From 4d4501dea21eca0b503956eff9a7d366b908a64f Mon Sep 17 00:00:00 2001
From: cosmos-explorer <lian.yang.work@gmail.com>
Date: Wed, 8 Mar 2023 14:06:04 +0100
Subject: [PATCH 01/44] init

---
 .../access-tokens-routing.module.ts           | 24 +++++
 .../access-tokens/access-tokens.component.ts  | 11 +++
 .../access-tokens/access-tokens.module.ts     | 17 ++++
 .../index/index-routing.module.ts             | 19 ++++
 .../access-tokens/index/index.component.html  | 68 ++++++++++++++
 .../access-tokens/index/index.component.less  | 43 +++++++++
 .../access-tokens/index/index.component.ts    | 91 +++++++++++++++++++
 .../access-tokens/index/index.module.ts       | 48 ++++++++++
 .../integrations-routing.module.ts            | 25 +++++
 .../integrations/integrations.component.html  |  4 +
 .../integrations/integrations.component.less  |  0
 .../integrations/integrations.component.ts    | 16 ++++
 .../safe/integrations/integrations.module.ts  | 20 ++++
 .../app/features/safe/safe-routing.module.ts  | 15 ++-
 .../src/app/features/safe/safe.component.ts   | 12 +++
 15 files changed, 408 insertions(+), 5 deletions(-)
 create mode 100644 modules/front-end/src/app/features/safe/integrations/access-tokens/access-tokens-routing.module.ts
 create mode 100644 modules/front-end/src/app/features/safe/integrations/access-tokens/access-tokens.component.ts
 create mode 100644 modules/front-end/src/app/features/safe/integrations/access-tokens/access-tokens.module.ts
 create mode 100644 modules/front-end/src/app/features/safe/integrations/access-tokens/index/index-routing.module.ts
 create mode 100644 modules/front-end/src/app/features/safe/integrations/access-tokens/index/index.component.html
 create mode 100644 modules/front-end/src/app/features/safe/integrations/access-tokens/index/index.component.less
 create mode 100644 modules/front-end/src/app/features/safe/integrations/access-tokens/index/index.component.ts
 create mode 100644 modules/front-end/src/app/features/safe/integrations/access-tokens/index/index.module.ts
 create mode 100644 modules/front-end/src/app/features/safe/integrations/integrations-routing.module.ts
 create mode 100644 modules/front-end/src/app/features/safe/integrations/integrations.component.html
 create mode 100644 modules/front-end/src/app/features/safe/integrations/integrations.component.less
 create mode 100644 modules/front-end/src/app/features/safe/integrations/integrations.component.ts
 create mode 100644 modules/front-end/src/app/features/safe/integrations/integrations.module.ts

diff --git a/modules/front-end/src/app/features/safe/integrations/access-tokens/access-tokens-routing.module.ts b/modules/front-end/src/app/features/safe/integrations/access-tokens/access-tokens-routing.module.ts
new file mode 100644
index 000000000..fd5157698
--- /dev/null
+++ b/modules/front-end/src/app/features/safe/integrations/access-tokens/access-tokens-routing.module.ts
@@ -0,0 +1,24 @@
+import { NgModule } from '@angular/core';
+import { RouterModule, Routes } from '@angular/router';
+import { AccessTokensComponent } from "@features/safe/integrations/access-tokens/access-tokens.component";
+
+const routes: Routes = [
+  {
+    path: '',
+    component: AccessTokensComponent,
+    children: [
+      {
+        path: '',
+        loadChildren: () => import("./index/index.module").then(m => m.IndexModule),
+      }
+    ]
+  }
+];
+
+@NgModule({
+  imports: [RouterModule.forChild(routes)],
+  exports: [RouterModule],
+  providers: [
+  ]
+})
+export class AccessTokensRoutingModule { }
diff --git a/modules/front-end/src/app/features/safe/integrations/access-tokens/access-tokens.component.ts b/modules/front-end/src/app/features/safe/integrations/access-tokens/access-tokens.component.ts
new file mode 100644
index 000000000..cee7bf4c5
--- /dev/null
+++ b/modules/front-end/src/app/features/safe/integrations/access-tokens/access-tokens.component.ts
@@ -0,0 +1,11 @@
+import { Component } from '@angular/core';
+
+@Component({
+  selector: 'integrations-access-tokens',
+  template: `<router-outlet></router-outlet>`
+})
+export class AccessTokensComponent {
+  constructor(
+  ) {
+  }
+}
diff --git a/modules/front-end/src/app/features/safe/integrations/access-tokens/access-tokens.module.ts b/modules/front-end/src/app/features/safe/integrations/access-tokens/access-tokens.module.ts
new file mode 100644
index 000000000..ced67357b
--- /dev/null
+++ b/modules/front-end/src/app/features/safe/integrations/access-tokens/access-tokens.module.ts
@@ -0,0 +1,17 @@
+import { NgModule } from '@angular/core';
+import { AccessTokensRoutingModule } from './access-tokens-routing.module';
+import { CommonModule } from '@angular/common';
+import { AccessTokensComponent } from "@features/safe/integrations/access-tokens/access-tokens.component";
+
+@NgModule({
+  declarations: [
+    AccessTokensComponent
+  ],
+  imports: [
+    CommonModule,
+    AccessTokensRoutingModule
+  ],
+  providers: [
+  ]
+})
+export class AccessTokensModule { }
diff --git a/modules/front-end/src/app/features/safe/integrations/access-tokens/index/index-routing.module.ts b/modules/front-end/src/app/features/safe/integrations/access-tokens/index/index-routing.module.ts
new file mode 100644
index 000000000..4b58b4f28
--- /dev/null
+++ b/modules/front-end/src/app/features/safe/integrations/access-tokens/index/index-routing.module.ts
@@ -0,0 +1,19 @@
+import { NgModule } from '@angular/core';
+import { RouterModule, Routes } from '@angular/router';
+import {IndexComponent} from "@features/safe/iam/policies/index/index.component";
+
+
+const routes: Routes = [
+  {
+    path: '',
+    component: IndexComponent,
+  }
+];
+
+@NgModule({
+  imports: [RouterModule.forChild(routes)],
+  exports: [RouterModule],
+  providers: [
+  ]
+})
+export class IndexRoutingModule { }
diff --git a/modules/front-end/src/app/features/safe/integrations/access-tokens/index/index.component.html b/modules/front-end/src/app/features/safe/integrations/access-tokens/index/index.component.html
new file mode 100644
index 000000000..a8c709338
--- /dev/null
+++ b/modules/front-end/src/app/features/safe/integrations/access-tokens/index/index.component.html
@@ -0,0 +1,68 @@
+<div class="table-content-area">
+  <div class="table-search-area">
+    <nz-input-group [nzPrefix]="prefixIconSearch">
+      <input nz-input type="text" placeholder="Filter by name" [(ngModel)]="filter.name" (ngModelChange)="doSearch()" i18n-placeholder="@@iam.policies.idx.searchPlaceholder">
+    </nz-input-group>
+    <ng-template #prefixIconSearch>
+      <i nz-icon nzType="icons:icon-search"></i>
+    </ng-template>
+    <button nz-button nzType="primary" (click)="showPolicyDrawer()">
+      <i nz-icon nzType="icons:icon-add"></i>
+      <ng-container i18n="@@common.add">Add</ng-container>
+    </button>
+  </div>
+  <div class="table-wrapper">
+    <nz-table #table nzSize="small"
+              nzShowSizeChanger
+              [nzData]="policies.items"
+              [nzFrontPagination]="false"
+              [nzLoading]="isLoading"
+              [nzTotal]="policies.totalCount"
+              [(nzPageSize)]="filter.pageSize"
+              (nzPageSizeChange)="doSearch()"
+              [nzPageSizeOptions]="[10,20,30]"
+              [(nzPageIndex)]="filter.pageIndex"
+              (nzPageIndexChange)="doSearch()"
+              >
+      <thead>
+      <tr>
+        <th i18n="@@common.name">Name</th>
+        <th i18n="@@common.type">Type</th>
+        <th i18n="@@common.description">Description</th>
+        <th i18n="@@common.rn">Resource name (RN)</th>
+        <th i18n="@@common.actions">Actions</th>
+      </tr>
+      </thead>
+      <tbody>
+      <tr *ngFor="let item of table.data">
+        <td (click)="navigateToDetail(item.id)">{{ item.name }}</td>
+        <td>
+          <i *ngIf="item.type === 'SysManaged'" style="color: #28a17d;" nz-icon nzType="star" nzTheme="outline"></i>
+          {{item.type | policyType}}
+        </td>
+        <td>{{ item.description }}</td>
+        <td>
+          <i (click)="copyText(resourceName(item))" class="copy-icon" nz-icon nzType="icons:icon-copy"></i>
+          {{ resourceName(item) }}
+        </td>
+        <td>
+          <a class="primary-link-btn" (click)="navigateToDetail(item.id)" i18n="@@common.details">Details</a>
+          <nz-divider nzType="vertical"></nz-divider>
+          <a *ngIf="item.type !== 'SysManaged'" style="color: #717D8A" i18n-nz-popconfirm="@@common.remove-confirm"  nz-popconfirm="This operation cannot be reverted, are you sure to remove it?"
+             nzPopconfirmPlacement="bottomRight"
+             [nzPopconfirmOverlayStyle]="{minWidth: '240px'}"
+             (nzOnConfirm)="delete(item)" [nzIcon]="iconTplIamUser">
+            <ng-container i18n="@@common.remove">Remove</ng-container>
+          </a>
+        </td>
+      </tr>
+      </tbody>
+    </nz-table>
+    <ng-template #iconTplIamUser>
+      <i nz-icon nzType="question-circle" nzTheme="fill" style="color: #FAAD14;"></i>
+    </ng-template>
+  </div>
+</div>
+
+<policy-drawer [visible]="policyDrawerVisible" (close)="policyDrawerClosed($event)"></policy-drawer>
+
diff --git a/modules/front-end/src/app/features/safe/integrations/access-tokens/index/index.component.less b/modules/front-end/src/app/features/safe/integrations/access-tokens/index/index.component.less
new file mode 100644
index 000000000..4443a9bbd
--- /dev/null
+++ b/modules/front-end/src/app/features/safe/integrations/access-tokens/index/index.component.less
@@ -0,0 +1,43 @@
+@import "variables";
+
+.table-content-area {
+  nz-input-group {
+    width: 520px;
+  }
+
+  .copy-icon {
+    color: #717D8A;
+    &:hover {
+      cursor: pointer;
+      color: @grey70-color;
+    }
+  }
+
+  .table-wrapper {
+    .more-tags-item {
+      max-width: 150px;
+    }
+
+    .tag {
+      max-width: 150px;
+    }
+
+    .col-rn {
+      height: 56px;
+      display: flex;
+      justify-content: flex-start;
+      align-items: center;
+      .rn {
+        display: inline-block;
+        max-width: 310px;
+        overflow: hidden;
+        white-space: nowrap;
+        text-overflow: ellipsis;
+      }
+    }
+  }
+}
+
+
+
+
diff --git a/modules/front-end/src/app/features/safe/integrations/access-tokens/index/index.component.ts b/modules/front-end/src/app/features/safe/integrations/access-tokens/index/index.component.ts
new file mode 100644
index 000000000..398df6af4
--- /dev/null
+++ b/modules/front-end/src/app/features/safe/integrations/access-tokens/index/index.component.ts
@@ -0,0 +1,91 @@
+import { Component, OnInit } from '@angular/core';
+import { copyToClipboard, encodeURIComponentFfc } from '@utils/index';
+import { Subject } from 'rxjs';
+import { debounceTime } from 'rxjs/operators';
+import { Router } from "@angular/router";
+import { NzMessageService } from "ng-zorro-antd/message";
+import { IPagedPolicy, IPolicy, PolicyFilter, policyRn } from "@features/safe/iam/types/policy";
+import { PolicyService } from "@services/policy.service";
+
+@Component({
+  selector: 'iam-users',
+  templateUrl: './index.component.html',
+  styleUrls: ['./index.component.less']
+})
+export class IndexComponent implements OnInit {
+
+  constructor(
+    private router: Router,
+    private message: NzMessageService,
+    private policyService: PolicyService
+  ) { }
+
+  private search$ = new Subject();
+
+  isLoading: boolean = true;
+  filter: PolicyFilter = new PolicyFilter();
+  policies: IPagedPolicy = {
+    items: [],
+    totalCount: 0
+  };
+
+  ngOnInit(): void {
+    this.search$.pipe(
+      debounceTime(300)
+    ).subscribe(() => {
+      this.getPolicies();
+    });
+
+    this.search$.next(null);
+  }
+
+  getPolicies() {
+    this.isLoading = true;
+    this.policyService.getList(this.filter).subscribe(policies => {
+      this.policies = policies;
+      this.isLoading = false;
+    }, () => this.isLoading = false);
+  }
+
+  resourceName(policy: IPolicy) {
+    return policyRn(policy);
+  }
+
+  doSearch(resetPage?: boolean) {
+    if (resetPage) {
+      this.filter.pageIndex = 1;
+    }
+
+    this.search$.next(null);
+  }
+
+  policyDrawerVisible: boolean = false;
+  showPolicyDrawer(){
+    this.policyDrawerVisible = true;
+  }
+  policyDrawerClosed(created: any) {
+    this.policyDrawerVisible = false;
+
+    if (created) {
+      this.getPolicies();
+    }
+  }
+
+  navigateToDetail(id: string) {
+    this.router.navigateByUrl(`/iam/policies/${encodeURIComponentFfc(id)}/permission`);
+  }
+
+  delete(policy: IPolicy) {
+    this.policyService.delete(policy.id).subscribe(() => {
+      this.message.success($localize `:@@common.operation-success:Operation succeeded`);
+      this.policies.items = this.policies.items.filter(it => it.id !== policy.id);
+      this.policies.totalCount--;
+    }, () => this.message.error($localize `:@@common.operation-failed:Operation failed`))
+  }
+
+  copyText(text: string) {
+    copyToClipboard(text).then(
+      () => this.message.success($localize `:@@common.copy-success:Copied`)
+    );
+  }
+}
diff --git a/modules/front-end/src/app/features/safe/integrations/access-tokens/index/index.module.ts b/modules/front-end/src/app/features/safe/integrations/access-tokens/index/index.module.ts
new file mode 100644
index 000000000..9c0ac2502
--- /dev/null
+++ b/modules/front-end/src/app/features/safe/integrations/access-tokens/index/index.module.ts
@@ -0,0 +1,48 @@
+import { NgModule } from '@angular/core';
+import { IndexRoutingModule } from './index-routing.module';
+import { CommonModule } from '@angular/common';
+import { FormsModule } from '@angular/forms';
+import { NzSpinModule } from 'ng-zorro-antd/spin';
+import { NzSelectModule } from 'ng-zorro-antd/select';
+import { NzEmptyModule } from 'ng-zorro-antd/empty';
+import { NzTableModule } from 'ng-zorro-antd/table';
+import { NzButtonModule } from 'ng-zorro-antd/button';
+import { NzIconModule } from 'ng-zorro-antd/icon';
+import { NzInputModule } from 'ng-zorro-antd/input';
+import { NzMessageModule } from 'ng-zorro-antd/message';
+
+import { NzDropDownModule } from 'ng-zorro-antd/dropdown';
+import { NzToolTipModule } from 'ng-zorro-antd/tooltip';
+import {IndexComponent} from "@features/safe/integrations/access-tokens/index/index.component";
+import {NzDividerModule} from "ng-zorro-antd/divider";
+import {NzPopconfirmModule} from "ng-zorro-antd/popconfirm";
+import {CoreModule} from "@core/core.module";
+
+
+@NgModule({
+  declarations: [
+    IndexComponent
+  ],
+  imports: [
+    CommonModule,
+    FormsModule,
+    NzSpinModule,
+    NzSelectModule,
+    NzEmptyModule,
+    NzTableModule,
+    NzButtonModule,
+    NzIconModule,
+    NzInputModule,
+    CoreModule,
+    NzMessageModule,
+    NzDropDownModule,
+    NzToolTipModule,
+    NzDividerModule,
+    NzPopconfirmModule,
+    IndexRoutingModule,
+    CoreModule
+  ],
+  providers: [
+  ]
+})
+export class IndexModule { }
diff --git a/modules/front-end/src/app/features/safe/integrations/integrations-routing.module.ts b/modules/front-end/src/app/features/safe/integrations/integrations-routing.module.ts
new file mode 100644
index 000000000..6ab0fd0c0
--- /dev/null
+++ b/modules/front-end/src/app/features/safe/integrations/integrations-routing.module.ts
@@ -0,0 +1,25 @@
+import { NgModule } from '@angular/core';
+import { RouterModule, Routes } from '@angular/router';
+import { IntegrationsComponent } from './integrations.component';
+
+const routes: Routes = [
+  {
+    path: '',
+    component: IntegrationsComponent,
+    children: [
+      {
+        path: 'access-tokens',
+        loadChildren: () => import("./access-tokens/access-tokens.module").then(m => m.AccessTokensModule),
+        data: {
+          breadcrumb: $localize `:@@integrations.routing.access-tokens:Access tokens`
+        },
+      }
+    ]
+  }
+];
+
+@NgModule({
+  imports: [RouterModule.forChild(routes)],
+  exports: [RouterModule]
+})
+export class IntegrationsRoutingModule { }
diff --git a/modules/front-end/src/app/features/safe/integrations/integrations.component.html b/modules/front-end/src/app/features/safe/integrations/integrations.component.html
new file mode 100644
index 000000000..bf4a1a44d
--- /dev/null
+++ b/modules/front-end/src/app/features/safe/integrations/integrations.component.html
@@ -0,0 +1,4 @@
+<ng-container>
+  <router-outlet></router-outlet>
+</ng-container>
+
diff --git a/modules/front-end/src/app/features/safe/integrations/integrations.component.less b/modules/front-end/src/app/features/safe/integrations/integrations.component.less
new file mode 100644
index 000000000..e69de29bb
diff --git a/modules/front-end/src/app/features/safe/integrations/integrations.component.ts b/modules/front-end/src/app/features/safe/integrations/integrations.component.ts
new file mode 100644
index 000000000..7312b41aa
--- /dev/null
+++ b/modules/front-end/src/app/features/safe/integrations/integrations.component.ts
@@ -0,0 +1,16 @@
+import { Component, OnDestroy } from '@angular/core';
+
+@Component({
+  selector: 'integrations',
+  templateUrl: `./integrations.component.html`,
+  styleUrls: ['./integrations.component.less']
+})
+export class IntegrationsComponent implements OnDestroy {
+
+  constructor(
+  ) {
+  }
+
+  ngOnDestroy(): void {
+  }
+}
diff --git a/modules/front-end/src/app/features/safe/integrations/integrations.module.ts b/modules/front-end/src/app/features/safe/integrations/integrations.module.ts
new file mode 100644
index 000000000..317754930
--- /dev/null
+++ b/modules/front-end/src/app/features/safe/integrations/integrations.module.ts
@@ -0,0 +1,20 @@
+import { NgModule } from '@angular/core';
+import { IntegrationsRoutingModule } from './integrations-routing.module';
+import { CommonModule } from '@angular/common';
+import { IntegrationsComponent } from './integrations.component';
+import { NzResultModule } from 'ng-zorro-antd/result';
+
+@NgModule({
+  declarations: [
+    IntegrationsComponent
+  ],
+  imports: [
+    CommonModule,
+    NzResultModule,
+    IntegrationsRoutingModule,
+  ],
+  exports: [
+  ],
+  providers: []
+})
+export class IntegrationsModule { }
diff --git a/modules/front-end/src/app/features/safe/safe-routing.module.ts b/modules/front-end/src/app/features/safe/safe-routing.module.ts
index 3f39ce825..a6f1a1319 100644
--- a/modules/front-end/src/app/features/safe/safe-routing.module.ts
+++ b/modules/front-end/src/app/features/safe/safe-routing.module.ts
@@ -43,6 +43,13 @@ const routes: Routes = [
           breadcrumb: $localize `:@@data-sync:Data sync`
         },
       },
+      {
+        path: 'audit-logs',
+        loadChildren: () => import("./audit-logs/audit-logs.module").then(m => m.AuditLogsModule),
+        data: {
+          breadcrumb: $localize `:@@auditlogs.audit-logs:Audit logs`
+        },
+      },
       {
         path: 'organizations',
         loadChildren: () => import("./organizations/organizations.module").then(m => m.OrganizationsModule),
@@ -56,11 +63,9 @@ const routes: Routes = [
         loadChildren: () => import("./iam/iam.module").then(m => m.IAMModule),
       },
       {
-        path: 'audit-logs',
-        loadChildren: () => import("./audit-logs/audit-logs.module").then(m => m.AuditLogsModule),
-        data: {
-          breadcrumb: $localize `:@@auditlogs.audit-logs:Audit logs`
-        },
+        path: 'integrations',
+        canActivate: [IAMGuard],
+        loadChildren: () => import("./integrations/integrations.module").then(m => m.IntegrationsModule),
       },
       {
         path: '',
diff --git a/modules/front-end/src/app/features/safe/safe.component.ts b/modules/front-end/src/app/features/safe/safe.component.ts
index 73cc36e59..37cdd89bd 100644
--- a/modules/front-end/src/app/features/safe/safe.component.ts
+++ b/modules/front-end/src/app/features/safe/safe.component.ts
@@ -109,6 +109,18 @@ export class SafeComponent implements OnInit, OnDestroy {
             path: '/iam/policies'
           }
         ]
+      },
+      {
+        title: $localize `:@@menu.integrations:Integrations`,
+        icon: 'block',
+        path: '/integrations/access-tokens',
+        children: [
+          {
+            title: $localize `:@@menu.integrations.access-tokens:Access tokens`,
+            icon: '',
+            path: '/integrations/access-tokens'
+          }
+        ]
       }
     ];
   }

