー管理者のみが利用でき、Backend.AI Managerバージョン25.4.0以降が必要です。
RBAC管理はスーパー管理者のみが利用でき、Backend.AI Managerバージョン26.4.0以降が必要です。
:::

RBAC管理ページにアクセスするには、サイドバーメニューの**管理者設定**セクションで**RBAC管理**をクリックします。
Expand Down Expand Up @@ -97,19 +97,6 @@ RBAC管理ページにアクセスするには、サイドバーメニューの*
編集ボタンはカスタムロールでのみ利用可能です。システムロールの名前や説明は変更できません。また、どちらの場合もロール作成後にスコープを変更することはできません。
:::

### ロールのステータス管理

ロール一覧から管理できる2つのステータスがあります:

- **アクティブ**: ロールが現在有効です。アクティブなロールを**非アクティブ化**して一時的に停止できます。
- **非アクティブ**: ロールが停止中です。非アクティブなロールを**アクティブ化**して復元するか、**完全に削除**して永久に削除できます。

ロール一覧の各行には、**アクティブ**なロールを表示しているときは**非アクティブ化**ボタン、**非アクティブ**なロールを表示しているときは**アクティブ化**と**ロールを完全に削除**ボタンが表示されます。

:::danger
ロールの完全削除は元に戻せません。ロールとすべての関連データが永久に削除されます。完全削除する前に、ロールのすべてのユーザー割り当てと権限を先に削除する必要があります。
:::

## ロールのスコープ表示

ロール詳細パネルの**スコープ**タブには、ロール作成時に割り当てられたスコープエントリが一覧表示されます。各エントリは、このロールの権限が参照できる対象の集合を制限します。
Expand Down Expand Up @@ -205,9 +192,13 @@ RBAC管理ページにアクセスするには、サイドバーメニューの*

### ロールからユーザーを解除

1. **ロール割り当て**タブで、解除するユーザーの横にある**ロールからユーザーを外す**ボタンをクリックします
2. ボタンに連動した小さな確認ポップアップが表示されます。**OK**をクリックして割り当てを解除するか、**キャンセル**で閉じます。
1. **ロール割り当て**タブで、解除するユーザーの横にある解除(ゴミ箱)アイコンボタンをクリックします
2. **ロールからユーザーを外す**確認モーダルが開きます。入力欄に**`完全に削除`**を表示どおり正確に入力する必要があり、入力したテキストが一致するまで**ロールからユーザーを外す**ボタンは無効のままです。**ロールからユーザーを外す**をクリックして確定するか、**キャンセル**で閉じます。

![](../images/rbac_revoke_popconfirm.png)

ユーザーを解除すると、そのユーザーのこのロールへの割り当てだけが取り除かれ、ロール自体や他の割り当ては保持されます。**ユーザーを追加**から同じユーザーをいつでも追加し直せます。この操作は元に戻せるため、名前を入力して確認するモーダルではなく軽量なポップアップ確認を使用します。
ユーザーを解除すると、そのユーザーのこのロールへの割り当てだけが取り除かれ、ロール自体や他の割り当ては保持されます。

:::danger
ロールからユーザーを解除する操作は元に戻せません。確認モーダルで**ロールからユーザーを外す**ボタンを有効にするには、`完全に削除`と入力する必要があります。
:::
2 changes: 1 addition & 1 deletion packages/backend.ai-webui-docs/src/ko/admin_menu/admin_menu.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -1146,7 +1146,7 @@ Information 페이지에서 각 기능의 여러 상세 정보와 상태를 볼
RBAC(역할 기반 접근 제어) 관리를 통해 슈퍼어드민은 세분화된 권한이 포함된 역할을 정의하고 사용자에게 할당할 수 있습니다. Backend.AI 시스템 전반에서 특정 사용자가 다양한 리소스에 대해 수행할 수 있는 작업을 제어할 수 있습니다.

:::note
RBAC 관리는 슈퍼어드민만 사용할 수 있으며, Backend.AI Manager 25.4.0 이상 버전이 필요합니다.
RBAC 관리는 슈퍼어드민만 사용할 수 있으며, Backend.AI Manager 26.4.0 이상 버전이 필요합니다.
:::

역할, 권한 및 사용자 할당 관리에 대한 자세한 정보는 [RBAC 관리](#rbac-management) 페이지를 참고하세요.
Binary file modified packages/backend.ai-webui-docs/src/ko/images/rbac_permission_modal.png
View file
Open in desktop
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
Binary file modified packages/backend.ai-webui-docs/src/ko/images/rbac_revoke_popconfirm.png
View file
Open in desktop
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
Binary file modified packages/backend.ai-webui-docs/src/ko/images/rbac_role_detail_drawer.png
View file
Open in desktop
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
Binary file modified packages/backend.ai-webui-docs/src/ko/images/rbac_role_scope_tab.png
View file
Open in desktop
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
25 changes: 8 additions & 17 deletions packages/backend.ai-webui-docs/src/ko/rbac_management/rbac_management.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -5,7 +5,7 @@
RBAC(역할 기반 접근 제어) 관리를 통해 슈퍼관리자는 세분화된 세부 권한을 묶은 역할을 정의하고 사용자에게 할당할 수 있습니다. RBAC를 사용하면 Backend.AI 시스템 전반에서 특정 사용자가 다양한 리소스에 대해 수행할 수 있는 동작을 제어할 수 있습니다.

