+ multiple
+ open={open}
+ value={selectedSubjects}
+ inputValue={keyword}
+ items={subjects}
+ disabled={disabled}
+ itemToStringLabel={getSubjectLabel}
+ itemToStringValue={getSubjectValue}
+ isItemEqualToValue={isSameSubject}
+ filter={null}
+ onOpenChange={handleOpenChange}
+ onInputValueChange={handleInputValueChange}
+ onValueChange={handleValueChange}
+ >
+
+
+
+ {t('operation.add', { ns: 'common' })}
+
+
+
+
+
+
+
+
+
+
+ {isLoading
+ ? (
+
+
+
+ )
+ : (
+ <>
+ {shouldShowBreadcrumb && (
+
+
+
+ )}
+ {hasResults
+ ? (
+ <>
+
+ {(subject: Subject) => (
+ setSelectedGroupsForBreadcrumb([...selectedGroupsForBreadcrumb, group])}
+ />
+ )}
+
+ {isFetchingNextPage &&
}
+
+
+ )
+ : (
+
+ {t('accessControlDialog.operateGroupAndMember.noResult', { ns: 'app' })}
+
+ )}
+
+ )}
+
+ {loading
+ ?
+ : (
+
+ )}
+
+ )
+}
+
+function RenderGroupsAndMembers({
+ selectedGroups,
+ selectedMembers,
+ onChange,
+}: AccessSubjectSelectionProps) {
+ const { t } = useTranslation()
+ if (selectedGroups.length <= 0 && selectedMembers.length <= 0) {
+ return (
+
+
+ {t('accessControlDialog.noGroupsOrMembers', { ns: 'app' })}
+
+
+ {t('accessControlDialog.groups', { ns: 'app', count: selectedGroups.length ?? 0 })}
+
+
+ {selectedGroups.map(group => (
+
+ ))}
+
+
+ {t('accessControlDialog.members', { ns: 'app', count: selectedMembers.length ?? 0 })}
+
+
+ {selectedMembers.map(member => (
+
+ ))}
+
+
+ )
+}
+
+function groupToSubject(group: AccessControlGroup): SubjectGroup {
+ return {
+ subjectId: group.id,
+ subjectType: SubjectType.GROUP,
+ groupData: group,
+ }
+}
+
+function memberToSubject(member: AccessControlAccount): SubjectAccount {
+ return {
+ subjectId: member.id,
+ subjectType: SubjectType.ACCOUNT,
+ accountData: member,
+ }
+}
+
+function getSubjectLabel(subject: Subject) {
+ if (subject.subjectType === SubjectType.GROUP)
+ return (subject as SubjectGroup).groupData.name
+
+ return (subject as SubjectAccount).accountData.name
+}
+
+function getSubjectValue(subject: Subject) {
+ return `${subject.subjectType}:${subject.subjectId}`
+}
+
+function isSameSubject(item: Subject, value: Subject) {
+ return item.subjectId === value.subjectId && item.subjectType === value.subjectType
+}
+
+function SubjectItem({
+ subject,
+ selectedGroups,
+ selectedMembers,
+ onExpandGroup,
+}: {
+ subject: Subject
+ selectedGroups: AccessControlGroup[]
+ selectedMembers: AccessControlAccount[]
+ onExpandGroup: (group: AccessControlGroup) => void
+}) {
+ if (subject.subjectType === SubjectType.GROUP) {
+ return (
+
+ )
+ }
+
+ return (
+
+ )
+}
+
+function SelectedGroupsBreadCrumb({
+ selectedGroupsForBreadcrumb,
+ onChange,
+}: {
+ selectedGroupsForBreadcrumb: AccessControlGroup[]
+ onChange: (groups: AccessControlGroup[]) => void
+}) {
+ const { t } = useTranslation()
+
+ const handleBreadCrumbClick = (index: number) => {
+ const newGroups = selectedGroupsForBreadcrumb.slice(0, index + 1)
+ onChange(newGroups)
+ }
+ const handleReset = () => {
+ onChange([])
+ }
+ const hasBreadcrumb = selectedGroupsForBreadcrumb.length > 0
+
+ return (
+
+ {hasBreadcrumb
+ ? (
+
+ )
+ : (
+