From 0b7c37fc4f9138404f39fc242f8253f2f42bca9e Mon Sep 17 00:00:00 2001
From: cosmos-explorer <lian.yang.work@gmail.com>
Date: Thu, 9 Mar 2023 11:30:21 +0100
Subject: [PATCH 02/44] in progress

---
 .../safe/integrations/access-tokens/index/index.component.html  | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/modules/front-end/src/app/features/safe/integrations/access-tokens/index/index.component.html b/modules/front-end/src/app/features/safe/integrations/access-tokens/index/index.component.html
index a8c709338..11902e775 100644
--- a/modules/front-end/src/app/features/safe/integrations/access-tokens/index/index.component.html
+++ b/modules/front-end/src/app/features/safe/integrations/access-tokens/index/index.component.html
@@ -1,7 +1,7 @@
 <div class="table-content-area">
   <div class="table-search-area">
     <nz-input-group [nzPrefix]="prefixIconSearch">
-      <input nz-input type="text" placeholder="Filter by name" [(ngModel)]="filter.name" (ngModelChange)="doSearch()" i18n-placeholder="@@iam.policies.idx.searchPlaceholder">
+      <input nz-input type="text" placeholder="Filter by description or creator" [(ngModel)]="filter.name" (ngModelChange)="doSearch()" i18n-placeholder="@@integrations.access-tokens.idx.searchPlaceholder">
     </nz-input-group>
     <ng-template #prefixIconSearch>
       <i nz-icon nzType="icons:icon-search"></i>

From 23091ecb57868c437f7f16d8adce3be279a8eaf4 Mon Sep 17 00:00:00 2001
From: cosmos-explorer <lian.yang.work@gmail.com>
Date: Sat, 11 Mar 2023 15:14:25 +0100
Subject: [PATCH 03/44] in progress

---
 .../access-token-drawer.component.html        |  92 +++++++++++
 .../access-token-drawer.component.less        |  47 ++++++
 .../access-token-drawer.component.ts          | 149 ++++++++++++++++++
 .../components/guide/guide.component.html     |   2 +-
 modules/front-end/src/app/core/core.module.ts |   7 +-
 .../index/index-routing.module.ts             |   2 +-
 .../access-tokens/index/index.component.html  |   4 +-
 .../access-tokens/index/index.component.ts    |   8 +-
 .../access-tokens/types/access-token.ts       |  10 ++
 modules/front-end/src/styles-common.less      |   9 ++
 10 files changed, 320 insertions(+), 10 deletions(-)
 create mode 100644 modules/front-end/src/app/core/components/access-token-drawer/access-token-drawer.component.html
 create mode 100644 modules/front-end/src/app/core/components/access-token-drawer/access-token-drawer.component.less
 create mode 100644 modules/front-end/src/app/core/components/access-token-drawer/access-token-drawer.component.ts
 create mode 100644 modules/front-end/src/app/features/safe/integrations/access-tokens/types/access-token.ts

diff --git a/modules/front-end/src/app/core/components/access-token-drawer/access-token-drawer.component.html b/modules/front-end/src/app/core/components/access-token-drawer/access-token-drawer.component.html
new file mode 100644
index 000000000..f549fbbd4
--- /dev/null
+++ b/modules/front-end/src/app/core/components/access-token-drawer/access-token-drawer.component.html
@@ -0,0 +1,92 @@
+<nz-drawer
+  nzClosable="false"
+  [nzExtra]="extra"
+  [nzVisible]="visible"
+  nzPlacement="right"
+  i18n-nzTitle="@@integrations.access-token.access-token-drawer.title"
+  nzTitle="Add access token"
+  [nzWidth]="500"
+  (nzOnClose)="onClose()"
+  [nzFooter]="footer">
+  <ng-container *nzDrawerContent>
+    <form nz-form [formGroup]="form" (ngSubmit)="doSubmit()" nzLayout="vertical">
+      <!-- name -->
+      <nz-form-item>
+        <nz-form-label nzRequired i18n="@@common.name">Name</nz-form-label>
+        <nz-form-control nzHasFeedback nzValidatingTip="Validating..." i18n-nzValidatingTip="@@common.validating" [nzErrorTip]="errorTpl">
+          <input type="text" nz-input formControlName="name" placeholder="Name" i18n-placeholder="@@common.name"/>
+        </nz-form-control>
+        <ng-template #errorTpl let-control>
+          <ng-container *ngIf="control.hasError('required')" i18n="@@integrations.access-token.access-token-drawer.name-cannot-be-empty">Access token name cannot be empty</ng-container>
+          <ng-container *ngIf="control.hasError('duplicated')" i18n="@@integrations.access-token.access-token-drawer.name-unavailable">This access token name is not available</ng-container>
+        </ng-template>
+      </nz-form-item>
+
+      <!-- type -->
+      <nz-form-item>
+        <nz-form-label nzRequired i18n="@@common.type">Type</nz-form-label>
+        <nz-form-control>
+          <nz-select
+            (ngModelChange)="onTypeChange()"
+            formControlName="type">
+            <ng-container *ngFor="let at of actionTokenTypes">
+              <nz-option
+                [nzValue]="at"
+                [nzLabel]="actionTokenTypeLabel[at]">
+              </nz-option>
+            </ng-container>
+          </nz-select>
+        </nz-form-control>
+      </nz-form-item>
+
+      <!-- Policies -->
+      <nz-form-item *ngIf="displayPolicies">
+        <nz-form-label nzRequired i18n="@@common.policies">Policies</nz-form-label>
+        <nz-form-control nzErrorTip="Policies is mandatory" i18n-nzErrorTip="@@integrations.access-token.policies-mandatory">
+          <nz-select #policyNodeSelector
+            formControlName="policy"
+            i18n-nzPlaceHolder="@@integrations.access-token.select-policies"
+            nzPlaceHolder="Select policies"
+            nzShowSearch
+            nzServerSearch
+            [compareWith]="policyCompareWith"
+            (ngModelChange)="onPolicySelectChange()"
+            (nzOnSearch)="policyDebouncer.next($event)">
+            <ng-container *ngFor="let policy of policySearchResultList">
+              <nz-option nzCustomContent *ngIf="!isLoadingPolicies" [nzLabel]="policy.name" [nzValue]="policy">
+                <span style="display: flex;justify-content: space-between;align-items: center">
+                  <span>
+                  <i *ngIf="policy.type === 'SysManaged'" style="color: #28a17d;" nz-icon nzType="star" nzTheme="outline"></i>
+                    {{ policy.name }}
+                  </span>
+                  <i *ngIf="policy.isSelected" nz-icon nzType="close"></i>
+                </span>
+              </nz-option>
+            </ng-container>
+            <nz-option *ngIf="isLoadingPolicies" nzDisabled nzCustomContent>
+              <i nz-icon nzType="loading" class="loading-icon"></i> <ng-container i18n="@@common.loading">Loading...</ng-container>
+            </nz-option>
+          </nz-select>
+        </nz-form-control>
+        <div class="selected-policies" nz-row *ngIf="selectedPolicyList.length">
+          <div nz-col class="policy" *ngFor="let policy of selectedPolicyList">
+            <div class="inner-box">
+              <i *ngIf="policy.type === 'SysManaged'" style="color: #28a17d;" nz-icon nzType="star" nzTheme="outline"></i>
+              {{ policy.name }}
+            </div>
+            <button nz-button nzType="default" [nzSize]="'large'" (click)="removePolicy(policy)"><i nz-icon nzType="close"></i></button>
+          </div>
+        </div>
+      </nz-form-item>
+    </form>
+  </ng-container>
+  <ng-template #extra>
+    <i (click)="onClose()" nz-icon nzType="icons:icon-close"></i>
+  </ng-template>
+  <ng-template #footer>
+    <div class="drawer-footer-btn">
+      <button (click)="doSubmit()" nz-button class="submit-btn" [nzType]="'primary'" [nzLoading]="isLoading" i18n="@@common.save">Save</button>
+    </div>
+  </ng-template>
+</nz-drawer>
+
diff --git a/modules/front-end/src/app/core/components/access-token-drawer/access-token-drawer.component.less b/modules/front-end/src/app/core/components/access-token-drawer/access-token-drawer.component.less
new file mode 100644
index 000000000..2e137e412
--- /dev/null
+++ b/modules/front-end/src/app/core/components/access-token-drawer/access-token-drawer.component.less
@@ -0,0 +1,47 @@
+@import "variables";
+
+.selected-policies {
+  border: 1px solid @grey20-color;
+  background-color: #ffffff;
+  padding: 5px 0 1px 6px;
+  box-sizing: border-box;
+  border-radius: 8px;
+  margin-bottom: 12px;
+  margin-top: 12px;
+
+  .policy {
+    display: flex;
+    margin-bottom: 4px;
+    margin-right: 10px;
+
+    .inner-box {
+      width: 182px;
+      border-top-left-radius: 4px;
+      border-bottom-left-radius: 4px;
+      padding: 4px 7px 6px 7px;
+      background: @grey20-color;
+      height: 23px;
+      line-height: 15px;
+      overflow: hidden;
+      text-overflow: ellipsis;
+      cursor: pointer;
+      white-space: nowrap;
+    }
+
+    button {
+      display: flex;
+      background: @grey20-color;
+      border-top-right-radius: 4px;
+      border-bottom-right-radius: 4px;
+      height: 23px;
+      width: 15px;
+      border: 0;
+
+      i {
+        width:10px;
+        height: 10px;
+        font-size: 10px;
+      }
+    }
+  }
+}
diff --git a/modules/front-end/src/app/core/components/access-token-drawer/access-token-drawer.component.ts b/modules/front-end/src/app/core/components/access-token-drawer/access-token-drawer.component.ts
new file mode 100644
index 000000000..6ce7ad416
--- /dev/null
+++ b/modules/front-end/src/app/core/components/access-token-drawer/access-token-drawer.component.ts
@@ -0,0 +1,149 @@
+import { Component, OnInit, Input, Output, EventEmitter, ViewChild } from '@angular/core';
+import { FormBuilder, FormControl, FormGroup, Validators } from '@angular/forms';
+import { NzMessageService } from 'ng-zorro-antd/message';
+import { debounceTime, distinctUntilChanged, first, map, switchMap } from "rxjs/operators";
+import { PolicyService } from "@services/policy.service";
+import { AccessTokenTypeEnum, IAccessTokenPolicy } from "@features/safe/integrations/access-tokens/types/access-token";
+import { PolicyFilter } from "@features/safe/iam/types/policy";
+import { NzSelectComponent } from "ng-zorro-antd/select";
+import { Subject } from "rxjs";
+
+@Component({
+  selector: 'access-token-drawer',
+  templateUrl: './access-token-drawer.component.html',
+  styleUrls: ['./access-token-drawer.component.less']
+})
+export class AccessTokenDrawerComponent implements OnInit {
+
+  public policyCompareWith: (obj1: IAccessTokenPolicy, obj2: IAccessTokenPolicy) => boolean = (obj1: IAccessTokenPolicy, obj2: IAccessTokenPolicy) => {
+    if(obj1 && obj2) {
+      return obj1.id === obj2.id;
+    } else {
+      return false;
+    }
+  };
+
+  @Input() visible: boolean = false;
+  @Output() close: EventEmitter<boolean> = new EventEmitter();
+
+  policyDebouncer = new Subject<string>();
+  constructor(
+    private fb: FormBuilder,
+    private policyService: PolicyService,
+    private message: NzMessageService
+  ) {
+    this.policyDebouncer.pipe(
+      debounceTime(500),
+      distinctUntilChanged()
+    ).subscribe(query => this.searchPolicies(query));
+  }
+
+  displayPolicies: boolean = false
+
+  @ViewChild("policyNodeSelector", { static: false }) policySelectNode: NzSelectComponent;
+  selectedPolicyList: IAccessTokenPolicy[] = [];
+  policySearchResultList: IAccessTokenPolicy[] = [];
+  form: FormGroup;
+  ngOnInit(): void {
+    this.form = this.fb.group({
+      name: ['', [Validators.required], [this.nameAsyncValidator], 'change'],
+      type: [AccessTokenTypeEnum.Personal, [Validators.required]],
+      policy: [null, []],
+    });
+  }
+
+  onClose() {
+    this.form.reset();
+    this.close.emit();
+  }
+
+  onTypeChange() {
+    const { type } = this.form.value;
+    this.displayPolicies = type !== AccessTokenTypeEnum.Personal;
+  }
+
+  onPolicySelectChange() {
+    const { policy } = this.form.value;
+
+    if (this.selectedPolicyList.some((sp) => sp.id === policy.id)) {
+      this.selectedPolicyList = this.selectedPolicyList.filter((sp) => sp.id !== policy.id);
+    } else {
+      this.selectedPolicyList = [...this.selectedPolicyList, {...policy}];
+    }
+
+    this.policySearchResultList = this.policySearchResultList.map((p) => ({
+      ...p,
+      isSelected: this.selectedPolicyList.some((sp => sp.id === p.id))
+    }));
+    this.policySelectNode.writeValue(undefined);
+  }
+
+  removePolicy(policy: IAccessTokenPolicy) {
+    this.selectedPolicyList = this.selectedPolicyList.filter((p) => p.id !== policy.id);
+  }
+
+  isLoadingPolicies = true;
+  searchPolicies(query: string = '') {
+    this.isLoadingPolicies = true;
+
+    this.policyService.getList(new PolicyFilter(query, 1, 50)).subscribe(policies => {
+      this.policySearchResultList = policies.items.map(p => ({
+        ...p,
+        isSelected: this.selectedPolicyList.some((sp => sp.id === p.id))
+      }));
+
+      this.isLoadingPolicies = false;
+    }, () => this.isLoadingPolicies = false);
+  }
+
+  nameAsyncValidator = (control: FormControl) => control.valueChanges.pipe(
+    debounceTime(300),
+    switchMap(value => this.policyService.isNameUsed(value as string)),
+    map(isNameUsed => {
+      switch (isNameUsed) {
+        case true:
+          return { error: true, duplicated: true };
+        case undefined:
+          return { error: true, unknown: true };
+        default:
+          return null;
+      }
+    }),
+    first()
+  );
+
+  isLoading: boolean = false;
+  doSubmit() {
+    if (this.form.invalid) {
+      for (const i in this.form.controls) {
+        this.form.controls[i].markAsDirty();
+        this.form.controls[i].updateValueAndValidity();
+      }
+      return;
+    }
+
+    this.isLoading = true;
+    const {name, description} = this.form.value;
+    this.policyService.create(name, description).subscribe(
+      () => {
+        this.isLoading = false;
+        this.close.emit(true);
+        this.message.success($localize `:@@common.operation-success:Operation succeeded`);
+        this.form.reset();
+      },
+      _ => {
+        this.isLoading = false;
+      }
+    )
+  }
+
+  actionTokenTypeLabel = {
+    [AccessTokenTypeEnum.Personal]: $localize `:@@integrations.access-token.personal:Personal`,
+    [AccessTokenTypeEnum.Service]: $localize `:@@integrations.access-token.personal:Service`
+  }
+
+  actionTokenTypes = [
+    AccessTokenTypeEnum.Personal,
+    AccessTokenTypeEnum.Service
+  ]
+}
diff --git a/modules/front-end/src/app/core/components/guide/guide.component.html b/modules/front-end/src/app/core/components/guide/guide.component.html
index 43303a2d1..08ca71c46 100644
--- a/modules/front-end/src/app/core/components/guide/guide.component.html
+++ b/modules/front-end/src/app/core/components/guide/guide.component.html
@@ -59,7 +59,7 @@ <h4 nz-typography i18n="@@guide.guides-title">How-to guides with demo & SDK</h4>
   </ng-container>
 