:::note
RBAC 관리는 슈퍼관리자만 사용할 수 있으며, Backend.AI Manager 25.4.0 이상 버전이 필요합니다.
RBAC 관리는 슈퍼관리자만 사용할 수 있으며, Backend.AI Manager 26.4.0 이상 버전이 필요합니다.
:::

RBAC 관리 페이지에 접근하려면 사이드바 메뉴의 **관리자 설정** 섹션에서 **RBAC 관리**를 클릭합니다.
Expand Down Expand Up @@ -97,19 +97,6 @@ RBAC 관리 페이지에 접근하려면 사이드바 메뉴의 **관리자 설
편집 버튼은 사용자 정의 역할에서만 사용할 수 있습니다. 시스템 역할의 이름이나 설명은 수정할 수 없습니다. 또한 역할 생성 후에는 어느 경우에도 적용 범위를 수정할 수 없습니다.
:::

### 역할 상태 관리

역할 목록에서 관리할 수 있는 두 가지 상태가 있습니다:

- **활성**: 역할이 현재 적용 중입니다. 활성 역할을 **비활성화**하여 일시적으로 중단할 수 있습니다.
- **비활성**: 역할이 중단된 상태입니다. 비활성 역할을 **활성화**하여 복원하거나, **영구 삭제**하여 완전히 제거할 수 있습니다.

역할 목록의 각 행에는 **활성** 역할을 볼 때 **비활성화** 버튼이, **비활성** 역할을 볼 때 **활성화** 및 **영구 삭제** 버튼이 표시됩니다.

:::danger
역할 영구 삭제는 되돌릴 수 없습니다. 역할과 모든 관련 데이터가 영구적으로 제거됩니다. 영구 삭제하기 전에 역할의 모든 사용자 할당과 세부 권한을 먼저 제거해야 합니다.
:::

## 역할 범위 보기

상세 패널의 **역할 범위** 탭은 역할 생성 시에 할당된 적용 범위 항목을 나열합니다. 각 항목은 이 역할의 세부 권한이 참조할 수 있는 적용 대상 집합을 제한합니다.
Expand Down Expand Up @@ -205,9 +192,13 @@ RBAC 관리 페이지에 접근하려면 사이드바 메뉴의 **관리자 설

### 역할에서 사용자 해제

1. **역할 할당** 탭에서 해제할 사용자 옆의 **사용자 해제** 버튼을 클릭합니다
2. 버튼에 연결된 작은 확인 팝업이 나타납니다. **확인**을 클릭하여 할당을 해제하거나 **취소**를 눌러 닫습니다.
1. **역할 할당** 탭에서 해제할 사용자 옆의 해제(휴지통) 아이콘 버튼을 클릭합니다
2. **사용자 해제** 확인 모달이 열립니다. 입력란에 **`영구 삭제`**를 표시된 그대로 정확히 입력해야 하며, 입력한 텍스트가 일치하기 전까지 **사용자 해제** 버튼은 비활성화 상태로 유지됩니다. **사용자 해제**를 클릭하여 확정하거나 **취소**를 눌러 닫습니다.

![](../images/rbac_revoke_popconfirm.png)

사용자를 해제하면 해당 사용자의 역할 할당만 제거되며, 역할 자체와 다른 할당은 그대로 유지됩니다. 언제든지 **사용자 추가** 기능으로 해당 사용자를 다시 추가할 수 있습니다. 이 동작은 되돌릴 수 있으므로 이름을 입력해 확인하는 모달이 아닌 가벼운 팝업 확인 방식을 사용합니다.
사용자를 해제하면 해당 사용자의 역할 할당만 제거되며, 역할 자체와 다른 할당은 그대로 유지됩니다.

:::danger
역할에서 사용자를 해제하는 작업은 되돌릴 수 없습니다. 확인 모달에서 **사용자 해제** 버튼이 활성화되려면 `영구 삭제`를 입력해야 합니다.
:::
2 changes: 1 addition & 1 deletion packages/backend.ai-webui-docs/src/th/admin_menu/admin_menu.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -1310,7 +1310,7 @@ Transmission Unit (MTU) สำหรับเครือข่าย overlay
การจัดการ RBAC (Role-Based Access Control) ช่วยให้ผู้ดูแลระบบระดับสูงสามารถกำหนดบทบาทที่มีสิทธิ์แบบละเอียดและมอบหมายให้กับผู้ใช้ได้ คุณสามารถควบคุมการดำเนินการที่ผู้ใช้เฉพาะสามารถทำได้กับทรัพยากรต่าง ๆ ในระบบ Backend.AI

:::note
การจัดการ RBAC ใช้ได้เฉพาะผู้ดูแลระบบระดับสูงเท่านั้น และต้องใช้ Backend.AI Manager เวอร์ชัน 25.4.0 ขึ้นไป
การจัดการ RBAC ใช้ได้เฉพาะผู้ดูแลระบบระดับสูงเท่านั้น และต้องใช้ Backend.AI Manager เวอร์ชัน 26.4.0 ขึ้นไป
:::

สำหรับข้อมูลรายละเอียดเกี่ยวกับการจัดการบทบาท สิทธิ์ และการมอบหมายผู้ใช้ โปรดดูที่หน้า[การจัดการ RBAC](#rbac-management)
Binary file modified packages/backend.ai-webui-docs/src/th/images/rbac_permission_modal.png
View file
Open in desktop
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
Binary file modified packages/backend.ai-webui-docs/src/th/images/rbac_revoke_popconfirm.png
View file
Open in desktop
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
Binary file modified packages/backend.ai-webui-docs/src/th/images/rbac_role_detail_drawer.png
View file
Open in desktop
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
Binary file modified packages/backend.ai-webui-docs/src/th/images/rbac_role_scope_tab.png
View file
Open in desktop
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
Loading
Loading