{t('accessControlDialog.operateGroupAndMember.allMembers', { ns: 'app' })}
+ )}
+ {selectedGroupsForBreadcrumb.map((group, index) => {
+ const isLastGroup = index === selectedGroupsForBreadcrumb.length - 1
+
+ return (
+
+ /
+ {isLastGroup
+ ? {group.name}
+ : (
+
+ )}
+
+ )
+ })}
+
+
+
+
+
+ {group.name}
+ {group.groupSize}
+
+
+
+
{group.name}
+ {group.groupSize}
+
+ )
+}
+
+type SelectedMemberItemProps = AccessSubjectSelectionProps & {
+ member: AccessControlAccount
+}
+
+function SelectedMemberItem({
+ member,
+ selectedGroups,
+ selectedMembers,
+ onChange,
+}: SelectedMemberItemProps) {
+ const handleRemoveMember = () => {
+ onChange({
+ groups: selectedGroups,
+ members: selectedMembers.filter(selectedMember => selectedMember.id !== member.id),
+ })
+ }
+
+ return (
+ }
+ onRemove={handleRemoveMember}
+ >
+ {member.name}
+
+ )
+}
+
+type SelectedBaseItemProps = {
+ icon: ReactNode
+ children: ReactNode
+ onRemove?: () => void
+}
+
+function SelectedBaseItem({ icon, onRemove, children }: SelectedBaseItemProps) {
+ const { t } = useTranslation()
+
+ return (
+
+ )
+}
diff --git a/web/features/deployments/detail/settings-tab/access/permissions.tsx b/web/features/deployments/detail/settings-tab/access/permissions.tsx
index 5957e594d8..a7c7c2da1c 100644
--- a/web/features/deployments/detail/settings-tab/access/permissions.tsx
+++ b/web/features/deployments/detail/settings-tab/access/permissions.tsx
@@ -5,43 +5,24 @@ import type {
AccessSubject,
Environment,
} from '@dify/contracts/enterprise/types.gen'
-import type { ComboboxRootChangeEventDetails } from '@langgenius/dify-ui/combobox'
+import type { AccessSubjectSelectionValue } from '@/app/components/base/access-subject-selector'
import type {
+ AccessControlAccount,
+ AccessControlGroup,
Subject as AccessControlSubject,
SubjectAccount as AccessControlSubjectAccount,
SubjectGroup as AccessControlSubjectGroup,
} from '@/models/access-control'
import { cn } from '@langgenius/dify-ui/cn'
-import {
- Combobox,
- ComboboxChip,
- ComboboxChipRemove,
- ComboboxChips,
- ComboboxContent,
- ComboboxEmpty,
- ComboboxInput,
- ComboboxInputGroup,
- ComboboxInputTrigger,
- ComboboxItem,
- ComboboxItemIndicator,
- ComboboxItemText,
- ComboboxList,
- ComboboxStatus,
- ComboboxValue,
-} from '@langgenius/dify-ui/combobox'
-import {
- DropdownMenu,
- DropdownMenuContent,
- DropdownMenuItem,
- DropdownMenuTrigger,
-} from '@langgenius/dify-ui/dropdown-menu'
import { toast } from '@langgenius/dify-ui/toast'
import { useMutation, useQuery } from '@tanstack/react-query'
-import { useDebounce } from 'ahooks'
-import { useState } from 'react'
+import { useEffect, useState } from 'react'
import { useTranslation } from 'react-i18next'
-import { SkeletonRectangle, SkeletonRow } from '@/app/components/base/skeleton'
-import { SubjectType as AccessControlSubjectType } from '@/models/access-control'
+import AccessControlDialog from '@/app/components/app/app-access-control/access-control-dialog'
+import AccessControlDialogContent from '@/app/components/app/app-access-control/access-control-dialog-content'
+import { SkeletonRectangle } from '@/app/components/base/skeleton'