   <ng-template #footer>
-    <div class="guide-footer">
+    <div class="drawer-footer-btn">
       <button nz-button nzType="primary" (click)="onClose()" i18n="@@common.close">Close</button>
     </div>
   </ng-template>
diff --git a/modules/front-end/src/app/core/core.module.ts b/modules/front-end/src/app/core/core.module.ts
index df73e183c..4d098281b 100644
--- a/modules/front-end/src/app/core/core.module.ts
+++ b/modules/front-end/src/app/core/core.module.ts
@@ -79,6 +79,7 @@ import { NzTimelineModule } from "ng-zorro-antd/timeline";
 import { ChangeReviewComponent } from "@core/components/change-review/change-review.component";
 import { NzBreadCrumbModule } from "ng-zorro-antd/breadcrumb";
 import { NzInputNumberModule } from "ng-zorro-antd/input-number";
+import { AccessTokenDrawerComponent } from "@core/components/access-token-drawer/access-token-drawer.component";
 
 @NgModule({
   declarations: [
@@ -115,7 +116,8 @@ import { NzInputNumberModule } from "ng-zorro-antd/input-number";
     AuditLogsComponent,
     AuditLogComponent,
     ChangeListComponent,
-    ChangeReviewComponent
+    ChangeReviewComponent,
+    AccessTokenDrawerComponent
   ],
   imports: [
     CommonModule,
@@ -199,7 +201,8 @@ import { NzInputNumberModule } from "ng-zorro-antd/input-number";
     AuditLogsComponent,
     AuditLogComponent,
     ChangeListComponent,
-    ChangeReviewComponent
+    ChangeReviewComponent,
+    AccessTokenDrawerComponent
   ]
 })
 export class CoreModule { }
diff --git a/modules/front-end/src/app/features/safe/integrations/access-tokens/index/index-routing.module.ts b/modules/front-end/src/app/features/safe/integrations/access-tokens/index/index-routing.module.ts
index 4b58b4f28..95bd2240a 100644
--- a/modules/front-end/src/app/features/safe/integrations/access-tokens/index/index-routing.module.ts
+++ b/modules/front-end/src/app/features/safe/integrations/access-tokens/index/index-routing.module.ts
@@ -1,6 +1,6 @@
 import { NgModule } from '@angular/core';
 import { RouterModule, Routes } from '@angular/router';
-import {IndexComponent} from "@features/safe/iam/policies/index/index.component";
+import {IndexComponent} from "@features/safe/integrations/access-tokens/index/index.component";
 
 
 const routes: Routes = [
diff --git a/modules/front-end/src/app/features/safe/integrations/access-tokens/index/index.component.html b/modules/front-end/src/app/features/safe/integrations/access-tokens/index/index.component.html
index 11902e775..c07d0fb99 100644
--- a/modules/front-end/src/app/features/safe/integrations/access-tokens/index/index.component.html
+++ b/modules/front-end/src/app/features/safe/integrations/access-tokens/index/index.component.html
@@ -6,7 +6,7 @@
     <ng-template #prefixIconSearch>
       <i nz-icon nzType="icons:icon-search"></i>
     </ng-template>
-    <button nz-button nzType="primary" (click)="showPolicyDrawer()">
+    <button nz-button nzType="primary" (click)="openAccessTokenDrawer()">
       <i nz-icon nzType="icons:icon-add"></i>
       <ng-container i18n="@@common.add">Add</ng-container>
     </button>
@@ -64,5 +64,5 @@
   </div>
 </div>
 
-<policy-drawer [visible]="policyDrawerVisible" (close)="policyDrawerClosed($event)"></policy-drawer>
+<access-token-drawer [visible]="accessTokenDrawerVisible" (close)="policyDrawerClosed($event)"></access-token-drawer>
 
diff --git a/modules/front-end/src/app/features/safe/integrations/access-tokens/index/index.component.ts b/modules/front-end/src/app/features/safe/integrations/access-tokens/index/index.component.ts
index 398df6af4..d7670cb68 100644
--- a/modules/front-end/src/app/features/safe/integrations/access-tokens/index/index.component.ts
+++ b/modules/front-end/src/app/features/safe/integrations/access-tokens/index/index.component.ts
@@ -59,12 +59,12 @@ export class IndexComponent implements OnInit {
     this.search$.next(null);
   }
 
-  policyDrawerVisible: boolean = false;
-  showPolicyDrawer(){
-    this.policyDrawerVisible = true;
+  accessTokenDrawerVisible: boolean = false;
+  openAccessTokenDrawer(){
+    this.accessTokenDrawerVisible = true;
   }
   policyDrawerClosed(created: any) {
-    this.policyDrawerVisible = false;
+    this.accessTokenDrawerVisible = false;
 
     if (created) {
       this.getPolicies();
diff --git a/modules/front-end/src/app/features/safe/integrations/access-tokens/types/access-token.ts b/modules/front-end/src/app/features/safe/integrations/access-tokens/types/access-token.ts
new file mode 100644
index 000000000..03a68da23
--- /dev/null
+++ b/modules/front-end/src/app/features/safe/integrations/access-tokens/types/access-token.ts
@@ -0,0 +1,10 @@
+import { IPolicy } from "@features/safe/iam/types/policy";
+
+export enum AccessTokenTypeEnum {
+  Personal = 'personal',
+  Service = 'service'
+}
+
+export interface IAccessTokenPolicy extends IPolicy {
+  isSelected: boolean
+}
diff --git a/modules/front-end/src/styles-common.less b/modules/front-end/src/styles-common.less
index a35ef0b61..ba551c4c2 100644
--- a/modules/front-end/src/styles-common.less
+++ b/modules/front-end/src/styles-common.less
@@ -1089,3 +1089,12 @@ app-root {
 .ant-input-suffix {
   pointer-events: unset;
 }
+
+.drawer-footer-btn {
+  display: flex;
+  justify-content: flex-end;
+
+  button {
+    border-radius: 30px;
+  }
+}

From 6b0edae2b34ff561b766cd7d16bc329b69d4012a Mon Sep 17 00:00:00 2001
From: cosmos-explorer <lian.yang.work@gmail.com>
Date: Sat, 11 Mar 2023 15:46:46 +0100
Subject: [PATCH 04/44] added AccessTokenController

---
 .../Api/Controllers/AccessTokenController.cs  | 20 ++++++++++++++
 modules/back-end/src/Api/appsettings.json     |  6 ++---
 .../AccessTokens/IsAccessTokenNameUsed.cs     | 26 +++++++++++++++++++
 .../Services/IAccessTokenService.cs           | 10 +++++++
 .../src/Domain/AccessTokens/AccessToken.cs    | 23 ++++++++++++++++
 .../Domain/AccessTokens/AccessTokenTypes.cs   |  8 ++++++
 .../AccessTokens/AccessTokenService.cs        | 19 ++++++++++++++
 .../src/Infrastructure/ConfigureServices.cs   |  2 ++
 .../Infrastructure/MongoDb/MongoDbClient.cs   |  3 +++
 .../access-token-drawer.component.ts          |  4 ++-
 .../app/core/services/access-token.service.ts | 24 +++++++++++++++++
 .../access-tokens/types/access-token.ts       |  4 +--
 12 files changed, 143 insertions(+), 6 deletions(-)
 create mode 100644 modules/back-end/src/Api/Controllers/AccessTokenController.cs
 create mode 100644 modules/back-end/src/Application/AccessTokens/IsAccessTokenNameUsed.cs
 create mode 100644 modules/back-end/src/Application/Services/IAccessTokenService.cs
 create mode 100644 modules/back-end/src/Domain/AccessTokens/AccessToken.cs
 create mode 100644 modules/back-end/src/Domain/AccessTokens/AccessTokenTypes.cs
 create mode 100644 modules/back-end/src/Infrastructure/AccessTokens/AccessTokenService.cs
 create mode 100644 modules/front-end/src/app/core/services/access-token.service.ts

diff --git a/modules/back-end/src/Api/Controllers/AccessTokenController.cs b/modules/back-end/src/Api/Controllers/AccessTokenController.cs
new file mode 100644
index 000000000..e10d45782
--- /dev/null
+++ b/modules/back-end/src/Api/Controllers/AccessTokenController.cs
@@ -0,0 +1,20 @@
+using Application.AccessTokens;
+
+namespace Api.Controllers;
+
+[Route("api/v{version:apiVersion}/organizations/{organizationId:guid}/access-tokens")]
+public class AccessTokenController : ApiControllerBase
+{
+    [HttpGet("is-name-used")]
+    public async Task<ApiResponse<bool>> IsNameUsedAsync(Guid organizationId, string name)
+    {
+        var request = new IsAccessTokenNameUsed
+        {
+            OrganizationId = organizationId,
+            Name = name
+        };
+
+        var isNameUsed = await Mediator.Send(request);
+        return Ok(isNameUsed);
+    }
+}
\ No newline at end of file
diff --git a/modules/back-end/src/Api/appsettings.json b/modules/back-end/src/Api/appsettings.json
index acb39b6c7..38ba7e844 100644
--- a/modules/back-end/src/Api/appsettings.json
+++ b/modules/back-end/src/Api/appsettings.json
@@ -11,14 +11,14 @@
     "Key": "featbit-identity-key"
   },
   "MongoDb": {
-    "ConnectionString": "mongodb://admin:password@mongodb:27017",
+    "ConnectionString": "mongodb://admin:password@localhost:27017",
     "Database": "featbit"
   },
   "Kafka": {
-    "BootstrapServers": "kafka:9092"
+    "BootstrapServers": "localhost:9092"
   },
   "OLAP": {
-    "ServiceHost": "http://da-server"
+    "ServiceHost": "http://localhost"
   },
   "AllowedHosts": "*"
 }
diff --git a/modules/back-end/src/Application/AccessTokens/IsAccessTokenNameUsed.cs b/modules/back-end/src/Application/AccessTokens/IsAccessTokenNameUsed.cs
new file mode 100644
index 000000000..3dfaf7f46
--- /dev/null
+++ b/modules/back-end/src/Application/AccessTokens/IsAccessTokenNameUsed.cs
@@ -0,0 +1,26 @@
+namespace Application.AccessTokens;
+
+public class IsAccessTokenNameUsed : IRequest<bool>
+{
+    public Guid OrganizationId { get; set; }
+
+    public string Name { get; set; }
+}
+
+public class IsAccessTokenNameUsedHandler : IRequestHandler<IsAccessTokenNameUsed, bool>
+{
+    private readonly IAccessTokenService _service;
+
+    public IsAccessTokenNameUsedHandler(IAccessTokenService service)
+    {
+        _service = service;
+    }
+
+    public async Task<bool> Handle(IsAccessTokenNameUsed request, CancellationToken cancellationToken)
+    {
+        var isNameUsed =
+            await _service.AnyAsync(x => x.OrganizationId == request.OrganizationId && x.Name == request.Name);
+
+        return isNameUsed;
+    }
+}
\ No newline at end of file
diff --git a/modules/back-end/src/Application/Services/IAccessTokenService.cs b/modules/back-end/src/Application/Services/IAccessTokenService.cs
new file mode 100644
index 000000000..eb8e19560
--- /dev/null
+++ b/modules/back-end/src/Application/Services/IAccessTokenService.cs
@@ -0,0 +1,10 @@
+using Application.Bases.Models;
+using Application.Policies;
+using Domain.AccessTokens;
+using Domain.Policies;
+
+namespace Application.Services;
+
+public interface IAccessTokenService : IService<AccessToken>
+{
+}
\ No newline at end of file
diff --git a/modules/back-end/src/Domain/AccessTokens/AccessToken.cs b/modules/back-end/src/Domain/AccessTokens/AccessToken.cs
new file mode 100644
index 000000000..3e3d7a4f6
--- /dev/null
+++ b/modules/back-end/src/Domain/AccessTokens/AccessToken.cs
@@ -0,0 +1,23 @@
+using Domain.Policies;
+
+namespace Domain.AccessTokens;
+
+public class AccessToken : AuditedEntity
+{
+    public Guid? OrganizationId { get; set; }
+
+    public string Name { get; set; }
+
+    public string Type { get; set; }
+
+    public ICollection<Policy> Policies { get; set; }
+
+    public AccessToken(Guid organizationId, string name, string type)
+    {
+        OrganizationId = organizationId;
+        Name = name;
+
+        Type = AccessTokenTypes.Personal;
+        Policies = Array.Empty<Policy>();
+    }
+}
\ No newline at end of file
diff --git a/modules/back-end/src/Domain/AccessTokens/AccessTokenTypes.cs b/modules/back-end/src/Domain/AccessTokens/AccessTokenTypes.cs
new file mode 100644
index 000000000..01946ef17
--- /dev/null
+++ b/modules/back-end/src/Domain/AccessTokens/AccessTokenTypes.cs
@@ -0,0 +1,8 @@
+namespace Domain.Policies;
+
+public class AccessTokenTypes
+{
+    public const string Personal = "Personal";
+
+    public const string Service = "Service";
+}
\ No newline at end of file
diff --git a/modules/back-end/src/Infrastructure/AccessTokens/AccessTokenService.cs b/modules/back-end/src/Infrastructure/AccessTokens/AccessTokenService.cs
new file mode 100644
index 000000000..1c8bbbe4b
--- /dev/null
+++ b/modules/back-end/src/Infrastructure/AccessTokens/AccessTokenService.cs
@@ -0,0 +1,19 @@
+using Application.Bases.Models;
+using Application.Policies;
+using Domain.AccessTokens;
+using Domain.Groups;
+using Domain.Members;
+using Domain.Organizations;
+using Domain.Policies;
+using Domain.Users;
+using MongoDB.Driver;
+using MongoDB.Driver.Linq;
+
+namespace Infrastructure.AccessTokens;
+
+public class AccessTokenService : MongoDbService<AccessToken>, IAccessTokenService
+{
+    public AccessTokenService(MongoDbClient mongoDb) : base(mongoDb)
+    {
+    }
+}
\ No newline at end of file
diff --git a/modules/back-end/src/Infrastructure/ConfigureServices.cs b/modules/back-end/src/Infrastructure/ConfigureServices.cs
index c764cf6bd..7cc4f1552 100644
--- a/modules/back-end/src/Infrastructure/ConfigureServices.cs
+++ b/modules/back-end/src/Infrastructure/ConfigureServices.cs
@@ -2,6 +2,7 @@
 using Domain.Identity;
 using Domain.Messages;
 using Domain.Users;
+using Infrastructure.AccessTokens;
 using Infrastructure.AuditLogs;
 using Infrastructure.DataSync;
 using Infrastructure.EndUsers;
@@ -94,6 +95,7 @@ public static IServiceCollection AddInfrastructureServices(
         services.AddTransient<IExperimentMetricService, ExperimentMetricService>();
         services.AddTransient<IAuditLogService, AuditLogService>();
         services.AddSingleton<IEvaluator, Evaluator>();
+        services.AddTransient<IAccessTokenService, AccessTokenService>();
 
         return services;
     }
diff --git a/modules/back-end/src/Infrastructure/MongoDb/MongoDbClient.cs b/modules/back-end/src/Infrastructure/MongoDb/MongoDbClient.cs
index ae3334333..bd6cc7634 100644
--- a/modules/back-end/src/Infrastructure/MongoDb/MongoDbClient.cs
+++ b/modules/back-end/src/Infrastructure/MongoDb/MongoDbClient.cs
@@ -1,3 +1,4 @@
+using Domain.AccessTokens;
 using Domain.AuditLogs;
 using Domain.EndUsers;
 using Domain.ExperimentMetrics;
@@ -59,6 +60,8 @@ public MongoDbClient(IOptions<MongoDbOptions> options)
 
         { typeof(Experiment), "Experiments" },
         { typeof(ExperimentMetric), "ExperimentMetrics" },
+        
+        { typeof(AccessToken), "AccessTokens" },
     };
 
     public IMongoCollection<TEntity> CollectionOf<TEntity>()
diff --git a/modules/front-end/src/app/core/components/access-token-drawer/access-token-drawer.component.ts b/modules/front-end/src/app/core/components/access-token-drawer/access-token-drawer.component.ts
index 6ce7ad416..d0d1b2d4d 100644
--- a/modules/front-end/src/app/core/components/access-token-drawer/access-token-drawer.component.ts
+++ b/modules/front-end/src/app/core/components/access-token-drawer/access-token-drawer.component.ts
@@ -7,6 +7,7 @@ import { AccessTokenTypeEnum, IAccessTokenPolicy } from "@features/safe/integrat
 import { PolicyFilter } from "@features/safe/iam/types/policy";
 import { NzSelectComponent } from "ng-zorro-antd/select";
 import { Subject } from "rxjs";
+import { AccessTokenService } from "@services/access-token.service";
 
 @Component({
   selector: 'access-token-drawer',
@@ -30,6 +31,7 @@ export class AccessTokenDrawerComponent implements OnInit {
   constructor(
     private fb: FormBuilder,
     private policyService: PolicyService,
+    private accessTokenService: AccessTokenService,
     private message: NzMessageService
   ) {
     this.policyDebouncer.pipe(
@@ -98,7 +100,7 @@ export class AccessTokenDrawerComponent implements OnInit {
 
   nameAsyncValidator = (control: FormControl) => control.valueChanges.pipe(
     debounceTime(300),
-    switchMap(value => this.policyService.isNameUsed(value as string)),
+    switchMap(value => this.accessTokenService.isNameUsed(value as string)),
     map(isNameUsed => {
       switch (isNameUsed) {
         case true:
diff --git a/modules/front-end/src/app/core/services/access-token.service.ts b/modules/front-end/src/app/core/services/access-token.service.ts
new file mode 100644
index 000000000..e055bd73b
--- /dev/null
+++ b/modules/front-end/src/app/core/services/access-token.service.ts
@@ -0,0 +1,24 @@
+import { Injectable } from "@angular/core";
+import { HttpClient } from "@angular/common/http";
+import { getCurrentOrganization } from "@utils/project-env";
+import { environment } from "src/environments/environment";
+import { Observable, of } from "rxjs";
+import { catchError } from "rxjs/operators";
+
+@Injectable({
+  providedIn: 'root'
+})
+export class AccessTokenService {
+  constructor(private http: HttpClient) { }
+
+  get baseUrl() {
+    const organizationId = getCurrentOrganization().id;
+    return `${environment.url}/api/v1/organizations/${organizationId}/access-tokens`;
+  }
+
+  isNameUsed(name: string) {
+    const url = `${this.baseUrl}/is-name-used?name=${name}`;
+
+    return this.http.get<boolean>(url).pipe(catchError(() => of(undefined)));
+  }
+}
diff --git a/modules/front-end/src/app/features/safe/integrations/access-tokens/types/access-token.ts b/modules/front-end/src/app/features/safe/integrations/access-tokens/types/access-token.ts
index 03a68da23..73f96d437 100644
--- a/modules/front-end/src/app/features/safe/integrations/access-tokens/types/access-token.ts
+++ b/modules/front-end/src/app/features/safe/integrations/access-tokens/types/access-token.ts
@@ -1,8 +1,8 @@
 import { IPolicy } from "@features/safe/iam/types/policy";
 
 export enum AccessTokenTypeEnum {
-  Personal = 'personal',
-  Service = 'service'
+  Personal = 'Personal',
+  Service = 'Service'
 }
 
 export interface IAccessTokenPolicy extends IPolicy {

From 669330e10d3c88861a992bd24512ba89d471e634 Mon Sep 17 00:00:00 2001
From: cosmos-explorer <lian.yang.work@gmail.com>
Date: Sat, 11 Mar 2023 17:53:43 +0100
Subject: [PATCH 05/44] in progress

