Skip to main content

XPanel User Rights Management

KlustronAbout 4 min

XPanel User Rights Management

01 System Overview

XPanel is a GUI for Klustron users to manage Klustron database clusters and monitor cluster node status, including all cluster management functions and functional interfaces for cluster status monitoring.

02 Function introduction

For security reasons, it is usually necessary to create multiple accounts for DBAs with different permissions and roles. Each account has different permissions and can perform different operations. At first, XPanel has a default super administrator account super_dba, the DBA with the highest authority should have this account and modify the default password, and then create several users with different permissions for different cluster management tasks.

2.1 Login interface

The user needs to enter the default account name and password for the first login interface. The default account password is super_dba. After the first login, after the password is successfully changed, you can enter the DBA management system platform. As shown in Figure 1 and Figure 2. Note) Login security rules:

  1. When users use xpanel, they must log in before doing any other operations;
  2. For the first login, the default user password is super_dba;
  3. After super_dba logs in, the password must be changed before other operations can be performed, as shown in Figure 2;
  4. For security reasons, any user must change the default password after logging in for the first time before doing other operations. If you are not a super_dba user, modify the password as shown in Figure 2-1, 2;
  5. Except for the default password, the password rules are: a combination of uppercase and lowercase letters + numbers + special characters, and the length must be 8-12 characters.

2.2 Home page

The home page is an interface for statistical information, which mainly collects statistical data and status information of clusters and devices, as shown in Figure 3.

2.3 System Management

System management includes three modules: user management, role management and authorization management.

2.3.1 User Management

User management is divided into adding users, editing users and deleting users. It is used to manage and collect user information, so that after the user is authorized, he can directly use the account to log in to operate the management system.

2.3.1.1 Add a new user

Enter the user management interface, click the Add button, enter the account password, mobile phone and other information, and click OK. As shown in Figure 4. A prompt message will appear after success, as shown in Figure 5.

2.3.1.2 Edit User

Click the edit button of the corresponding row to edit or correct the data in the row. Before clicking confirm, the user will verify whether the system user account and mobile phone number are duplicated. If they are duplicated, the editing operation is not allowed. As shown in Figure 6 and Figure 7.

2.3.1.3 Delete user

Find a user you want to delete, and click the delete button in the corresponding row to delete the user. After deletion, the user's information and authorization information will disappear permanently. Since the information cannot be recovered, please confirm that it is correct before proceeding. If there are too many user data, you can use the search button to search through the user's account. As shown in Figure 8, Figure 9, and Figure 10. Note): Since super_dba is the highest default administrator authority of the system, the user information can only be edited, and deletion is not allowed.

2.3.2 Role Management

Role management includes adding roles, editing roles, and deleting roles. In the design, roles are a collection of permissions. The highest level of roles is super_dba, which has the highest role including system management. Other new roles only have permissions and are only allowed in the cluster. and computer range.

2.3.2.1 Adding new roles

Enter the role management interface, click the Add button, enter the role information and check the permissions, and click OK. As shown in Figure 11. A prompt message will appear after success, as shown in Figure 12.

2.3.2.2 Edit Role

If the previously added role needs to be changed, you can find the corresponding role in the role management and edit it. Role editing is a modification operation performed when an administrator makes a mistake or a role needs to change permissions. You can view the updated role information in Details or Edit. As shown in Figure 13, Figure 14, and Figure 15.

2.3.2.3 Delete role

If you need to delete a certain role due to business needs, you can find the corresponding role and click the delete button to delete it. As shown in Figure 16 and Figure 17. Note): Since the deletion takes effect immediately and the information cannot be retrieved, please proceed with caution.

2.3.3 Authorization Management

Authorization management is mainly responsible for granting certain permissions to users. There is a many-to-many relationship between users and permissions, that is, one user can be assigned multiple roles, and one role can be assigned to multiple users. When a user has multiple permissions, the permissions obtained when logging in are combined and granted to the user for login authorization, achieving the highest level of treatment for user permissions.

2.3.3.1 Add authorization

When adding authorization, click the Add button, select the user account, role name, validity period type, whether to apply to all clusters, and click OK after filling in the information. For example, I grant the super_dba role to test002, which is valid until 0:00 on March 24, 2022, and applies to all clusters, as shown in Figure 18; after successful authorization, it is shown in Figure 19.

1、The user account comes from the collection of all users in user management; the role name comes from the collection of all roles in role management; as shown in Figure 20 and Figure 21;

2、There are two types of validity period, permanent and time period. When selecting the validity period type as time period, the start and end time selection will appear. At this time, at least one of the two times cannot be empty; as shown in Figure 22 and Figure 23;

3、Whether to apply to all clusters. Select Yes to operate all clusters with relevant permissions. If you select No, check the corresponding cluster to operate the checked cluster; as shown in Figure 24. Note): The same user and the same role can only be assigned once, as shown in Figure 25.

2.3.3.2 Authorization to edit

Editing the authorization is to update the authorization information. For example, when I need to change the validity period type of the newly authorized test002 information from time period to permanent, the specific operation is shown in Figure 26 and Figure 27. Note): In order to avoid multiple authorizations for the same user and the same role, when editing the authorization, the user account and role name cannot be edited. If the two correspondences are incorrectly filled in when adding, please delete and add again.

2.3.3.3 Delete Authorization

Delete the authorization information as needed. Click the delete button on the right side of the corresponding data to delete the information. As shown in Figure 28 and Figure 29. Note): Authorization information cannot be retrieved after deletion, please operate with caution.

END

Copyright © Klustron
Copyright © 2025 Klustron