+import useAccessControlStore from '@/context/access-control-store'
+import { SubjectType as AccessControlSubjectType, AccessMode as AppAccessMode } from '@/models/access-control'
import { useSearchForWhiteListCandidates } from '@/service/access-control'
import { consoleQuery } from '@/service/client'
import { environmentName } from '../../../environment'
@@ -51,17 +32,15 @@ import {
} from '../../table'
type AccessPermissionKind = 'organization' | 'specific' | 'anyone'
-type AccessMode = NonNullable
+type AccessPolicyMode = NonNullable
type AccessSubjectType = NonNullable
-const ACCESS_MODE_PUBLIC = 'ACCESS_MODE_PUBLIC' satisfies AccessMode
-const ACCESS_MODE_PRIVATE = 'ACCESS_MODE_PRIVATE' satisfies AccessMode
-const ACCESS_MODE_PRIVATE_ALL = 'ACCESS_MODE_PRIVATE_ALL' satisfies AccessMode
+const ACCESS_MODE_PUBLIC = 'ACCESS_MODE_PUBLIC' satisfies AccessPolicyMode
+const ACCESS_MODE_PRIVATE = 'ACCESS_MODE_PRIVATE' satisfies AccessPolicyMode
+const ACCESS_MODE_PRIVATE_ALL = 'ACCESS_MODE_PRIVATE_ALL' satisfies AccessPolicyMode
const SUBJECT_TYPE_ACCOUNT = 'SUBJECT_TYPE_ACCOUNT' satisfies AccessSubjectType
const SUBJECT_TYPE_GROUP = 'SUBJECT_TYPE_GROUP' satisfies AccessSubjectType
const ACCESS_SUBJECT_LABEL_PAGE_SIZE = 100
-const ACCESS_SUBJECT_SEARCH_PAGE_SIZE = 50
-const ACCESS_SUBJECT_SEARCH_DEBOUNCE = 300
function accessModeToPermissionKey(mode?: AccessPolicy['mode']): AccessPermissionKind {
if (mode === ACCESS_MODE_PRIVATE)
@@ -71,7 +50,7 @@ function accessModeToPermissionKey(mode?: AccessPolicy['mode']): AccessPermissio
return 'organization'
}
-function permissionKeyToAccessMode(key: AccessPermissionKind): AccessMode {
+function permissionKeyToAccessMode(key: AccessPermissionKind): AccessPolicyMode {
if (key === 'organization')
return ACCESS_MODE_PRIVATE_ALL
if (key === 'specific')
@@ -79,69 +58,28 @@ function permissionKeyToAccessMode(key: AccessPermissionKind): AccessMode {
return ACCESS_MODE_PUBLIC
}
+function permissionKeyToAppAccessMode(key: AccessPermissionKind): AppAccessMode {
+ if (key === 'organization')
+ return AppAccessMode.ORGANIZATION
+ if (key === 'specific')
+ return AppAccessMode.SPECIFIC_GROUPS_MEMBERS
+ return AppAccessMode.PUBLIC
+}
+
+function appAccessModeToPermissionKey(mode: AppAccessMode): AccessPermissionKind {
+ if (mode === AppAccessMode.SPECIFIC_GROUPS_MEMBERS)
+ return 'specific'
+ if (mode === AppAccessMode.PUBLIC)
+ return 'anyone'
+ return 'organization'
+}
+
const permissionIcon: Record = {
organization: 'i-ri-team-line',
specific: 'i-ri-lock-line',
anyone: 'i-ri-global-line',
}
-const permissionOrder: AccessPermissionKind[] = ['organization', 'specific', 'anyone']
-
-function PermissionPicker({ value, disabled, loading, onChange }: {
- value: AccessPermissionKind
- disabled?: boolean
- loading?: boolean
- onChange: (kind: AccessPermissionKind) => void
-}) {
- const { t } = useTranslation('deployments')
- const icon = permissionIcon[value]
- const label = t(`access.permission.${value}`)
-
- return (
-
-
-
- {label}
-
-
-
- {permissionOrder.map((kind) => {
- const itemIcon = permissionIcon[kind]
- const isSelected = kind === value
- return (
- onChange(kind)}
