Access Control

Overview

The Access Control page allows administrators to directly assign database access privileges to users or groups.

Viewing Access Control List

The Access Control page provides an overview of the database privileges (Privileges) and admin roles assigned to each user or group registered in QueryPie. (You can search by group or user name.)

Viewing Access Control Details for Users/Groups

To view detailed access control information for a specific user or group, click on the desired entry in the Access Control table to open a drawer with more details.

• Search : You can search by Connection Name.

• Available Filters:

  • Database Type: Filter by DB type (e.g., MySQL, MariaDB, PostgreSQL).

  • Cloud Provider: Filter by cloud provider type (AWS, Azure, GCP, or QueryPie Connection).

  • Assigned Status: Filter based on whether privileges are assigned.

  • Favorite View: Filter by whether the connection is marked as a favorite (favorites can be set in the DB Connections list).

  • Tag: Filter by tags assigned to the connection.

    • How to Enter Tags: Input Key → press Enter → input Operator → input Value → press Enter.

      • Supported operators: =, !=, :, !:

    • If multiple tags with the same key are entered, an OR search is performed (union).

    • If multiple tags with different keys are entered, an AND search is performed (intersection).

Granting Access Control Privileges

1. Navigate to the Administrator > Databases > DB Access Control > Access Control menu.

2. In the Access Control menu, select the user or group to assign privileges and move to the detail panel.

3. Find the connection to which you want to assign privileges and select the Assigned Privilege.

4. You can assign privileges to multiple connections simultaneously by selecting them together.

Once privileges are assigned, the user can connect to the connection with those privileges, and the assignment will be recorded in the Access Control Logs as Access Control Granted.

What Happens If a User Belongs to a Group with Different Privileges?

If a user is assigned multiple privileges—both individually and through a group—they can choose the Default Privilege when connecting to the database.

Revoking Access Control Privileges

6. Navigate to the Administrator > Databases > DB Access Control > Access Control menu.

7. In the Access Control menu, select the user or group to assign privileges and move to the detail panel.

8. Find the connection from which you want to revoke privileges and select None under Assigned Privilege.

9. You can revoke privileges from multiple connections simultaneously by selecting them together.

Once privileges are revoked, the user will no longer be able to access the connection, and the revocation will be recorded in the Access Control Logs as Access Control Revoked.

Status Descriptions in the Access Control Details Panel

• Active : The user has active privileges for the connection.

• Deactivated : The user has privileges but has not accessed the connection for a period set by the administrator, resulting in temporary deactivation. The user cannot access the connection during this period.

• Expired : The user’s privileges have expired and have been revoked.

• You can renew deactivated privileges by clicking the Renew button next to the Deactivated status.

• The renewal date will be displayed in the Renewed At column.

• If a user has no privileges, nothing will be displayed.

Additional Details in the Access Control Details Panel

• The Granted At column shows the date when the privilege was first assigned.

• The Last Access At column indicates the last time the user accessed the connection.

• The Expiration Date column shows when the privilege will be revoked.

• If the Expiration Date column is empty, the privilege will not be revoked, but it may still be subject to the deactivation period if set.