---
 .../Api/Controllers/AccessTokenController.cs  |  9 +++
 .../Application/AccessTokens/AccessTokenVm.cs | 14 +++++
 .../AccessTokens/CreateAccessToken.cs         | 63 +++++++++++++++++++
 .../Application/AccessTokens/MapperProfile.cs | 13 ++++
 .../src/Application/Bases/ErrorCodes.cs       |  4 ++
 .../src/Application/Policies/MapperProfile.cs |  1 +
 .../src/Domain/AccessTokens/AccessToken.cs    |  4 +-
 .../Domain/AccessTokens/AccessTokenTypes.cs   |  7 +++
 .../access-token-drawer.component.html        |  7 ++-
 .../access-token-drawer.component.less        |  4 ++
 .../access-token-drawer.component.ts          | 57 ++++++++++++-----
 .../request-response.interceptor.ts           |  2 +-
 .../app/core/services/access-token.service.ts |  6 ++
 .../access-tokens/types/access-token.ts       |  7 +++
 modules/front-end/src/variables.less          |  1 +
 15 files changed, 180 insertions(+), 19 deletions(-)
 create mode 100644 modules/back-end/src/Application/AccessTokens/AccessTokenVm.cs
 create mode 100644 modules/back-end/src/Application/AccessTokens/CreateAccessToken.cs
 create mode 100644 modules/back-end/src/Application/AccessTokens/MapperProfile.cs

diff --git a/modules/back-end/src/Api/Controllers/AccessTokenController.cs b/modules/back-end/src/Api/Controllers/AccessTokenController.cs
index e10d45782..a4830e05b 100644
--- a/modules/back-end/src/Api/Controllers/AccessTokenController.cs
+++ b/modules/back-end/src/Api/Controllers/AccessTokenController.cs
@@ -17,4 +17,13 @@ public async Task<ApiResponse<bool>> IsNameUsedAsync(Guid organizationId, string
         var isNameUsed = await Mediator.Send(request);
         return Ok(isNameUsed);
     }
+    
+    [HttpPost]
+    public async Task<ApiResponse<AccessTokenVm>> CreateAsync(Guid organizationId, CreateAccessToken request)
+    {
+        request.OrganizationId = organizationId;
+
+        var policy = await Mediator.Send(request);
+        return Ok(policy);
+    }
 }
\ No newline at end of file
diff --git a/modules/back-end/src/Application/AccessTokens/AccessTokenVm.cs b/modules/back-end/src/Application/AccessTokens/AccessTokenVm.cs
new file mode 100644
index 000000000..3b4033812
--- /dev/null
+++ b/modules/back-end/src/Application/AccessTokens/AccessTokenVm.cs
@@ -0,0 +1,14 @@
+using Domain.Policies;
+
+namespace Application.AccessTokens;
+
+public class AccessTokenVm
+{
+    public string Id { get; set; }
+
+    public string Name { get; set; }
+        
+    public string Type { get; set; }
+
+    public IEnumerable<Guid> PolicyIds { get; set; }
+}
\ No newline at end of file
diff --git a/modules/back-end/src/Application/AccessTokens/CreateAccessToken.cs b/modules/back-end/src/Application/AccessTokens/CreateAccessToken.cs
new file mode 100644
index 000000000..0724e5b72
--- /dev/null
+++ b/modules/back-end/src/Application/AccessTokens/CreateAccessToken.cs
@@ -0,0 +1,63 @@
+using Application.Bases;
+using Application.Policies;
+using Domain.AccessTokens;
+using Domain.Policies;
+
+namespace Application.AccessTokens;
+
+public class CreateAccessToken : IRequest<AccessTokenVm>
+{
+    public Guid OrganizationId { get; set; }
+
+    public string Name { get; set; }
+
+    public string Type { get; set; }
+    
+    public IEnumerable<Guid> PolicyIds { get; set; }
+}
+
+public class CreateAccessTokenValidator : AbstractValidator<CreateAccessToken>
+{
+    public CreateAccessTokenValidator()
+    {
+        RuleFor(x => x.Name)
+            .NotEmpty().WithErrorCode(ErrorCodes.NameIsRequired);
+        
+        RuleFor(x => x.Type)
+            .Must(AccessTokenTypes.IsDefined).WithErrorCode(ErrorCodes.InvalidAccessTokenType);
+        
+        RuleFor(x => x.PolicyIds)
+            .Must(PolicyIds => PolicyIds.Any())
+            .Unless(x => x.Type == AccessTokenTypes.Personal)
+            .WithErrorCode(ErrorCodes.ServiceAccessTokenMustDefinePolicies);
+    }
+}
+
+public class CreateAccessTokenHandler : IRequestHandler<CreateAccessToken, AccessTokenVm>
+{
+    private readonly IPolicyService _policyService;
+    private readonly IAccessTokenService _service;
+    private readonly IMapper _mapper;
+
+    public CreateAccessTokenHandler(IAccessTokenService service, IPolicyService policyService, IMapper mapper)
+    {
+        _service = service;
+        _policyService = policyService;
+        _mapper = mapper;
+    }
+
+    public async Task<AccessTokenVm> Handle(CreateAccessToken request, CancellationToken cancellationToken)
+    {
+        var policies = Enumerable.Empty<Policy>();
+        if (request.Type == AccessTokenTypes.Service)
+        {
+            policies = await _policyService.FindManyAsync((x) => request.PolicyIds.Contains(x.Id));
+        }
+        
+        var accessToken = new AccessToken(request.OrganizationId, request.Name, request.Type, policies);
+
+        await _service.AddOneAsync(accessToken);
+
+        return _mapper.Map<AccessTokenVm>(accessToken);
+    }
+}
\ No newline at end of file
diff --git a/modules/back-end/src/Application/AccessTokens/MapperProfile.cs b/modules/back-end/src/Application/AccessTokens/MapperProfile.cs
new file mode 100644
index 000000000..db401ba40
--- /dev/null
+++ b/modules/back-end/src/Application/AccessTokens/MapperProfile.cs
@@ -0,0 +1,13 @@
+using Application.Bases.Models;
+using Domain.AccessTokens;
+
+namespace Application.AccessTokens;
+
+public class MapperProfile : Profile
+{
+    public MapperProfile()
+    {
+        CreateMap<AccessToken, AccessTokenVm>();
+        CreateMap<PagedResult<AccessToken>, PagedResult<AccessTokenVm>>();
+    }
+}
\ No newline at end of file
diff --git a/modules/back-end/src/Application/Bases/ErrorCodes.cs b/modules/back-end/src/Application/Bases/ErrorCodes.cs
index 8a968cbf9..581e2af2d 100644
--- a/modules/back-end/src/Application/Bases/ErrorCodes.cs
+++ b/modules/back-end/src/Application/Bases/ErrorCodes.cs
@@ -65,4 +65,8 @@ public static class ErrorCodes
     public const string EventTypeIsRequired = nameof(EventTypeIsRequired);
     public const string EventNameIsRequired = nameof(EventNameIsRequired);
     public const string MetricIsBeingUsedByExperiment = nameof(MetricIsBeingUsedByExperiment);
+    
+    // access tokens
+    public const string InvalidAccessTokenType = nameof(InvalidAccessTokenType);
+    public const string ServiceAccessTokenMustDefinePolicies = nameof(ServiceAccessTokenMustDefinePolicies);
 }
\ No newline at end of file
diff --git a/modules/back-end/src/Application/Policies/MapperProfile.cs b/modules/back-end/src/Application/Policies/MapperProfile.cs
index 45e35bd19..6febbe829 100644
--- a/modules/back-end/src/Application/Policies/MapperProfile.cs
+++ b/modules/back-end/src/Application/Policies/MapperProfile.cs
@@ -8,6 +8,7 @@ public class MapperProfile : Profile
     public MapperProfile()
     {
         CreateMap<Policy, PolicyVm>();
+        CreateMap<IEnumerable<PolicyVm>, IEnumerable<Policy>>();
         CreateMap<PagedResult<Policy>, PagedResult<PolicyVm>>();
     }
 }
\ No newline at end of file
diff --git a/modules/back-end/src/Domain/AccessTokens/AccessToken.cs b/modules/back-end/src/Domain/AccessTokens/AccessToken.cs
index 3e3d7a4f6..6ab06a94e 100644
--- a/modules/back-end/src/Domain/AccessTokens/AccessToken.cs
+++ b/modules/back-end/src/Domain/AccessTokens/AccessToken.cs
@@ -12,12 +12,12 @@ public class AccessToken : AuditedEntity
 
     public ICollection<Policy> Policies { get; set; }
 
-    public AccessToken(Guid organizationId, string name, string type)
+    public AccessToken(Guid organizationId, string name, string type, IEnumerable<Policy> policies)
     {
         OrganizationId = organizationId;
         Name = name;
 
         Type = AccessTokenTypes.Personal;
-        Policies = Array.Empty<Policy>();
+        Policies = policies.ToArray();
     }
 }
\ No newline at end of file
diff --git a/modules/back-end/src/Domain/AccessTokens/AccessTokenTypes.cs b/modules/back-end/src/Domain/AccessTokens/AccessTokenTypes.cs
index 01946ef17..45a2da628 100644
--- a/modules/back-end/src/Domain/AccessTokens/AccessTokenTypes.cs
+++ b/modules/back-end/src/Domain/AccessTokens/AccessTokenTypes.cs
@@ -5,4 +5,11 @@ public class AccessTokenTypes
     public const string Personal = "Personal";
 
     public const string Service = "Service";
+    
+    public static readonly string[] All = { Personal, Service };
+    
+    public static bool IsDefined(string type)
+    {
+        return All.Contains(type);
+    }
 }
\ No newline at end of file
diff --git a/modules/front-end/src/app/core/components/access-token-drawer/access-token-drawer.component.html b/modules/front-end/src/app/core/components/access-token-drawer/access-token-drawer.component.html
index f549fbbd4..52d2bdf02 100644
--- a/modules/front-end/src/app/core/components/access-token-drawer/access-token-drawer.component.html
+++ b/modules/front-end/src/app/core/components/access-token-drawer/access-token-drawer.component.html
@@ -40,9 +40,9 @@
       </nz-form-item>
 
       <!-- Policies -->
-      <nz-form-item *ngIf="displayPolicies">
+      <nz-form-item *ngIf="isServiceAccessToken">
         <nz-form-label nzRequired i18n="@@common.policies">Policies</nz-form-label>
-        <nz-form-control nzErrorTip="Policies is mandatory" i18n-nzErrorTip="@@integrations.access-token.policies-mandatory">
+        <nz-form-control>
           <nz-select #policyNodeSelector
             formControlName="policy"
             i18n-nzPlaceHolder="@@integrations.access-token.select-policies"
@@ -77,6 +77,9 @@
             <button nz-button nzType="default" [nzSize]="'large'" (click)="removePolicy(policy)"><i nz-icon nzType="close"></i></button>
           </div>
         </div>
+
+        <div class="error-message" *ngIf="!isPolicyIdsValid" i18n="@@integrations.access-token.service-access-token-must-define-policies">Policies are mandatory for service type access tokens</div>
+
       </nz-form-item>
     </form>
   </ng-container>
diff --git a/modules/front-end/src/app/core/components/access-token-drawer/access-token-drawer.component.less b/modules/front-end/src/app/core/components/access-token-drawer/access-token-drawer.component.less
index 2e137e412..75b92cc95 100644
--- a/modules/front-end/src/app/core/components/access-token-drawer/access-token-drawer.component.less
+++ b/modules/front-end/src/app/core/components/access-token-drawer/access-token-drawer.component.less
@@ -1,5 +1,9 @@
 @import "variables";
 
+.error-message {
+  color: @red60-color;
+}
+
 .selected-policies {
   border: 1px solid @grey20-color;
   background-color: #ffffff;
diff --git a/modules/front-end/src/app/core/components/access-token-drawer/access-token-drawer.component.ts b/modules/front-end/src/app/core/components/access-token-drawer/access-token-drawer.component.ts
index d0d1b2d4d..e7133085c 100644
--- a/modules/front-end/src/app/core/components/access-token-drawer/access-token-drawer.component.ts
+++ b/modules/front-end/src/app/core/components/access-token-drawer/access-token-drawer.component.ts
@@ -40,7 +40,7 @@ export class AccessTokenDrawerComponent implements OnInit {
     ).subscribe(query => this.searchPolicies(query));
   }
 
-  displayPolicies: boolean = false
+  isServiceAccessToken: boolean = false
 
   @ViewChild("policyNodeSelector", { static: false }) policySelectNode: NzSelectComponent;
   selectedPolicyList: IAccessTokenPolicy[] = [];
@@ -50,7 +50,7 @@ export class AccessTokenDrawerComponent implements OnInit {
     this.form = this.fb.group({
       name: ['', [Validators.required], [this.nameAsyncValidator], 'change'],
       type: [AccessTokenTypeEnum.Personal, [Validators.required]],
-      policy: [null, []],
+      policy: [null, []]
     });
   }
 
@@ -61,7 +61,7 @@ export class AccessTokenDrawerComponent implements OnInit {
 
   onTypeChange() {
     const { type } = this.form.value;
-    this.displayPolicies = type !== AccessTokenTypeEnum.Personal;
+    this.isServiceAccessToken = type === AccessTokenTypeEnum.Service;
   }
 
   onPolicySelectChange() {
@@ -78,10 +78,12 @@ export class AccessTokenDrawerComponent implements OnInit {
       isSelected: this.selectedPolicyList.some((sp => sp.id === p.id))
     }));
     this.policySelectNode.writeValue(undefined);
+    this.validatePoliciesControl();
   }
 
   removePolicy(policy: IAccessTokenPolicy) {
     this.selectedPolicyList = this.selectedPolicyList.filter((p) => p.id !== policy.id);
+    this.validatePoliciesControl();
   }
 
   isLoadingPolicies = true;
@@ -115,27 +117,54 @@ export class AccessTokenDrawerComponent implements OnInit {
   );
 
   isLoading: boolean = false;
+  isPolicyIdsValid = true;
+
+  validatePoliciesControl() {
+    const policyControl = this.form.get('policy');
+    if (this.isServiceAccessToken && this.selectedPolicyList.length === 0) {
+      policyControl.setValidators(Validators.required);
+      policyControl.setErrors({required: true});
+      this.isPolicyIdsValid = false;
+    } else {
+      policyControl.clearValidators();
+      policyControl.markAsPristine();
+      this.isPolicyIdsValid = true;
+    }
+  }
   doSubmit() {
+    // we validate name and type only here
     if (this.form.invalid) {
       for (const i in this.form.controls) {
         this.form.controls[i].markAsDirty();
         this.form.controls[i].updateValueAndValidity();
       }
+    }
+
+    // validate policies
+    this.validatePoliciesControl();
+
+    if (this.form.invalid || !this.isPolicyIdsValid) {
       return;
     }
 
     this.isLoading = true;
-    const {name, description} = this.form.value;
-    this.policyService.create(name, description).subscribe(
-      () => {
-        this.isLoading = false;
-        this.close.emit(true);
-        this.message.success($localize `:@@common.operation-success:Operation succeeded`);
-        this.form.reset();
-      },
-      _ => {
-        this.isLoading = false;
-      }
+    const { name, type } = this.form.value;
+    const policies = this.isServiceAccessToken ? this.selectedPolicyList.map(p => p.id) : [];
+
+    this.accessTokenService.create(name, type, policies).subscribe({
+        next: () => {
+          this.isLoading = false;
+          this.close.emit(true);
+          this.message.success($localize `:@@common.operation-success:Operation succeeded`);
+          this.form.reset();
+        },
+        error: (e) => {
+          this.isLoading = false;
+          if (e.errors[0] === 'ServiceAccessTokenMustDefinePolicies') {
+            this.message.error($localize `:@@integrations.access-token.service-access-token-must-define-policies:Policies are mandatory for service type access tokens`);
+          }
+        }
+    }
     )
   }
 
diff --git a/modules/front-end/src/app/core/interceptors/request-response.interceptor.ts b/modules/front-end/src/app/core/interceptors/request-response.interceptor.ts
index 50574a049..0c2b02bd5 100644
--- a/modules/front-end/src/app/core/interceptors/request-response.interceptor.ts
+++ b/modules/front-end/src/app/core/interceptors/request-response.interceptor.ts
@@ -48,7 +48,7 @@ export class RequestResponseInterceptor implements HttpInterceptor {
           }
 
           this.showErrorMsg(errorResponse);
-          throw errorResponse;
+          throw errorResponse.error;
         })
       );
   }
diff --git a/modules/front-end/src/app/core/services/access-token.service.ts b/modules/front-end/src/app/core/services/access-token.service.ts
index e055bd73b..24fd8db1b 100644
--- a/modules/front-end/src/app/core/services/access-token.service.ts
+++ b/modules/front-end/src/app/core/services/access-token.service.ts
@@ -4,6 +4,8 @@ import { getCurrentOrganization } from "@utils/project-env";
 import { environment } from "src/environments/environment";
 import { Observable, of } from "rxjs";
 import { catchError } from "rxjs/operators";
+import { IPolicy } from "@features/safe/iam/types/policy";
+import { IAccessToken } from "@features/safe/integrations/access-tokens/types/access-token";
 
 @Injectable({
   providedIn: 'root'
@@ -21,4 +23,8 @@ export class AccessTokenService {
 
     return this.http.get<boolean>(url).pipe(catchError(() => of(undefined)));
   }
+
+  create(name: string, type: string, policyIds: string[] = []): Observable<IAccessToken> {
+    return this.http.post<IAccessToken>(this.baseUrl, { name, type, policyIds });
+  }
 }
diff --git a/modules/front-end/src/app/features/safe/integrations/access-tokens/types/access-token.ts b/modules/front-end/src/app/features/safe/integrations/access-tokens/types/access-token.ts
index 73f96d437..47e2b21ed 100644
--- a/modules/front-end/src/app/features/safe/integrations/access-tokens/types/access-token.ts
+++ b/modules/front-end/src/app/features/safe/integrations/access-tokens/types/access-token.ts
@@ -1,5 +1,12 @@
 import { IPolicy } from "@features/safe/iam/types/policy";
 