- className="mx-0 h-auto items-start gap-3 rounded-lg px-2.5 py-2"
- >
-
-
-
-
- {t(`access.permission.${kind}`)}
-
-
-
- {t(`access.permission.${kind}Desc`)}
-
-
+
+ {t(`access.permission.${permissionKind}Desc`)}
+
+
+ )
}
- const handleInputValueChange = (inputValue: string, details: ComboboxRootChangeEventDetails) => {
- if (!isInteractionDisabled && details.reason !== 'item-press')
- setKeyword(inputValue)
+ if (loading) {
+ return (
+
+
+
+ )
}
- const handleValueChange = (nextSubjects: SelectableAccessSubject[]) => {
- if (isInteractionDisabled)
+ const groupCount = subjects.filter(subject => subject.subjectType === SUBJECT_TYPE_GROUP).length
+ const memberCount = subjects.length - groupCount
+ const countLabels = [
+ groupCount > 0 ? t('access.members.groupCount', { count: groupCount }) : undefined,
+ memberCount > 0 ? t('access.members.memberCount', { count: memberCount }) : undefined,
+ ].filter((label): label is string => Boolean(label))
+
+ return (
+
+
+
+ {countLabels.length > 0 ? countLabels.join(' · ') : t('access.permission.specificDesc')}
+
+
+ )
+}
+
+function DeploymentAccessControlDialog({
+ open,
+ value,
+ subjects,
+ subjectsLoading,
+ saving,
+ onClose,
+ onSubmit,
+}: {
+ open: boolean
+ value: AccessPermissionKind
+ subjects: AccessSubjectSelectionValue
+ subjectsLoading?: boolean
+ saving?: boolean
+ onClose: () => void
+ onSubmit: (kind: AccessPermissionKind, subjects: AccessSubjectSelectionValue) => void
+}) {
+ const { t } = useTranslation('deployments')
+ const currentMenu = useAccessControlStore(s => s.currentMenu)
+ const setCurrentMenu = useAccessControlStore(s => s.setCurrentMenu)
+ const specificGroups = useAccessControlStore(s => s.specificGroups)
+ const setSpecificGroups = useAccessControlStore(s => s.setSpecificGroups)
+ const specificMembers = useAccessControlStore(s => s.specificMembers)
+ const setSpecificMembers = useAccessControlStore(s => s.setSpecificMembers)
+ const setSelectedGroupsForBreadcrumb = useAccessControlStore(s => s.setSelectedGroupsForBreadcrumb)
+ const specificSelected = currentMenu === AppAccessMode.SPECIFIC_GROUPS_MEMBERS
+ const selectedSubjectCount = specificGroups.length + specificMembers.length
+ const specificEmpty = specificSelected && selectedSubjectCount === 0
+ const confirmDisabled = saving || (specificSelected && (subjectsLoading || specificEmpty))
+
+ useEffect(() => {
+ if (!open)
return
- setKeyword('')
- onChange(nextSubjects)
+ setCurrentMenu(permissionKeyToAppAccessMode(value))
+ setSpecificGroups(subjects.groups)
+ setSpecificMembers(subjects.members)
+ setSelectedGroupsForBreadcrumb([])
+ }, [
+ open,
+ setCurrentMenu,
+ setSelectedGroupsForBreadcrumb,
+ setSpecificGroups,
+ setSpecificMembers,
+ subjects.groups,
+ subjects.members,
+ value,
+ ])
+
+ const handleConfirm = () => {
+ if (confirmDisabled)
+ return
+
+ onSubmit(
+ appAccessModeToPermissionKey(currentMenu),
+ specificSelected
+ ? { groups: specificGroups, members: specificMembers }
+ : { groups: [], members: [] },
+ )
}
return (
-
- multiple
- open={open}
- value={selectedSubjects}
- inputValue={keyword}
- items={items}
- disabled={disabled}
