Help Center/ DataArts Studio/ API Reference/ DataArts Security APIs/ Data Security Diagnosis/ Query Improper Permission Configurations
Updated on 2025-11-17 GMT+08:00
View PDF

Query Improper Permission Configurations

Function

This API is used to query improper permission configurations.

Calling Method

For details, see Calling APIs.

URI

GET /v1/{project_id}/security/diagnose/unreasonable-permissions

Table 1 Path Parameters

Parameter

Mandatory

Type

Description

project_id

Yes

String

Project ID. For details about how to obtain the project ID, see Project ID and Account ID.
Table 2 Query Parameters

Parameter

Mandatory

Type

Description

limit

No

Integer

Number of items displayed on each page

offset

No

Integer

Offset, which is the position where the query starts. The value must be greater than or equal to 0.

diagnose_id

Yes

String

Diagnosis task ID, which can be obtained through the diagnosis result API of the data permission control module

datasource_type

No

String

Data Source Type

  • Hive data source

  • DWS Data Source

  • DLI Data Source

user_name

No

String

User name.

Request Parameters

Table 3 Request header parameters

Parameter

Mandatory

Type

Description

workspace

Yes

String

Workspace ID. For details about how to obtain the workspace ID, see Instance ID and Workspace ID.

X-Auth-Token

Yes

String

IAM token, which is obtained by calling the IAM API for obtaining a user token (value of X-Subject-Token in the response header). This parameter is mandatory for token authentication.

Response Parameters

Status code: 200

Table 4 Response body parameters

Parameter

Type

Description

total

Integer

Total number of improper permission configurations

unreasonable_permissions

Array of DiagnosePermissionDetail objects

Improper permission configurations
Table 5 DiagnosePermissionDetail

Parameter

Type

Description

id

String

Permission configuration ID

task_id

String

Diagnosis task ID

user_name

String

User name.

permission_type

String

Permission type

permission_action

String

Permission action

permission_source

String

Permission source

datasource_type

String

Data source type

cluster_name

String

Cluster name.

database

String

Database name

schema

String

Schema name

table

String

Table name

remark

String

Remarks.

Status code: 400

Table 6 Response body parameters

Parameter

Type

Description

error_code

String

Error code.

error_msg

String

Error message.

Example Requests

/v1/0833a5737480d53b2f25c010dc1a7b88/security/diagnose/unreasonable-permissions?limit=10&offset=0&diagnose_id=6f28400297cc4402adfb13ce7533f996

Example Responses

Status code: 200

OK

{
  "total" : 1,
  "unreasonable_permissions" : [ {
    "cluster_name" : "mrs_3x_autotest_do_not_del",
    "database" : "default",
    "datasource_type" : "HIVE",
    "id" : "0d524dab271b4050be7da83eb9d0af85",
    "permission_action" : "DROP",
    "permission_source" : "Level-2 permissions",
    "permission_type" : "ALLOW",
    "remark" : "Other roles except admin are not advised to have the DROP permission.",
    "schema" : null,
    "table" : "allfuhe",
    "task_id" : "6f28400297cc4402adfb13ce7533f996",
    "user_name" : "user1"
  } ]
}

Status Codes

Status Code

Description

200

OK

400

Bad Request
Parent Topic: Data Security Diagnosis