+export interface IAccessToken {
+  id: string;
+  type: string;
+  name: string;
+  policies: IPolicy[],
+}
+
 export enum AccessTokenTypeEnum {
   Personal = 'Personal',
   Service = 'Service'
diff --git a/modules/front-end/src/variables.less b/modules/front-end/src/variables.less
index b94360801..36529c079 100644
--- a/modules/front-end/src/variables.less
+++ b/modules/front-end/src/variables.less
@@ -29,6 +29,7 @@
 @red10-color: #FFE8D7;
 @red40-color: #FF886B;
 @red50-color: #FF513A;
+@red60-color: #ff4d4f;
 
 @yellow10-color: #FFF9CF;
 @yellow55-color: #faad14;

From b6f3f4306c23de47543e8295458e3faaf93f1e7a Mon Sep 17 00:00:00 2001
From: cosmos-explorer <lian.yang.work@gmail.com>
Date: Sat, 11 Mar 2023 21:46:55 +0100
Subject: [PATCH 06/44] in progress

---
 .../Api/Controllers/AccessTokenController.cs  | 21 ++++-
 .../AccessTokens/AccessTokenFilter.cs         | 10 +++
 .../Application/AccessTokens/AccessTokenVm.cs | 10 ++-
 .../AccessTokens/CreateAccessToken.cs         |  6 +-
 .../AccessTokens/GetAccessTokenList.cs        | 40 ++++++++++
 .../Services/IAccessTokenService.cs           |  4 +-
 .../Application/Services/IMemberService.cs    |  1 +
 .../src/Domain/AccessTokens/AccessToken.cs    | 16 +++-
 .../Domain/AccessTokens/AccessTokenStatus.cs  | 15 ++++
 .../Domain/AccessTokens/AccessTokenTypes.cs   |  2 +-
 .../AccessTokens/AccessTokenService.cs        | 34 ++++++++
 .../Infrastructure/Members/MemberService.cs   | 13 +++
 .../access-token-drawer.component.html        |  2 +-
 .../access-token-drawer.component.ts          |  5 --
 modules/front-end/src/app/core/core.module.ts |  6 ++
 .../core/pipes/access-token-status.pipe.ts    | 19 +++++
 .../app/core/pipes/access-token-type.pipe.ts  | 16 ++++
 .../app/core/services/access-token.service.ts | 28 ++++++-
 .../experimentation.component.less            |  2 +-
 .../policy-editor.component.less              |  2 +-
 .../iam/groups/index/index.component.less     |  2 +-
 .../iam/policies/index/index.component.less   |  2 +-
 .../safe/iam/team/index/index.component.less  |  2 +-
 .../access-tokens/index/index.component.html  | 67 ++++++++++++----
 .../access-tokens/index/index.component.less  |  4 +-
 .../access-tokens/index/index.component.ts    | 80 ++++++++++++++-----
 .../access-tokens/types/access-token.ts       | 33 ++++++++
 27 files changed, 379 insertions(+), 63 deletions(-)
 create mode 100644 modules/back-end/src/Application/AccessTokens/AccessTokenFilter.cs
 create mode 100644 modules/back-end/src/Application/AccessTokens/GetAccessTokenList.cs
 create mode 100644 modules/back-end/src/Domain/AccessTokens/AccessTokenStatus.cs
 create mode 100644 modules/front-end/src/app/core/pipes/access-token-status.pipe.ts
 create mode 100644 modules/front-end/src/app/core/pipes/access-token-type.pipe.ts

diff --git a/modules/back-end/src/Api/Controllers/AccessTokenController.cs b/modules/back-end/src/Api/Controllers/AccessTokenController.cs
index a4830e05b..4cd80aef7 100644
--- a/modules/back-end/src/Api/Controllers/AccessTokenController.cs
+++ b/modules/back-end/src/Api/Controllers/AccessTokenController.cs
@@ -1,10 +1,26 @@
 using Application.AccessTokens;
+using Application.Bases.Models;
 
 namespace Api.Controllers;
 
 [Route("api/v{version:apiVersion}/organizations/{organizationId:guid}/access-tokens")]
 public class AccessTokenController : ApiControllerBase
 {
+    [HttpGet]
+    public async Task<ApiResponse<PagedResult<AccessTokenVm>>> GetListAsync(
+        Guid organizationId,
+        [FromQuery] AccessTokenFilter filter)
+    {
+        var request = new GetAccessTokenList
+        {
+            OrganizationId = organizationId,
+            Filter = filter
+        };
+    
+        var accessTokens = await Mediator.Send(request);
+        return Ok(accessTokens);
+    }
+    
     [HttpGet("is-name-used")]
     public async Task<ApiResponse<bool>> IsNameUsedAsync(Guid organizationId, string name)
     {
@@ -22,8 +38,9 @@ public async Task<ApiResponse<bool>> IsNameUsedAsync(Guid organizationId, string
     public async Task<ApiResponse<AccessTokenVm>> CreateAsync(Guid organizationId, CreateAccessToken request)
     {
         request.OrganizationId = organizationId;
+        request.CreatorId = CurrentUser.Id;
 
-        var policy = await Mediator.Send(request);
-        return Ok(policy);
+        var accessToken = await Mediator.Send(request);
+        return Ok(accessToken);
     }
 }
\ No newline at end of file
diff --git a/modules/back-end/src/Application/AccessTokens/AccessTokenFilter.cs b/modules/back-end/src/Application/AccessTokens/AccessTokenFilter.cs
new file mode 100644
index 000000000..8505a5da1
--- /dev/null
+++ b/modules/back-end/src/Application/AccessTokens/AccessTokenFilter.cs
@@ -0,0 +1,10 @@
+using Application.Bases.Models;
+
+namespace Application.AccessTokens;
+
+public class AccessTokenFilter : PagedRequest
+{
+    public string Name { get; set; }
+    public Guid? CreatorId { get; set; }
+    public string Type { get; set; }
+}
\ No newline at end of file
diff --git a/modules/back-end/src/Application/AccessTokens/AccessTokenVm.cs b/modules/back-end/src/Application/AccessTokens/AccessTokenVm.cs
index 3b4033812..f81633442 100644
--- a/modules/back-end/src/Application/AccessTokens/AccessTokenVm.cs
+++ b/modules/back-end/src/Application/AccessTokens/AccessTokenVm.cs
@@ -1,14 +1,20 @@
+using Application.Members;
 using Domain.Policies;
 
 namespace Application.AccessTokens;
 
 public class AccessTokenVm
 {
-    public string Id { get; set; }
+    public Guid Id { get; set; }
 
     public string Name { get; set; }
         
     public string Type { get; set; }
+    
+    public string Status { get; set; }
+    public MemberVm Creator { get; set; }
 
-    public IEnumerable<Guid> PolicyIds { get; set; }
+    public IEnumerable<Policy> Policies { get; set; }
+    
+    public DateTime? LastUsedAt { get; set; }
 }
\ No newline at end of file
diff --git a/modules/back-end/src/Application/AccessTokens/CreateAccessToken.cs b/modules/back-end/src/Application/AccessTokens/CreateAccessToken.cs
index 0724e5b72..ff2ba8af6 100644
--- a/modules/back-end/src/Application/AccessTokens/CreateAccessToken.cs
+++ b/modules/back-end/src/Application/AccessTokens/CreateAccessToken.cs
@@ -12,7 +12,9 @@ public class CreateAccessToken : IRequest<AccessTokenVm>
     public string Name { get; set; }
 
     public string Type { get; set; }
-    
+
+    public Guid CreatorId { get; set; }
+
     public IEnumerable<Guid> PolicyIds { get; set; }
 }
 
@@ -54,7 +56,7 @@ public async Task<AccessTokenVm> Handle(CreateAccessToken request, CancellationT
             policies = await _policyService.FindManyAsync((x) => request.PolicyIds.Contains(x.Id));
         }
         
-        var accessToken = new AccessToken(request.OrganizationId, request.Name, request.Type, policies);
+        var accessToken = new AccessToken(request.OrganizationId, request.CreatorId, request.Name, request.Type, policies);
 
         await _service.AddOneAsync(accessToken);
 
diff --git a/modules/back-end/src/Application/AccessTokens/GetAccessTokenList.cs b/modules/back-end/src/Application/AccessTokens/GetAccessTokenList.cs
new file mode 100644
index 000000000..2d43e64ef
--- /dev/null
+++ b/modules/back-end/src/Application/AccessTokens/GetAccessTokenList.cs
@@ -0,0 +1,40 @@
+using Application.Bases.Models;
+using Application.Members;
+
+namespace Application.AccessTokens;
+
+public class GetAccessTokenList : IRequest<PagedResult<AccessTokenVm>>
+{
+    public Guid OrganizationId { get; set; }
+
+    public AccessTokenFilter Filter { get; set; }
+}
+
+public class GetAccessTokenListHandler : IRequestHandler<GetAccessTokenList, PagedResult<AccessTokenVm>>
+{
+    private readonly IMemberService _memberService;
+    private readonly IAccessTokenService _service;
+    private readonly IMapper _mapper;
+
+    public GetAccessTokenListHandler(IAccessTokenService service, IMemberService memberService, IMapper mapper)
+    {
+        _service = service;
+        _memberService = memberService;
+        _mapper = mapper;
+    }
+    
+    public async Task<PagedResult<AccessTokenVm>> Handle(GetAccessTokenList request, CancellationToken cancellationToken)
+    {
+        var accessTokens = await _service.GetListAsync(request.OrganizationId, request.Filter);
+        var creatorIds = accessTokens.Items.Select(x => x.CreatorId);
+        var creators = await _memberService.GetListByIds(creatorIds);
+        var accessTokenVms = _mapper.Map<PagedResult<AccessTokenVm>>(accessTokens);
+        foreach (var accessTokenItem in accessTokens.Items)
+        {
+            var accessTokenVm = accessTokenVms.Items.First(x => x.Id == accessTokenItem.Id);
+            accessTokenVm.Creator = _mapper.Map<MemberVm>(creators.First(x => x.Id == accessTokenItem.CreatorId));
+        }
+
+        return accessTokenVms;
+    }
+}
\ No newline at end of file
diff --git a/modules/back-end/src/Application/Services/IAccessTokenService.cs b/modules/back-end/src/Application/Services/IAccessTokenService.cs
index eb8e19560..1eac619e8 100644
--- a/modules/back-end/src/Application/Services/IAccessTokenService.cs
+++ b/modules/back-end/src/Application/Services/IAccessTokenService.cs
@@ -1,10 +1,10 @@
+using Application.AccessTokens;
 using Application.Bases.Models;
-using Application.Policies;
 using Domain.AccessTokens;
-using Domain.Policies;
 
 namespace Application.Services;
 
 public interface IAccessTokenService : IService<AccessToken>
 {
+    Task<PagedResult<AccessToken>> GetListAsync(Guid organizationId, AccessTokenFilter filter);
 }
\ No newline at end of file
diff --git a/modules/back-end/src/Application/Services/IMemberService.cs b/modules/back-end/src/Application/Services/IMemberService.cs
index a83520627..a529dd72c 100644
--- a/modules/back-end/src/Application/Services/IMemberService.cs
+++ b/modules/back-end/src/Application/Services/IMemberService.cs
@@ -8,6 +8,7 @@ namespace Application.Services;
 public interface IMemberService
 {
     Task<Member> GetAsync(Guid organizationId, Guid memberId);
+    Task<IEnumerable<Member>> GetListByIds(IEnumerable<Guid> ids);
 
     Task DeleteAsync(Guid organizationId, Guid memberId);
 
diff --git a/modules/back-end/src/Domain/AccessTokens/AccessToken.cs b/modules/back-end/src/Domain/AccessTokens/AccessToken.cs
index 6ab06a94e..ed4e7832c 100644
--- a/modules/back-end/src/Domain/AccessTokens/AccessToken.cs
+++ b/modules/back-end/src/Domain/AccessTokens/AccessToken.cs
@@ -9,15 +9,27 @@ public class AccessToken : AuditedEntity
     public string Name { get; set; }
 
     public string Type { get; set; }
+    public string Status { get; set; }
+
+    public Guid CreatorId { get; set; }
 
     public ICollection<Policy> Policies { get; set; }
+    
+    public DateTime? LastUsedAt { get; set; }
 
-    public AccessToken(Guid organizationId, string name, string type, IEnumerable<Policy> policies)
+    public AccessToken(Guid organizationId, Guid creatorId, string name, string type, IEnumerable<Policy> policies)
     {
         OrganizationId = organizationId;
+        CreatorId = creatorId;
         Name = name;
-
+        
+        Status = AccessTokenStatus.Active;
         Type = AccessTokenTypes.Personal;
         Policies = policies.ToArray();
     }
+    
+    public void RefreshLastUsedAt()
+    {
+        LastUsedAt = DateTime.UtcNow;
+    }
 }
\ No newline at end of file
diff --git a/modules/back-end/src/Domain/AccessTokens/AccessTokenStatus.cs b/modules/back-end/src/Domain/AccessTokens/AccessTokenStatus.cs
new file mode 100644
index 000000000..8c8922473
--- /dev/null
+++ b/modules/back-end/src/Domain/AccessTokens/AccessTokenStatus.cs
@@ -0,0 +1,15 @@
+namespace Domain.AccessTokens;
+
+public class AccessTokenStatus
+{
+    public const string Active = "Active";
+
+    public const string Inactive = "Inactive";
+    
+    public static readonly string[] All = { Active, Inactive };
+    
+    public static bool IsDefined(string type)
+    {
+        return All.Contains(type);
+    }
+}
\ No newline at end of file
diff --git a/modules/back-end/src/Domain/AccessTokens/AccessTokenTypes.cs b/modules/back-end/src/Domain/AccessTokens/AccessTokenTypes.cs
index 45a2da628..5422dfd12 100644
--- a/modules/back-end/src/Domain/AccessTokens/AccessTokenTypes.cs
+++ b/modules/back-end/src/Domain/AccessTokens/AccessTokenTypes.cs
@@ -1,4 +1,4 @@
-namespace Domain.Policies;
+namespace Domain.AccessTokens;
 
 public class AccessTokenTypes
 {
diff --git a/modules/back-end/src/Infrastructure/AccessTokens/AccessTokenService.cs b/modules/back-end/src/Infrastructure/AccessTokens/AccessTokenService.cs
index 1c8bbbe4b..601bc5240 100644
--- a/modules/back-end/src/Infrastructure/AccessTokens/AccessTokenService.cs
+++ b/modules/back-end/src/Infrastructure/AccessTokens/AccessTokenService.cs
@@ -1,3 +1,4 @@
+using Application.AccessTokens;
 using Application.Bases.Models;
 using Application.Policies;
 using Domain.AccessTokens;
@@ -16,4 +17,37 @@ public class AccessTokenService : MongoDbService<AccessToken>, IAccessTokenServi
     public AccessTokenService(MongoDbClient mongoDb) : base(mongoDb)
     {
     }
+    
+    public async Task<PagedResult<AccessToken>> GetListAsync(Guid organizationId, AccessTokenFilter filter)
+    {
+        var query = MongoDb.QueryableOf<AccessToken>()
+            .Where(x => x.OrganizationId == organizationId);
+
+        var name = filter.Name;
+        if (!string.IsNullOrWhiteSpace(name))
+        {
+            query = query.Where(x => x.Name.Contains(name, StringComparison.CurrentCultureIgnoreCase));
+        }
+        
+        var type = filter.Type;
+        if (!string.IsNullOrWhiteSpace(type))
+        {
+            query = query.Where(x => x.Type == type);
+        }
+        
+        var creatorId = filter.CreatorId;
+        if (!string.IsNullOrWhiteSpace(type))
+        {
+            query = query.Where(x => x.CreatorId == creatorId);
+        }
+
+        var totalCount = await query.CountAsync();
+        var items = await query
+            .Skip(filter.PageIndex * filter.PageSize)
+            .OrderByDescending(x => x.CreatedAt)
+            .Take(filter.PageSize)
+            .ToListAsync();
+
+        return new PagedResult<AccessToken>(totalCount, items);
+    }
 }
\ No newline at end of file
diff --git a/modules/back-end/src/Infrastructure/Members/MemberService.cs b/modules/back-end/src/Infrastructure/Members/MemberService.cs
index cebf68233..ee7f627f1 100644
--- a/modules/back-end/src/Infrastructure/Members/MemberService.cs
+++ b/modules/back-end/src/Infrastructure/Members/MemberService.cs
@@ -66,6 +66,19 @@ await _mongoDb.CollectionOf<MemberPolicy>()
             .DeleteManyAsync(x => x.OrganizationId == organizationId && x.MemberId == memberId);
     }
 
+    public async Task<IEnumerable<Member>> GetListByIds(IEnumerable<Guid> ids)
+    {
+        var query = _mongoDb.QueryableOf<User>()
+            .Where(x => ids.Contains(x.Id));
+        
+        return await query.Select(x => new Member
+        {
+            Id = x.Id,
+            Email = x.Email,
+            Name = x.Name,
+        }).ToListAsync();;
+    }
+
     public async Task<PagedResult<Member>> GetListAsync(Guid organizationId, MemberFilter filter)
     {
         var users = _mongoDb.QueryableOf<User>();
diff --git a/modules/front-end/src/app/core/components/access-token-drawer/access-token-drawer.component.html b/modules/front-end/src/app/core/components/access-token-drawer/access-token-drawer.component.html
index 52d2bdf02..5326732ae 100644
--- a/modules/front-end/src/app/core/components/access-token-drawer/access-token-drawer.component.html
+++ b/modules/front-end/src/app/core/components/access-token-drawer/access-token-drawer.component.html
@@ -32,7 +32,7 @@
             <ng-container *ngFor="let at of actionTokenTypes">
               <nz-option
                 [nzValue]="at"
-                [nzLabel]="actionTokenTypeLabel[at]">
+                [nzLabel]="at | accessTokenType">
               </nz-option>
             </ng-container>
           </nz-select>
diff --git a/modules/front-end/src/app/core/components/access-token-drawer/access-token-drawer.component.ts b/modules/front-end/src/app/core/components/access-token-drawer/access-token-drawer.component.ts
index e7133085c..37edc31d6 100644
--- a/modules/front-end/src/app/core/components/access-token-drawer/access-token-drawer.component.ts
+++ b/modules/front-end/src/app/core/components/access-token-drawer/access-token-drawer.component.ts
@@ -168,11 +168,6 @@ export class AccessTokenDrawerComponent implements OnInit {
     )
   }
 