- itemToStringLabel={getSubjectLabel}
- itemToStringValue={getSubjectValue}
- isItemEqualToValue={isSameSubject}
- filter={null}
- onOpenChange={handleOpenChange}
- onInputValueChange={handleInputValueChange}
- onValueChange={handleValueChange}
- >
-
-
-
- {(selectedValue: SelectableAccessSubject[]) => (
- <>
- {selectedValue.map(subject => (
-
-
- {getSubjectLabel(subject)}
- {subject.subjectType === SUBJECT_TYPE_GROUP && subject.memberCount != null && (
- {subject.memberCount}
- )}
-
-
-
-
- ))}
-
-
- )}
-
-
-
- {loading
- ? (
-
- )
- : undefined}
-
-
-
+
- {isResultLoading
- ? (
-
- {SUBJECT_PICKER_SKELETON_KEYS.map(key => (
-
-
-
- ))}
-
- )
- : (
- <>
- {subjectsQuery.isFetching && (
-
- {t('common.loading')}
-
- )}
-
- {items.map(subject => (
-
-
-
- {getSubjectLabel(subject)}
- {subject.subjectType === SUBJECT_TYPE_GROUP && subject.memberCount != null && (
-
- {t('access.members.memberCount', { count: subject.memberCount })}
-
- )}
-
-
-
- ))}
-
- {shouldShowEmpty && (
- selectedItems.length > 0
- ? (
-
- {t('access.members.empty')}
-
- )
- : (
-
- {t('access.members.empty')}
-
- )
- )}
-
- )}
-
-
+ onClose={onClose}
+ onConfirm={handleConfirm}
+ />
+
)
}
@@ -458,6 +399,7 @@ export function EnvironmentPermissionRow({
kind?: AccessPermissionKind
subjects?: SelectableAccessSubject[]
}>({})
+ const [dialogOpen, setDialogOpen] = useState(false)
const subjectLabelCandidates = [
...(draft.subjects ?? []),
...accessSubjects,
@@ -466,14 +408,23 @@ export function EnvironmentPermissionRow({
const permissionKind = hasDraft && draft.kind ? draft.kind : policyKind
const policySelectedSubjects = policyKind === 'specific' ? selectedSubjectsFromPolicy(policy, subjectLabelCandidates) : []
const subjects = hasDraft && draft.subjects ? draft.subjects : accessSubjectsQuery.isLoading ? [] : policySelectedSubjects
+ const subjectSelection = accessControlSelectionFromSubjects(subjects)
const isSaving = setEnvironmentAccessPolicy.isPending
- const controlsDisabled = isSaving || accessPolicyQuery.isLoading || accessPolicyQuery.isError
+ const subjectsLoading = permissionKind === 'specific' && accessSubjectsQuery.isLoading
+ const controlsDisabled = isSaving || accessPolicyQuery.isLoading || accessPolicyQuery.isError || subjectsLoading
+ const envName = environmentName(environment)
- const persistPolicy = (nextKind: AccessPermissionKind, nextSubjects: SelectableAccessSubject[]) => {
+ const persistPolicy = (
+ nextKind: AccessPermissionKind,
+ nextSubjects: SelectableAccessSubject[],
+ options?: {
+ onSuccess?: () => void
+ },
+ ) => {
if (!environmentId)
- return
+ return false
if (nextKind === 'specific' && nextSubjects.length === 0)
- return
+ return false
setEnvironmentAccessPolicy.mutate(
{
@@ -489,33 +440,25 @@ export function EnvironmentPermissionRow({
},
},
{
+ onSuccess: options?.onSuccess,
onError: () => {
toast.error(t('access.permission.updateFailed'))
},
},
)
+ return true
}
- const handlePermissionChange = (nextKind: AccessPermissionKind) => {
+ const handlePermissionSubmit = (nextKind: AccessPermissionKind, nextSelection: AccessSubjectSelectionValue) => {
+ const normalizedSubjects = nextKind === 'specific' ? subjectsFromAccessControlSelection(nextSelection) : []
setDraft({
fingerprint: policyFingerprint,
kind: nextKind,
- subjects: nextKind === 'specific' ? subjects : [],
+ subjects: normalizedSubjects,
})
- if (nextKind === 'specific') {
- persistPolicy(nextKind, subjects)
- return
- }
- persistPolicy(nextKind, [])
- }
-
- const handleSubjectsChange = (nextSubjects: SelectableAccessSubject[]) => {
- setDraft({
- fingerprint: policyFingerprint,
- kind: 'specific',
- subjects: nextSubjects,
+ persistPolicy(nextKind, normalizedSubjects, {
+ onSuccess: () => setDialogOpen(false),
})
- persistPolicy('specific', nextSubjects)
}
return (
@@ -526,7 +469,7 @@ export function EnvironmentPermissionRow({
- {environmentName(environment)}
+ {envName}
@@ -534,43 +477,34 @@ export function EnvironmentPermissionRow({
{t('access.permissions.col.permission')}
- setDialogOpen(true)}
/>
+ {dialogOpen && (
+ setDialogOpen(false)}
+ onSubmit={handlePermissionSubmit}
+ />
+ )}
{t('access.permissions.col.subjects')}
- {permissionKind === 'specific'
- ? (
- <>
-
- {!accessSubjectsQuery.isLoading && subjects.length === 0 && (
-
-
-
- {t('access.members.emptySelection')}
-
-
- )}
-
- )
- : (
-
-
- {t(`access.permission.${permissionKind}Desc`)}
-
-
- )}
+
)
diff --git a/web/i18n/en-US/deployments.json b/web/i18n/en-US/deployments.json
index 67bd6db05c..4dbe810b6e 100644
--- a/web/i18n/en-US/deployments.json
+++ b/web/i18n/en-US/deployments.json
@@ -53,7 +53,6 @@
"access.hide": "Hide",
"access.members.clearAll": "Clear all",
"access.members.empty": "No matches found.",
- "access.members.emptySelection": "Choose at least one group or member to save this permission.",
"access.members.groupCount_one": "{{count}} group",
"access.members.groupCount_other": "{{count}} groups",
"access.members.groups": "Groups",
@@ -63,23 +62,23 @@
"access.members.pickPlaceholder": "Select groups or members",
"access.members.searchPlaceholder": "Search groups and members",
"access.members.selectedLabel": "Selected",
- "access.permission.anyone": "Anyone",
- "access.permission.anyoneDesc": "Anyone with the link, no login required",
- "access.permission.comingSoon": "Coming soon",
- "access.permission.external": "Authenticated external users",
- "access.permission.externalDesc": "External users who completed SSO/OIDC authentication",
+ "access.permission.anyone": "Anyone with the link",
+ "access.permission.anyoneDesc": "Anyone can access this deployment without logging in.",
"access.permission.memberCount_one": "{{count}} member",
"access.permission.memberCount_other": "{{count}} members",
- "access.permission.organization": "Only members within the organization",
- "access.permission.organizationDesc": "All internal members of your workspace",
- "access.permission.specific": "Specific members",
- "access.permission.specificDesc": "Pick groups or individual members",
+ "access.permission.organization": "All members within the platform",
+ "access.permission.organizationDesc": "All members within the platform",
+ "access.permission.specific": "Specific members within the platform",