-  actionTokenTypeLabel = {
-    [AccessTokenTypeEnum.Personal]: $localize `:@@integrations.access-token.personal:Personal`,
-    [AccessTokenTypeEnum.Service]: $localize `:@@integrations.access-token.personal:Service`
-  }
-
   actionTokenTypes = [
     AccessTokenTypeEnum.Personal,
     AccessTokenTypeEnum.Service
diff --git a/modules/front-end/src/app/core/core.module.ts b/modules/front-end/src/app/core/core.module.ts
index 4d098281b..d049483d8 100644
--- a/modules/front-end/src/app/core/core.module.ts
+++ b/modules/front-end/src/app/core/core.module.ts
@@ -80,6 +80,8 @@ import { ChangeReviewComponent } from "@core/components/change-review/change-rev
 import { NzBreadCrumbModule } from "ng-zorro-antd/breadcrumb";
 import { NzInputNumberModule } from "ng-zorro-antd/input-number";
 import { AccessTokenDrawerComponent } from "@core/components/access-token-drawer/access-token-drawer.component";
+import { AccessTokenTypePipe } from "@core/pipes/access-token-type.pipe";
+import { AccessTokenStatusPipe } from "@core/pipes/access-token-status.pipe";
 
 @NgModule({
   declarations: [
@@ -87,6 +89,8 @@ import { AccessTokenDrawerComponent } from "@core/components/access-token-drawer
     PercentagePipe,
     SafeHtmlPipe,
     PolicyTypePipe,
+    AccessTokenTypePipe,
+    AccessTokenStatusPipe,
     TranslationPipe,
     RuleVariationValuePipe,
     PermissionCheckDirective,
@@ -172,6 +176,8 @@ import { AccessTokenDrawerComponent } from "@core/components/access-token-drawer
     PercentagePipe,
     SafeHtmlPipe,
     PolicyTypePipe,
+    AccessTokenTypePipe,
+    AccessTokenStatusPipe,
     TranslationPipe,
     RuleVariationValuePipe,
     PermissionCheckDirective,
diff --git a/modules/front-end/src/app/core/pipes/access-token-status.pipe.ts b/modules/front-end/src/app/core/pipes/access-token-status.pipe.ts
new file mode 100644
index 000000000..057c8bfe1
--- /dev/null
+++ b/modules/front-end/src/app/core/pipes/access-token-status.pipe.ts
@@ -0,0 +1,19 @@
+import { Pipe, PipeTransform } from '@angular/core';
+import {
+  AccessTokenStatusEnum,
+  AccessTokenTypeEnum
+} from "@features/safe/integrations/access-tokens/types/access-token";
+
+@Pipe({
+  name: 'accessTokenStatus'
+})
+export class AccessTokenStatusPipe implements PipeTransform {
+  typeDict = {
+    [AccessTokenStatusEnum.Active]: $localize `:@@integrations.access-token.active:Active`,
+    [AccessTokenStatusEnum.Inactive]: $localize `:@@integrations.access-token.inactive:Inactive`
+  }
+
+  transform(value: string): string {
+    return this.typeDict[value] || '';
+  }
+}
diff --git a/modules/front-end/src/app/core/pipes/access-token-type.pipe.ts b/modules/front-end/src/app/core/pipes/access-token-type.pipe.ts
new file mode 100644
index 000000000..6a3f6e7fc
--- /dev/null
+++ b/modules/front-end/src/app/core/pipes/access-token-type.pipe.ts
@@ -0,0 +1,16 @@
+import { Pipe, PipeTransform } from '@angular/core';
+import { AccessTokenTypeEnum } from "@features/safe/integrations/access-tokens/types/access-token";
+
+@Pipe({
+  name: 'accessTokenType'
+})
+export class AccessTokenTypePipe implements PipeTransform {
+  typeDict = {
+    [AccessTokenTypeEnum.Personal]: $localize `:@@integrations.access-token.personal:Personal`,
+    [AccessTokenTypeEnum.Service]: $localize `:@@integrations.access-token.personal:Service`
+  }
+
+  transform(value: string): string {
+    return this.typeDict[value] || '';
+  }
+}
diff --git a/modules/front-end/src/app/core/services/access-token.service.ts b/modules/front-end/src/app/core/services/access-token.service.ts
index 24fd8db1b..6dbafb7fc 100644
--- a/modules/front-end/src/app/core/services/access-token.service.ts
+++ b/modules/front-end/src/app/core/services/access-token.service.ts
@@ -1,11 +1,14 @@
 import { Injectable } from "@angular/core";
-import { HttpClient } from "@angular/common/http";
+import { HttpClient, HttpParams } from "@angular/common/http";
 import { getCurrentOrganization } from "@utils/project-env";
 import { environment } from "src/environments/environment";
 import { Observable, of } from "rxjs";
 import { catchError } from "rxjs/operators";
-import { IPolicy } from "@features/safe/iam/types/policy";
-import { IAccessToken } from "@features/safe/integrations/access-tokens/types/access-token";
+import {
+  AccessTokenFilter,
+  IAccessToken,
+  IPagedAccessToken
+} from "@features/safe/integrations/access-tokens/types/access-token";
 
 @Injectable({
   providedIn: 'root'
@@ -18,6 +21,21 @@ export class AccessTokenService {
     return `${environment.url}/api/v1/organizations/${organizationId}/access-tokens`;
   }
 
+  getList(filter: AccessTokenFilter = new AccessTokenFilter()): Observable<IPagedAccessToken> {
+    const queryParam = {
+      name: filter.name ?? '',
+      type: filter.type ?? '',
+      creatorId: filter.creatorId ?? '',
+      pageIndex: filter.pageIndex - 1,
+      pageSize: filter.pageSize,
+    };
+
+    return this.http.get<IPagedAccessToken>(
+      this.baseUrl,
+      {params: new HttpParams({fromObject: queryParam})}
+    );
+  }
+
   isNameUsed(name: string) {
     const url = `${this.baseUrl}/is-name-used?name=${name}`;
 
@@ -27,4 +45,8 @@ export class AccessTokenService {
   create(name: string, type: string, policyIds: string[] = []): Observable<IAccessToken> {
     return this.http.post<IAccessToken>(this.baseUrl, { name, type, policyIds });
   }
+
+  delete(id: string): Observable<boolean> {
+    return this.http.delete<boolean>(`${this.baseUrl}/${id}`);
+  }
 }
diff --git a/modules/front-end/src/app/features/safe/feature-flags/details/experimentation/experimentation.component.less b/modules/front-end/src/app/features/safe/feature-flags/details/experimentation/experimentation.component.less
index 616fbd5b2..5bf414121 100644
--- a/modules/front-end/src/app/features/safe/feature-flags/details/experimentation/experimentation.component.less
+++ b/modules/front-end/src/app/features/safe/feature-flags/details/experimentation/experimentation.component.less
@@ -171,7 +171,7 @@
           }
           .empty-experiment {
             margin-top: 20px;
-            background-color: #717D8A;
+            background-color: @grey50-color;
             height: 200px;
             padding-top: 90px;
             text-align: center;
diff --git a/modules/front-end/src/app/features/safe/iam/components/policy-editor/policy-editor.component.less b/modules/front-end/src/app/features/safe/iam/components/policy-editor/policy-editor.component.less
index 7dd4ff5db..e1f33bef5 100644
--- a/modules/front-end/src/app/features/safe/iam/components/policy-editor/policy-editor.component.less
+++ b/modules/front-end/src/app/features/safe/iam/components/policy-editor/policy-editor.component.less
@@ -25,7 +25,7 @@
       cursor: pointer;
       margin-left: 12px;
       font-size: 20px;
-      color: #717d8a;
+      color: @grey50-color;
     }
   }
   .statements-wrapper {
diff --git a/modules/front-end/src/app/features/safe/iam/groups/index/index.component.less b/modules/front-end/src/app/features/safe/iam/groups/index/index.component.less
index 4443a9bbd..f665f341d 100644
--- a/modules/front-end/src/app/features/safe/iam/groups/index/index.component.less
+++ b/modules/front-end/src/app/features/safe/iam/groups/index/index.component.less
@@ -6,7 +6,7 @@
   }
 
   .copy-icon {
-    color: #717D8A;
+    color: @grey50-color;
     &:hover {
       cursor: pointer;
       color: @grey70-color;
diff --git a/modules/front-end/src/app/features/safe/iam/policies/index/index.component.less b/modules/front-end/src/app/features/safe/iam/policies/index/index.component.less
index 4443a9bbd..f665f341d 100644
--- a/modules/front-end/src/app/features/safe/iam/policies/index/index.component.less
+++ b/modules/front-end/src/app/features/safe/iam/policies/index/index.component.less
@@ -6,7 +6,7 @@
   }
 
   .copy-icon {
-    color: #717D8A;
+    color: @grey50-color;
     &:hover {
       cursor: pointer;
       color: @grey70-color;
diff --git a/modules/front-end/src/app/features/safe/iam/team/index/index.component.less b/modules/front-end/src/app/features/safe/iam/team/index/index.component.less
index 4443a9bbd..f665f341d 100644
--- a/modules/front-end/src/app/features/safe/iam/team/index/index.component.less
+++ b/modules/front-end/src/app/features/safe/iam/team/index/index.component.less
@@ -6,7 +6,7 @@
   }
 
   .copy-icon {
-    color: #717D8A;
+    color: @grey50-color;
     &:hover {
       cursor: pointer;
       color: @grey70-color;
diff --git a/modules/front-end/src/app/features/safe/integrations/access-tokens/index/index.component.html b/modules/front-end/src/app/features/safe/integrations/access-tokens/index/index.component.html
index c07d0fb99..69330577a 100644
--- a/modules/front-end/src/app/features/safe/integrations/access-tokens/index/index.component.html
+++ b/modules/front-end/src/app/features/safe/integrations/access-tokens/index/index.component.html
@@ -1,11 +1,36 @@
 <div class="table-content-area">
   <div class="table-search-area">
     <nz-input-group [nzPrefix]="prefixIconSearch">
-      <input nz-input type="text" placeholder="Filter by description or creator" [(ngModel)]="filter.name" (ngModelChange)="doSearch()" i18n-placeholder="@@integrations.access-tokens.idx.searchPlaceholder">
+      <input nz-input type="text" placeholder="Filter by name" [(ngModel)]="filter.name" (ngModelChange)="doSearch(true)" i18n-placeholder="@@integrations.access-tokens.searchNamePlaceholder">
     </nz-input-group>
     <ng-template #prefixIconSearch>
       <i nz-icon nzType="icons:icon-search"></i>
     </ng-template>
+    <nz-select
+      i18n-nzPlaceHolder="@@integrations.access-tokens.filter-by-creator"
+      nzPlaceHolder="Select creator"
+      nzAllowClear
+      nzShowSearch
+      nzServerSearch
+      (ngModelChange)="doSearch(true)"
+      [(ngModel)]="filter.creatorId"
+      (nzOnSearch)="onSearchCreators($event)">
+      <ng-container *ngFor="let o of creatorList">
+        <nz-option
+          *ngIf="!isCreatorsLoading"
+          [nzValue]="o.id"
+          [nzLabel]="o.name || o.email">
+        </nz-option>
+      </ng-container>
+      <nz-option *ngIf="isCreatorsLoading" nzDisabled nzCustomContent>
+        <i nz-icon nzType="loading" class="loading-icon"></i>
+        <ng-container i18n="@@common.loading">Loading...</ng-container>
+      </nz-option>
+    </nz-select>
+    <nz-select nzAllowClear [(ngModel)]="filter.type" (ngModelChange)="doSearch(true)" i18n-nzPlaceHolder="@@integrations.access-tokens.filter-by-type" nzPlaceHolder="Filter by type">
+      <nz-option [nzValue]="AccessTokenStatusActive" [nzLabel]="AccessTokenStatusActive | accessTokenStatus"></nz-option>
+      <nz-option [nzValue]="AccessTokenStatusInactive" [nzLabel]="AccessTokenStatusInactive | accessTokenStatus"></nz-option>
+    </nz-select>
     <button nz-button nzType="primary" (click)="openAccessTokenDrawer()">
       <i nz-icon nzType="icons:icon-add"></i>
       <ng-container i18n="@@common.add">Add</ng-container>
@@ -14,10 +39,10 @@
   <div class="table-wrapper">
     <nz-table #table nzSize="small"
               nzShowSizeChanger
-              [nzData]="policies.items"
+              [nzData]="accessTokens.items"
               [nzFrontPagination]="false"
               [nzLoading]="isLoading"
-              [nzTotal]="policies.totalCount"
+              [nzTotal]="accessTokens.totalCount"
               [(nzPageSize)]="filter.pageSize"
               (nzPageSizeChange)="doSearch()"
               [nzPageSizeOptions]="[10,20,30]"
@@ -26,29 +51,41 @@
               >
       <thead>
       <tr>
-        <th i18n="@@common.name">Name</th>
-        <th i18n="@@common.type">Type</th>
-        <th i18n="@@common.description">Description</th>
-        <th i18n="@@common.rn">Resource name (RN)</th>
+        <th nzWidth="20%" i18n="@@common.name">Name</th>
+        <th nzWidth="10%" i18n="@@common.type">Type</th>
+        <th nzWidth="15%" i18n="@@common.creator">Creator</th>
+        <th nzWidth="10%" i18n="@@common.status">Status</th>
+        <th nzWidth="20%" i18n="@@common.last-used">Last used</th>
         <th i18n="@@common.actions">Actions</th>
       </tr>
       </thead>
       <tbody>
       <tr *ngFor="let item of table.data">
-        <td (click)="navigateToDetail(item.id)">{{ item.name }}</td>
+        <td>{{ item.name }}</td>
         <td>
-          <i *ngIf="item.type === 'SysManaged'" style="color: #28a17d;" nz-icon nzType="star" nzTheme="outline"></i>
-          {{item.type | policyType}}
+          {{item.type | accessTokenType}}
         </td>
-        <td>{{ item.description }}</td>
         <td>
-          <i (click)="copyText(resourceName(item))" class="copy-icon" nz-icon nzType="icons:icon-copy"></i>
-          {{ resourceName(item) }}
+          <ng-container *ngIf="item.creator.name">{{ item.creator.name }} ({{ item.creator.email }})</ng-container>
+          <ng-container *ngIf="!item.creator.name">{{ item.creator.email }}</ng-container>
         </td>
+        <td>{{ item.status | accessTokenStatus }}</td>
+        <td>{{ item.lastUsedAt | date: 'YYYY-MM-dd HH:mm'}}</td>
         <td>
-          <a class="primary-link-btn" (click)="navigateToDetail(item.id)" i18n="@@common.details">Details</a>
+          <a class="primary-link-btn" i18n="@@common.edit">Edit</a>
+
+          <ng-container *ngIf="item.status === AccessTokenStatusInactive">
+            <nz-divider nzType="vertical"></nz-divider>
+            <a class="primary-link-btn" i18n="@@common.activate">Activate</a>
+          </ng-container>
+
+          <ng-container *ngIf="item.status === AccessTokenStatusActive">
+            <nz-divider nzType="vertical"></nz-divider>
+            <a style="color: #717D8A" i18n="@@common.Deactivate">Deactivate</a>
+          </ng-container>
+
           <nz-divider nzType="vertical"></nz-divider>
-          <a *ngIf="item.type !== 'SysManaged'" style="color: #717D8A" i18n-nz-popconfirm="@@common.remove-confirm"  nz-popconfirm="This operation cannot be reverted, are you sure to remove it?"
+          <a style="color: #717D8A" i18n-nz-popconfirm="@@common.remove-confirm"  nz-popconfirm="This operation cannot be reverted, are you sure to remove it?"
              nzPopconfirmPlacement="bottomRight"
              [nzPopconfirmOverlayStyle]="{minWidth: '240px'}"
              (nzOnConfirm)="delete(item)" [nzIcon]="iconTplIamUser">
diff --git a/modules/front-end/src/app/features/safe/integrations/access-tokens/index/index.component.less b/modules/front-end/src/app/features/safe/integrations/access-tokens/index/index.component.less
index 4443a9bbd..a8323c9f8 100644
--- a/modules/front-end/src/app/features/safe/integrations/access-tokens/index/index.component.less
+++ b/modules/front-end/src/app/features/safe/integrations/access-tokens/index/index.component.less
@@ -2,11 +2,11 @@
 
 .table-content-area {
   nz-input-group {
-    width: 520px;
+    width: 300px;
   }
 
   .copy-icon {
-    color: #717D8A;
+    color: @grey50-color;
     &:hover {
       cursor: pointer;
       color: @grey70-color;
diff --git a/modules/front-end/src/app/features/safe/integrations/access-tokens/index/index.component.ts b/modules/front-end/src/app/features/safe/integrations/access-tokens/index/index.component.ts
index d7670cb68..7fedd3f03 100644
--- a/modules/front-end/src/app/features/safe/integrations/access-tokens/index/index.component.ts
+++ b/modules/front-end/src/app/features/safe/integrations/access-tokens/index/index.component.ts
@@ -1,30 +1,69 @@
 import { Component, OnInit } from '@angular/core';
 import { copyToClipboard, encodeURIComponentFfc } from '@utils/index';
-import { Subject } from 'rxjs';
+import { BehaviorSubject, Subject } from 'rxjs';
 import { debounceTime } from 'rxjs/operators';
 import { Router } from "@angular/router";
 import { NzMessageService } from "ng-zorro-antd/message";
 import { IPagedPolicy, IPolicy, PolicyFilter, policyRn } from "@features/safe/iam/types/policy";
 import { PolicyService } from "@services/policy.service";
+import {
+  AccessTokenFilter, AccessTokenStatusEnum,
+  IAccessToken,
+  IPagedAccessToken
+} from "@features/safe/integrations/access-tokens/types/access-token";
+import { AccessTokenService } from "@services/access-token.service";
+import { IOrganization } from "@shared/types";
+import { CURRENT_ORGANIZATION } from "@utils/localstorage-keys";
+import { TeamService } from "@services/team.service";
 
 @Component({
-  selector: 'iam-users',
+  selector: 'access-tokens',
   templateUrl: './index.component.html',
   styleUrls: ['./index.component.less']
 })
 export class IndexComponent implements OnInit {
 
+  AccessTokenStatusActive = AccessTokenStatusEnum.Active;
+  AccessTokenStatusInactive = AccessTokenStatusEnum.Inactive;
+
   constructor(
     private router: Router,
     private message: NzMessageService,
-    private policyService: PolicyService
-  ) { }
+    private teamService: TeamService,
+    private accessTokenService: AccessTokenService
+  ) {
+    const currentAccount: IOrganization = JSON.parse(localStorage.getItem(CURRENT_ORGANIZATION()));
+
+    this.creatorSearchChange$.pipe(
+      debounceTime(500)
+    ).subscribe(searchText => {
+      this.teamService.searchMembers(currentAccount.id, searchText).subscribe({
+        next:(result) => {
+          this.creatorList = result.items;
+          this.isCreatorsLoading = false;
+        },
+        error: _ => {
+          this.isCreatorsLoading = false;
+        }
+      });
+    });
+  }
 
   private search$ = new Subject();
 