+ "access.permission.specificDesc": "Select specific groups or members",
"access.permission.specificUnavailable": "Specific member selection is disabled until real workspace subjects are connected.",
"access.permission.updateFailed": "Failed to update access policy.",
"access.permissions.col.environment": "Environment",
"access.permissions.col.permission": "Access",
"access.permissions.col.subjects": "Allowed users/groups",
- "access.permissions.description": "Configure who can access this deployment in each deployed environment.",
+ "access.permissions.description": "Set access permissions for WebApp and CLI entry points in each environment.",
+ "access.permissions.editAriaLabel": "Configure access for {{environment}}",
+ "access.permissions.editDescription": "Set access permissions for WebApp and CLI entry points.",
+ "access.permissions.editTitle": "Access permissions",
"access.permissions.title": "Access permissions",
"access.revoke": "Revoke",
"access.runAccess.description": "Manage how users can run this deployment and who is allowed to access it per environment.",
diff --git a/web/i18n/zh-Hans/deployments.json b/web/i18n/zh-Hans/deployments.json
index 6778f2469d..fdbc1031b9 100644
--- a/web/i18n/zh-Hans/deployments.json
+++ b/web/i18n/zh-Hans/deployments.json
@@ -53,7 +53,6 @@
"access.hide": "隐藏",
"access.members.clearAll": "全部清除",
"access.members.empty": "未找到匹配结果。",
- "access.members.emptySelection": "至少选择一个分组或成员后才会保存该权限。",
"access.members.groupCount_one": "{{count}} 个分组",
"access.members.groupCount_other": "{{count}} 个分组",
"access.members.groups": "分组",
@@ -64,22 +63,22 @@
"access.members.searchPlaceholder": "搜索分组和成员",
"access.members.selectedLabel": "已选择",
"access.permission.anyone": "任何人",
- "access.permission.anyoneDesc": "任何拥有链接的人,无需登录",
- "access.permission.comingSoon": "即将支持",
- "access.permission.external": "已认证的外部用户",
- "access.permission.externalDesc": "通过 SSO / OIDC 完成认证的外部用户",
+ "access.permission.anyoneDesc": "任何人均可访问该部署,无需登录",
"access.permission.memberCount_one": "{{count}} 位成员",
"access.permission.memberCount_other": "{{count}} 位成员",
- "access.permission.organization": "仅组织内成员",
- "access.permission.organizationDesc": "工作区内所有内部成员",
- "access.permission.specific": "特定成员",
- "access.permission.specificDesc": "选择指定的分组或单个成员",
+ "access.permission.organization": "平台内所有成员",
+ "access.permission.organizationDesc": "平台内所有成员",
+ "access.permission.specific": "平台内指定成员",
+ "access.permission.specificDesc": "选择指定的分组或成员",
"access.permission.specificUnavailable": "特定成员暂未启用,需接入真实工作区成员与分组后再开放。",
"access.permission.updateFailed": "更新访问策略失败。",
"access.permissions.col.environment": "环境",
"access.permissions.col.permission": "访问范围",
"access.permissions.col.subjects": "可访问成员/分组",
- "access.permissions.description": "配置该部署在每个已部署环境中的访问人员。",
+ "access.permissions.description": "设置 WebApp 与 CLI 入口在每个环境中的访问权限。",
+ "access.permissions.editAriaLabel": "配置 {{environment}} 的访问权限",
+ "access.permissions.editDescription": "设置 WebApp 与 CLI 入口的访问权限。",
+ "access.permissions.editTitle": "访问权限",
"access.permissions.title": "访问权限",
"access.revoke": "撤销",
"access.runAccess.description": "管理用户如何运行该部署,以及在每个环境里谁可以访问。",