+  creatorSearchChange$ = new BehaviorSubject('');
+  isCreatorsLoading = false;
+  creatorList: any[];
+  onSearchCreators(value: string) {
+    if (value.length > 0) {
+      this.isCreatorsLoading = true;
+      this.creatorSearchChange$.next(value);
+    }
+  }
+
   isLoading: boolean = true;
-  filter: PolicyFilter = new PolicyFilter();
-  policies: IPagedPolicy = {
+  filter: AccessTokenFilter = new AccessTokenFilter();
+  accessTokens: IPagedAccessToken = {
     items: [],
     totalCount: 0
   };
@@ -33,18 +72,21 @@ export class IndexComponent implements OnInit {
     this.search$.pipe(
       debounceTime(300)
     ).subscribe(() => {
-      this.getPolicies();
+      this.getAccessTokens();
     });
 
     this.search$.next(null);
   }
 
-  getPolicies() {
+  getAccessTokens() {
     this.isLoading = true;
-    this.policyService.getList(this.filter).subscribe(policies => {
-      this.policies = policies;
-      this.isLoading = false;
-    }, () => this.isLoading = false);
+    this.accessTokenService.getList(this.filter).subscribe({
+      next: (accessTokens) => {
+        this.accessTokens = accessTokens;
+        this.isLoading = false;
+      },
+      error:() => this.isLoading = false
+    });
   }
 
   resourceName(policy: IPolicy) {
@@ -67,19 +109,15 @@ export class IndexComponent implements OnInit {
     this.accessTokenDrawerVisible = false;
 
     if (created) {
-      this.getPolicies();
+      this.getAccessTokens();
     }
   }
 
-  navigateToDetail(id: string) {
-    this.router.navigateByUrl(`/iam/policies/${encodeURIComponentFfc(id)}/permission`);
-  }
-
-  delete(policy: IPolicy) {
-    this.policyService.delete(policy.id).subscribe(() => {
+  delete(accessToken: IAccessToken) {
+    this.accessTokenService.delete(accessToken.id).subscribe(() => {
       this.message.success($localize `:@@common.operation-success:Operation succeeded`);
-      this.policies.items = this.policies.items.filter(it => it.id !== policy.id);
-      this.policies.totalCount--;
+      this.accessTokens.items = this.accessTokens.items.filter(it => it.id !== accessToken.id);
+      this.accessTokens.totalCount--;
     }, () => this.message.error($localize `:@@common.operation-failed:Operation failed`))
   }
 
diff --git a/modules/front-end/src/app/features/safe/integrations/access-tokens/types/access-token.ts b/modules/front-end/src/app/features/safe/integrations/access-tokens/types/access-token.ts
index 47e2b21ed..1852d30fc 100644
--- a/modules/front-end/src/app/features/safe/integrations/access-tokens/types/access-token.ts
+++ b/modules/front-end/src/app/features/safe/integrations/access-tokens/types/access-token.ts
@@ -1,10 +1,14 @@
 import { IPolicy } from "@features/safe/iam/types/policy";
+import { IMember } from "@features/safe/iam/types/member";
 
 export interface IAccessToken {
   id: string;
   type: string;
+  creator: IMember;
+  status: string;
   name: string;
   policies: IPolicy[],
+  lastUsedAt: string
 }
 
 export enum AccessTokenTypeEnum {
@@ -12,6 +16,35 @@ export enum AccessTokenTypeEnum {
   Service = 'Service'
 }
 
+export enum AccessTokenStatusEnum {
+  Active = 'Active',
+  Inactive = 'Inactive'
+}
+
 export interface IAccessTokenPolicy extends IPolicy {
   isSelected: boolean
 }
+
+export class AccessTokenFilter {
+  name?: string;
+  creatorId?: string;
+  type?: string;
+  pageIndex: number;
+  pageSize: number;
+
+  constructor(
+    name?: string,
+    creator?: string,
+    type?: string,
+    pageIndex: number = 1,
+    pageSize: number = 10) {
+    this.name = name ?? '';
+    this.pageIndex = pageIndex;
+    this.pageSize = pageSize;
+  }
+}
+
+export interface IPagedAccessToken {
+  totalCount: number;
+  items: IAccessToken[];
+}

From dc9e4b87ce099e09d3bdb76fa02531209dd3d302 Mon Sep 17 00:00:00 2001
From: cosmos-explorer <lian.yang.work@gmail.com>
Date: Sat, 11 Mar 2023 22:09:49 +0100
Subject: [PATCH 07/44] in progress

---
 .../Api/Controllers/AccessTokenController.cs  | 27 +++++++++++++++-
 .../AccessTokens/CreateAccessToken.cs         |  9 +++---
 .../AccessTokens/DeleteAccessToken.cs         | 23 ++++++++++++++
 .../AccessTokens/ToggleAccessTokenStatus.cs   | 27 ++++++++++++++++
 .../Services/IAccessTokenService.cs           |  1 +
 .../src/Domain/AccessTokens/AccessToken.cs    |  6 ++++
 .../AccessTokens/AccessTokenService.cs        | 11 +++----
 .../app/core/services/access-token.service.ts |  4 +++
 .../access-tokens/index/index.component.html  |  6 ++--
 .../access-tokens/index/index.component.ts    | 31 ++++++++++---------
 10 files changed, 117 insertions(+), 28 deletions(-)
 create mode 100644 modules/back-end/src/Application/AccessTokens/DeleteAccessToken.cs
 create mode 100644 modules/back-end/src/Application/AccessTokens/ToggleAccessTokenStatus.cs

diff --git a/modules/back-end/src/Api/Controllers/AccessTokenController.cs b/modules/back-end/src/Api/Controllers/AccessTokenController.cs
index 4cd80aef7..5dd70ad70 100644
--- a/modules/back-end/src/Api/Controllers/AccessTokenController.cs
+++ b/modules/back-end/src/Api/Controllers/AccessTokenController.cs
@@ -1,5 +1,7 @@
 using Application.AccessTokens;
 using Application.Bases.Models;
+using Application.FeatureFlags;
+using Application.Policies;
 
 namespace Api.Controllers;
 
@@ -38,9 +40,32 @@ public async Task<ApiResponse<bool>> IsNameUsedAsync(Guid organizationId, string
     public async Task<ApiResponse<AccessTokenVm>> CreateAsync(Guid organizationId, CreateAccessToken request)
     {
         request.OrganizationId = organizationId;
-        request.CreatorId = CurrentUser.Id;
 
         var accessToken = await Mediator.Send(request);
         return Ok(accessToken);
     }
+    
+    [HttpPut("{id:guid}/toggle")]
+    public async Task<ApiResponse<bool>> ToggleAsync(Guid id)
+    {
+        var request = new ToggleAccessTokenStatus
+        {
+            Id = id
+        };
+
+        var success = await Mediator.Send(request);
+        return Ok(success);
+    }
+    
+    [HttpDelete("{id:guid}")]
+    public async Task<ApiResponse<bool>> DeleteAsync(Guid id)
+    {
+        var request = new DeleteAccessToken()
+        {
+            Id = id
+        };
+
+        var success = await Mediator.Send(request);
+        return Ok(success);
+    }
 }
\ No newline at end of file
diff --git a/modules/back-end/src/Application/AccessTokens/CreateAccessToken.cs b/modules/back-end/src/Application/AccessTokens/CreateAccessToken.cs
index ff2ba8af6..80f18d6d3 100644
--- a/modules/back-end/src/Application/AccessTokens/CreateAccessToken.cs
+++ b/modules/back-end/src/Application/AccessTokens/CreateAccessToken.cs
@@ -1,5 +1,6 @@
 using Application.Bases;
 using Application.Policies;
+using Application.Users;
 using Domain.AccessTokens;
 using Domain.Policies;
 
@@ -13,8 +14,6 @@ public class CreateAccessToken : IRequest<AccessTokenVm>
 
     public string Type { get; set; }
 
-    public Guid CreatorId { get; set; }
-
     public IEnumerable<Guid> PolicyIds { get; set; }
 }
 
@@ -38,12 +37,14 @@ public CreateAccessTokenValidator()
 public class CreateAccessTokenHandler : IRequestHandler<CreateAccessToken, AccessTokenVm>
 {
     private readonly IPolicyService _policyService;
+    private readonly ICurrentUser _currentUser;
     private readonly IAccessTokenService _service;
     private readonly IMapper _mapper;
 
-    public CreateAccessTokenHandler(IAccessTokenService service, IPolicyService policyService, IMapper mapper)
+    public CreateAccessTokenHandler(IAccessTokenService service, IPolicyService policyService, ICurrentUser currentUser, IMapper mapper)
     {
         _service = service;
+        _currentUser = currentUser;
         _policyService = policyService;
         _mapper = mapper;
     }
@@ -56,7 +57,7 @@ public async Task<AccessTokenVm> Handle(CreateAccessToken request, CancellationT
             policies = await _policyService.FindManyAsync((x) => request.PolicyIds.Contains(x.Id));
         }
         
-        var accessToken = new AccessToken(request.OrganizationId, request.CreatorId, request.Name, request.Type, policies);
+        var accessToken = new AccessToken(request.OrganizationId, _currentUser.Id, request.Name, request.Type, policies);
 
         await _service.AddOneAsync(accessToken);
 
diff --git a/modules/back-end/src/Application/AccessTokens/DeleteAccessToken.cs b/modules/back-end/src/Application/AccessTokens/DeleteAccessToken.cs
new file mode 100644
index 000000000..3d4a8f07b
--- /dev/null
+++ b/modules/back-end/src/Application/AccessTokens/DeleteAccessToken.cs
@@ -0,0 +1,23 @@
+namespace Application.Policies;
+
+public class DeleteAccessToken : IRequest<bool>
+{
+    public Guid Id { get; set; }
+}
+
+public class DeleteAccessTokenHandler : IRequestHandler<DeleteAccessToken, bool>
+{
+    private readonly IAccessTokenService _service;
+
+    public DeleteAccessTokenHandler(IAccessTokenService service)
+    {
+        _service = service;
+    }
+
+    public async Task<bool> Handle(DeleteAccessToken request, CancellationToken cancellationToken)
+    {
+        await _service.DeleteAsync(request.Id);
+
+        return true;
+    }
+}
\ No newline at end of file
diff --git a/modules/back-end/src/Application/AccessTokens/ToggleAccessTokenStatus.cs b/modules/back-end/src/Application/AccessTokens/ToggleAccessTokenStatus.cs
new file mode 100644
index 000000000..db85cd5d8
--- /dev/null
+++ b/modules/back-end/src/Application/AccessTokens/ToggleAccessTokenStatus.cs
@@ -0,0 +1,27 @@
+using Application.Users;
+using Domain.AuditLogs;
+
+namespace Application.FeatureFlags;
+
+public class ToggleAccessTokenStatus : IRequest<bool>
+{
+    public Guid Id { get; set; }
+}
+
+public class ToggleAccessTokenStatusHandler : IRequestHandler<ToggleAccessTokenStatus, bool>
+{
+    private readonly IAccessTokenService _service;
+
+    public ToggleAccessTokenStatusHandler(IAccessTokenService service)
+    {
+        _service = service;
+    }
+
+    public async Task<bool> Handle(ToggleAccessTokenStatus request, CancellationToken cancellationToken)
+    {
+        var accessToken = await _service.GetAsync(request.Id);
+        accessToken.ToggleStatus();
+        await _service.UpdateAsync(accessToken);
+        return true;
+    }
+}
\ No newline at end of file
diff --git a/modules/back-end/src/Application/Services/IAccessTokenService.cs b/modules/back-end/src/Application/Services/IAccessTokenService.cs
index 1eac619e8..bf47c59db 100644
--- a/modules/back-end/src/Application/Services/IAccessTokenService.cs
+++ b/modules/back-end/src/Application/Services/IAccessTokenService.cs
@@ -7,4 +7,5 @@ namespace Application.Services;
 public interface IAccessTokenService : IService<AccessToken>
 {
     Task<PagedResult<AccessToken>> GetListAsync(Guid organizationId, AccessTokenFilter filter);
+    Task DeleteAsync(Guid id);
 }
\ No newline at end of file
diff --git a/modules/back-end/src/Domain/AccessTokens/AccessToken.cs b/modules/back-end/src/Domain/AccessTokens/AccessToken.cs
index ed4e7832c..9334d32d2 100644
--- a/modules/back-end/src/Domain/AccessTokens/AccessToken.cs
+++ b/modules/back-end/src/Domain/AccessTokens/AccessToken.cs
@@ -32,4 +32,10 @@ public void RefreshLastUsedAt()
     {
         LastUsedAt = DateTime.UtcNow;
     }
+    
+    public void ToggleStatus()
+    {
+        Status = Status == AccessTokenStatus.Active ? AccessTokenStatus.Inactive : AccessTokenStatus.Active;
+        UpdatedAt = DateTime.UtcNow;
+    }
 }
\ No newline at end of file
diff --git a/modules/back-end/src/Infrastructure/AccessTokens/AccessTokenService.cs b/modules/back-end/src/Infrastructure/AccessTokens/AccessTokenService.cs
index 601bc5240..aed6b62bf 100644
--- a/modules/back-end/src/Infrastructure/AccessTokens/AccessTokenService.cs
+++ b/modules/back-end/src/Infrastructure/AccessTokens/AccessTokenService.cs
@@ -1,12 +1,6 @@
 using Application.AccessTokens;
 using Application.Bases.Models;
-using Application.Policies;
 using Domain.AccessTokens;
-using Domain.Groups;
-using Domain.Members;
-using Domain.Organizations;
-using Domain.Policies;
-using Domain.Users;
 using MongoDB.Driver;
 using MongoDB.Driver.Linq;
 
@@ -50,4 +44,9 @@ public async Task<PagedResult<AccessToken>> GetListAsync(Guid organizationId, Ac
 
         return new PagedResult<AccessToken>(totalCount, items);
     }
+    
+    public async Task DeleteAsync(Guid id)
+    {
+        await MongoDb.CollectionOf<AccessToken>().DeleteOneAsync(x => x.Id == id);
+    }
 }
\ No newline at end of file
diff --git a/modules/front-end/src/app/core/services/access-token.service.ts b/modules/front-end/src/app/core/services/access-token.service.ts
index 6dbafb7fc..f2f2d35b1 100644
--- a/modules/front-end/src/app/core/services/access-token.service.ts
+++ b/modules/front-end/src/app/core/services/access-token.service.ts
@@ -49,4 +49,8 @@ export class AccessTokenService {
   delete(id: string): Observable<boolean> {
     return this.http.delete<boolean>(`${this.baseUrl}/${id}`);
   }
+
+  toggleStatus(id: string): Observable<any> {
+    return this.http.put(`${this.baseUrl}/${id}/toggle`, {});
+  }
 }
diff --git a/modules/front-end/src/app/features/safe/integrations/access-tokens/index/index.component.html b/modules/front-end/src/app/features/safe/integrations/access-tokens/index/index.component.html
index 69330577a..17707e0ce 100644
--- a/modules/front-end/src/app/features/safe/integrations/access-tokens/index/index.component.html
+++ b/modules/front-end/src/app/features/safe/integrations/access-tokens/index/index.component.html
@@ -76,12 +76,12 @@
 
           <ng-container *ngIf="item.status === AccessTokenStatusInactive">
             <nz-divider nzType="vertical"></nz-divider>
-            <a class="primary-link-btn" i18n="@@common.activate">Activate</a>
+            <a (click)="toggleStatus(item)" class="primary-link-btn" i18n="@@common.activate">Activate</a>
           </ng-container>
 
           <ng-container *ngIf="item.status === AccessTokenStatusActive">
             <nz-divider nzType="vertical"></nz-divider>
-            <a style="color: #717D8A" i18n="@@common.Deactivate">Deactivate</a>
+            <a (click)="toggleStatus(item)" style="color: #717D8A" i18n="@@common.Deactivate">Deactivate</a>
           </ng-container>
 
           <nz-divider nzType="vertical"></nz-divider>
@@ -101,5 +101,5 @@
   </div>
 </div>
 
-<access-token-drawer [visible]="accessTokenDrawerVisible" (close)="policyDrawerClosed($event)"></access-token-drawer>
+<access-token-drawer [visible]="accessTokenDrawerVisible" (close)="accessTokenDrawerClosed($event)"></access-token-drawer>
 
diff --git a/modules/front-end/src/app/features/safe/integrations/access-tokens/index/index.component.ts b/modules/front-end/src/app/features/safe/integrations/access-tokens/index/index.component.ts
index 7fedd3f03..6f4276522 100644
--- a/modules/front-end/src/app/features/safe/integrations/access-tokens/index/index.component.ts
+++ b/modules/front-end/src/app/features/safe/integrations/access-tokens/index/index.component.ts
@@ -89,10 +89,6 @@ export class IndexComponent implements OnInit {
     });
   }
 
-  resourceName(policy: IPolicy) {
-    return policyRn(policy);
-  }
-
   doSearch(resetPage?: boolean) {
     if (resetPage) {
       this.filter.pageIndex = 1;
@@ -105,7 +101,7 @@ export class IndexComponent implements OnInit {
   openAccessTokenDrawer(){
     this.accessTokenDrawerVisible = true;
   }
-  policyDrawerClosed(created: any) {
+  accessTokenDrawerClosed(created: any) {
     this.accessTokenDrawerVisible = false;
 
     if (created) {
@@ -114,16 +110,23 @@ export class IndexComponent implements OnInit {
   }
 
   delete(accessToken: IAccessToken) {
-    this.accessTokenService.delete(accessToken.id).subscribe(() => {
-      this.message.success($localize `:@@common.operation-success:Operation succeeded`);
-      this.accessTokens.items = this.accessTokens.items.filter(it => it.id !== accessToken.id);
-      this.accessTokens.totalCount--;
-    }, () => this.message.error($localize `:@@common.operation-failed:Operation failed`))
+    this.accessTokenService.delete(accessToken.id).subscribe({
+      next:() => {
+        this.message.success($localize `:@@common.operation-success:Operation succeeded`);
+        this.accessTokens.items = this.accessTokens.items.filter(it => it.id !== accessToken.id);
+        this.accessTokens.totalCount--;
+      },
+      error: () => this.message.error($localize `:@@common.operation-failed:Operation failed`)
+    })
   }
 
-  copyText(text: string) {
-    copyToClipboard(text).then(
-      () => this.message.success($localize `:@@common.copy-success:Copied`)
-    );
+  toggleStatus(accessToken: IAccessToken) {
+    this.accessTokenService.toggleStatus(accessToken.id).subscribe({
+      next:() => {
+        this.message.success($localize `:@@common.operation-success:Operation succeeded`);
+        accessToken.status = accessToken.status === this.AccessTokenStatusActive ? this.AccessTokenStatusInactive :  this.AccessTokenStatusActive;
+      },
+      error: () => this.message.error($localize `:@@common.operation-failed:Operation failed`)
+    })
   }
 }

From b238dcfa2af9ab126ddedc385d0a3fa71621d23d Mon Sep 17 00:00:00 2001
From: cosmos-explorer <lian.yang.work@gmail.com>
Date: Sat, 11 Mar 2023 22:12:28 +0100
Subject: [PATCH 08/44] in progress

---
 .../access-tokens/index/index.component.html  | 63 ++++++++++---------
 .../access-tokens/index/index.component.less  |  8 +++
 2 files changed, 41 insertions(+), 30 deletions(-)

diff --git a/modules/front-end/src/app/features/safe/integrations/access-tokens/index/index.component.html b/modules/front-end/src/app/features/safe/integrations/access-tokens/index/index.component.html
index 17707e0ce..920fa296f 100644
--- a/modules/front-end/src/app/features/safe/integrations/access-tokens/index/index.component.html
+++ b/modules/front-end/src/app/features/safe/integrations/access-tokens/index/index.component.html
@@ -1,36 +1,39 @@
 <div class="table-content-area">
   <div class="table-search-area">
-    <nz-input-group [nzPrefix]="prefixIconSearch">
-      <input nz-input type="text" placeholder="Filter by name" [(ngModel)]="filter.name" (ngModelChange)="doSearch(true)" i18n-placeholder="@@integrations.access-tokens.searchNamePlaceholder">
-    </nz-input-group>
-    <ng-template #prefixIconSearch>
-      <i nz-icon nzType="icons:icon-search"></i>
-    </ng-template>
-    <nz-select
-      i18n-nzPlaceHolder="@@integrations.access-tokens.filter-by-creator"
-      nzPlaceHolder="Select creator"
-      nzAllowClear
-      nzShowSearch
-      nzServerSearch
-      (ngModelChange)="doSearch(true)"
-      [(ngModel)]="filter.creatorId"
-      (nzOnSearch)="onSearchCreators($event)">
-      <ng-container *ngFor="let o of creatorList">
-        <nz-option
-          *ngIf="!isCreatorsLoading"
-          [nzValue]="o.id"
-          [nzLabel]="o.name || o.email">
+    <div class="search-inputs">
+      <nz-input-group [nzPrefix]="prefixIconSearch">
+        <input nz-input type="text" placeholder="Filter by name" [(ngModel)]="filter.name" (ngModelChange)="doSearch(true)" i18n-placeholder="@@integrations.access-tokens.searchNamePlaceholder">
+      </nz-input-group>
+      <ng-template #prefixIconSearch>
+        <i nz-icon nzType="icons:icon-search"></i>
+      </ng-template>
+      <nz-select
+        i18n-nzPlaceHolder="@@integrations.access-tokens.filter-by-creator"
+        nzPlaceHolder="Select creator"
+        nzAllowClear
+        nzShowSearch
+        nzServerSearch
+        (ngModelChange)="doSearch(true)"
+        [(ngModel)]="filter.creatorId"
+        (nzOnSearch)="onSearchCreators($event)">
+        <ng-container *ngFor="let o of creatorList">
+          <nz-option
+            *ngIf="!isCreatorsLoading"
+            [nzValue]="o.id"
+            [nzLabel]="o.name || o.email">
+          </nz-option>
+        </ng-container>
+        <nz-option *ngIf="isCreatorsLoading" nzDisabled nzCustomContent>
+          <i nz-icon nzType="loading" class="loading-icon"></i>
+          <ng-container i18n="@@common.loading">Loading...</ng-container>
         </nz-option>
-      </ng-container>
-      <nz-option *ngIf="isCreatorsLoading" nzDisabled nzCustomContent>
-        <i nz-icon nzType="loading" class="loading-icon"></i>
-        <ng-container i18n="@@common.loading">Loading...</ng-container>
-      </nz-option>
-    </nz-select>
-    <nz-select nzAllowClear [(ngModel)]="filter.type" (ngModelChange)="doSearch(true)" i18n-nzPlaceHolder="@@integrations.access-tokens.filter-by-type" nzPlaceHolder="Filter by type">
-      <nz-option [nzValue]="AccessTokenStatusActive" [nzLabel]="AccessTokenStatusActive | accessTokenStatus"></nz-option>
-      <nz-option [nzValue]="AccessTokenStatusInactive" [nzLabel]="AccessTokenStatusInactive | accessTokenStatus"></nz-option>
-    </nz-select>
+      </nz-select>
+      <nz-select nzAllowClear [(ngModel)]="filter.type" (ngModelChange)="doSearch(true)" i18n-nzPlaceHolder="@@integrations.access-tokens.filter-by-type" nzPlaceHolder="Filter by type">
+        <nz-option [nzValue]="AccessTokenStatusActive" [nzLabel]="AccessTokenStatusActive | accessTokenStatus"></nz-option>
+        <nz-option [nzValue]="AccessTokenStatusInactive" [nzLabel]="AccessTokenStatusInactive | accessTokenStatus"></nz-option>
+      </nz-select>
+    </div>
+
     <button nz-button nzType="primary" (click)="openAccessTokenDrawer()">
       <i nz-icon nzType="icons:icon-add"></i>
       <ng-container i18n="@@common.add">Add</ng-container>
diff --git a/modules/front-end/src/app/features/safe/integrations/access-tokens/index/index.component.less b/modules/front-end/src/app/features/safe/integrations/access-tokens/index/index.component.less
index a8323c9f8..7ca329a39 100644
--- a/modules/front-end/src/app/features/safe/integrations/access-tokens/index/index.component.less
+++ b/modules/front-end/src/app/features/safe/integrations/access-tokens/index/index.component.less
@@ -1,6 +1,14 @@
 @import "variables";
 
 .table-content-area {
+
+  .search-inputs {
+    display: flex;
+    justify-content: flex-start;
+    align-items: center;
+    gap: 16px;
+  }
+
   nz-input-group {
     width: 300px;
   }

From 5a98e8598061225a962ac7b264bad08313509fcf Mon Sep 17 00:00:00 2001
From: cosmos-explorer <lian.yang.work@gmail.com>
Date: Sun, 12 Mar 2023 01:45:26 +0100
Subject: [PATCH 09/44] in progress

---
 .../Api/Controllers/AccessTokenController.cs  |  10 ++
 .../AccessTokens/UpdateAccessToken.cs         |  51 ++++++++
 .../src/Domain/AccessTokens/AccessToken.cs    |   6 +
 .../access-token-drawer.component.html        |   5 +-
 .../access-token-drawer.component.ts          | 110 ++++++++++++++----
 .../app/core/services/access-token.service.ts |   6 +
 .../access-tokens/index/index.component.html  |   6 +-
 .../access-tokens/index/index.component.ts    |  27 ++++-
 .../access-tokens/types/access-token.ts       |  10 +-
 9 files changed, 193 insertions(+), 38 deletions(-)
 create mode 100644 modules/back-end/src/Application/AccessTokens/UpdateAccessToken.cs

diff --git a/modules/back-end/src/Api/Controllers/AccessTokenController.cs b/modules/back-end/src/Api/Controllers/AccessTokenController.cs
index 5dd70ad70..b7146d98f 100644
--- a/modules/back-end/src/Api/Controllers/AccessTokenController.cs
+++ b/modules/back-end/src/Api/Controllers/AccessTokenController.cs
@@ -68,4 +68,14 @@ public async Task<ApiResponse<bool>> DeleteAsync(Guid id)
         var success = await Mediator.Send(request);
         return Ok(success);
     }
+    
+    [HttpPut("{id:guid}")]
+    public async Task<ApiResponse<AccessTokenVm>> UpdateAsync(Guid id, UpdateAccessToken request)
+    {
+        request.Id = id;
+
+        var metricVm = await Mediator.Send(request);
+
+        return Ok(metricVm);
+    }
 }
\ No newline at end of file
diff --git a/modules/back-end/src/Application/AccessTokens/UpdateAccessToken.cs b/modules/back-end/src/Application/AccessTokens/UpdateAccessToken.cs
new file mode 100644
index 000000000..9c446d516
--- /dev/null
+++ b/modules/back-end/src/Application/AccessTokens/UpdateAccessToken.cs
@@ -0,0 +1,51 @@
+using Application.Bases;
+using Application.Members;
+using Domain.ExperimentMetrics;
+
+namespace Application.AccessTokens;
+
+public class UpdateAccessToken : IRequest<AccessTokenVm>
+{
+    public Guid Id { get; set; }
+    public string Name { get; set; }
+}
+
+public class UpdateAccessTokenValidator : AbstractValidator<UpdateAccessToken>
+{
+    public UpdateAccessTokenValidator()
+    {
+        RuleFor(x => x.Name)
+            .NotEmpty().WithErrorCode(ErrorCodes.NameIsRequired);
+    }
+}
+
+public class UpdateAccessTokenHandler : IRequestHandler<UpdateAccessToken, AccessTokenVm>
+{
+    private readonly IAccessTokenService _service;
+    private readonly IMemberService _memberService;
+    private readonly IMapper _mapper;
+
+    public UpdateAccessTokenHandler(
+        IAccessTokenService service,
+        IMemberService memberService,
+        IMapper mapper)
+    {
+        _service = service;
+        _memberService = memberService;
+        _mapper = mapper;
+    }
+
+    public async Task<AccessTokenVm> Handle(UpdateAccessToken request, CancellationToken cancellationToken)
+    {
+        var accessToken = await _service.GetAsync(request.Id);
+        accessToken.UpdateName(request.Name);
+        
+        await _service.UpdateAsync(accessToken);
+
+        var creators = await _memberService.GetListByIds(new List<Guid>() { accessToken.CreatorId });
+        var accessTokenVm = _mapper.Map<AccessTokenVm>(accessToken);
+        accessTokenVm.Creator = _mapper.Map<MemberVm>(creators.First());
+
+        return accessTokenVm;
+    }
+}
\ No newline at end of file
diff --git a/modules/back-end/src/Domain/AccessTokens/AccessToken.cs b/modules/back-end/src/Domain/AccessTokens/AccessToken.cs
index 9334d32d2..553a699f5 100644
--- a/modules/back-end/src/Domain/AccessTokens/AccessToken.cs
+++ b/modules/back-end/src/Domain/AccessTokens/AccessToken.cs
@@ -38,4 +38,10 @@ public void ToggleStatus()
         Status = Status == AccessTokenStatus.Active ? AccessTokenStatus.Inactive : AccessTokenStatus.Active;
         UpdatedAt = DateTime.UtcNow;
     }
+
+    public void UpdateName(string name)
+    {
+        Name = name;
+        UpdatedAt = DateTime.UtcNow;
+    }
 }
\ No newline at end of file
diff --git a/modules/front-end/src/app/core/components/access-token-drawer/access-token-drawer.component.html b/modules/front-end/src/app/core/components/access-token-drawer/access-token-drawer.component.html
index 5326732ae..55b6a9e46 100644
--- a/modules/front-end/src/app/core/components/access-token-drawer/access-token-drawer.component.html
+++ b/modules/front-end/src/app/core/components/access-token-drawer/access-token-drawer.component.html
@@ -28,6 +28,7 @@
         <nz-form-control>
           <nz-select
             (ngModelChange)="onTypeChange()"
+            [nzDisabled]="isEditing"
             formControlName="type">
             <ng-container *ngFor="let at of actionTokenTypes">
               <nz-option
@@ -43,7 +44,7 @@
       <nz-form-item *ngIf="isServiceAccessToken">
         <nz-form-label nzRequired i18n="@@common.policies">Policies</nz-form-label>
         <nz-form-control>
-          <nz-select #policyNodeSelector
+          <nz-select #policyNodeSelector [nzDisabled]="isEditing"
             formControlName="policy"
             i18n-nzPlaceHolder="@@integrations.access-token.select-policies"
             nzPlaceHolder="Select policies"
@@ -74,7 +75,7 @@
               <i *ngIf="policy.type === 'SysManaged'" style="color: #28a17d;" nz-icon nzType="star" nzTheme="outline"></i>
               {{ policy.name }}
             </div>
-            <button nz-button nzType="default" [nzSize]="'large'" (click)="removePolicy(policy)"><i nz-icon nzType="close"></i></button>
+            <button [disabled]="isEditing" nz-button nzType="default" [nzSize]="'large'" (click)="removePolicy(policy)"><i nz-icon nzType="close"></i></button>
           </div>
         </div>
 
diff --git a/modules/front-end/src/app/core/components/access-token-drawer/access-token-drawer.component.ts b/modules/front-end/src/app/core/components/access-token-drawer/access-token-drawer.component.ts
index 37edc31d6..cb9c03ad3 100644
--- a/modules/front-end/src/app/core/components/access-token-drawer/access-token-drawer.component.ts
+++ b/modules/front-end/src/app/core/components/access-token-drawer/access-token-drawer.component.ts
@@ -3,11 +3,17 @@ import { FormBuilder, FormControl, FormGroup, Validators } from '@angular/forms'
 import { NzMessageService } from 'ng-zorro-antd/message';
 import { debounceTime, distinctUntilChanged, first, map, switchMap } from "rxjs/operators";
 import { PolicyService } from "@services/policy.service";
-import { AccessTokenTypeEnum, IAccessTokenPolicy } from "@features/safe/integrations/access-tokens/types/access-token";
+import {
+  AccessTokenTypeEnum,
+  IAccessToken,
+  IAccessTokenPolicy
+} from "@features/safe/integrations/access-tokens/types/access-token";
 import { PolicyFilter } from "@features/safe/iam/types/policy";
 import { NzSelectComponent } from "ng-zorro-antd/select";
 import { Subject } from "rxjs";
 import { AccessTokenService } from "@services/access-token.service";
+import { CustomEventSuccessCriteria, CustomEventTrackOption, IMetric } from "@features/safe/experiments/types";
+import { uuidv4 } from "@utils/index";
 
 @Component({
   selector: 'access-token-drawer',
@@ -17,17 +23,34 @@ import { AccessTokenService } from "@services/access-token.service";
 export class AccessTokenDrawerComponent implements OnInit {
 
   public policyCompareWith: (obj1: IAccessTokenPolicy, obj2: IAccessTokenPolicy) => boolean = (obj1: IAccessTokenPolicy, obj2: IAccessTokenPolicy) => {
-    if(obj1 && obj2) {
+    if (obj1 && obj2) {
       return obj1.id === obj2.id;
     } else {
       return false;
     }
   };
 
+  private _accessToken: IAccessToken;
+  isEditing: boolean = false;
+
+  @Input()
+  set accessToken(accessToken: IAccessToken) {
+    this.isEditing = accessToken && !!accessToken.id;
+    if (accessToken) {
+      this.selectedPolicyList = accessToken.policies.map((p) => ({...p, isSelected: true}));
+      this.isServiceAccessToken = accessToken.type === AccessTokenTypeEnum.Service;
+      this.patchForm(accessToken);
+    } else {
+      this.resetForm();
+    }
+    this._accessToken = accessToken;
+  }
+
   @Input() visible: boolean = false;
-  @Output() close: EventEmitter<boolean> = new EventEmitter();
+  @Output() close: EventEmitter<any> = new EventEmitter();
 
   policyDebouncer = new Subject<string>();
+
   constructor(
     private fb: FormBuilder,
     private policyService: PolicyService,
@@ -42,10 +65,11 @@ export class AccessTokenDrawerComponent implements OnInit {
 
   isServiceAccessToken: boolean = false
 
-  @ViewChild("policyNodeSelector", { static: false }) policySelectNode: NzSelectComponent;
+  @ViewChild("policyNodeSelector", {static: false}) policySelectNode: NzSelectComponent;
   selectedPolicyList: IAccessTokenPolicy[] = [];
   policySearchResultList: IAccessTokenPolicy[] = [];
   form: FormGroup;
+
   ngOnInit(): void {
     this.form = this.fb.group({
       name: ['', [Validators.required], [this.nameAsyncValidator], 'change'],
@@ -54,18 +78,38 @@ export class AccessTokenDrawerComponent implements OnInit {
     });
   }
 
+  get accessToken() {
+    return this._accessToken;
+  }
+
+  resetForm() {
+    this.form && this.form.reset();
+  }
+
+  patchForm(accessToken: Partial<IAccessToken>) {
+    this.form.patchValue({
+      name: accessToken.name,
+      type: accessToken.type,
+      policy: {},
+    });
+  }
+
   onClose() {
-    this.form.reset();
+    this.reset();
     this.close.emit();
   }
 
+  private reset() {
+    this.form.reset();
+  }
+
   onTypeChange() {
-    const { type } = this.form.value;
+    const {type} = this.form.value;
     this.isServiceAccessToken = type === AccessTokenTypeEnum.Service;
   }
 
   onPolicySelectChange() {
-    const { policy } = this.form.value;
+    const {policy} = this.form.value;
 
     if (this.selectedPolicyList.some((sp) => sp.id === policy.id)) {
       this.selectedPolicyList = this.selectedPolicyList.filter((sp) => sp.id !== policy.id);
@@ -87,6 +131,7 @@ export class AccessTokenDrawerComponent implements OnInit {
   }
 
   isLoadingPolicies = true;
+
   searchPolicies(query: string = '') {
     this.isLoadingPolicies = true;
 
@@ -106,9 +151,9 @@ export class AccessTokenDrawerComponent implements OnInit {
     map(isNameUsed => {
       switch (isNameUsed) {
         case true:
-          return { error: true, duplicated: true };
+          return {error: true, duplicated: true};
         case undefined:
-          return { error: true, unknown: true };
+          return {error: true, unknown: true};
         default:
           return null;
       }
@@ -131,6 +176,7 @@ export class AccessTokenDrawerComponent implements OnInit {
       this.isPolicyIdsValid = true;
     }
   }
+
   doSubmit() {
     // we validate name and type only here
     if (this.form.invalid) {
@@ -148,24 +194,40 @@ export class AccessTokenDrawerComponent implements OnInit {
     }
 
     this.isLoading = true;
-    const { name, type } = this.form.value;
-    const policies = this.isServiceAccessToken ? this.selectedPolicyList.map(p => p.id) : [];
-
-    this.accessTokenService.create(name, type, policies).subscribe({
-        next: () => {
-          this.isLoading = false;
-          this.close.emit(true);
-          this.message.success($localize `:@@common.operation-success:Operation succeeded`);
-          this.form.reset();
-        },
-        error: (e) => {
-          this.isLoading = false;
-          if (e.errors[0] === 'ServiceAccessTokenMustDefinePolicies') {
-            this.message.error($localize `:@@integrations.access-token.service-access-token-must-define-policies:Policies are mandatory for service type access tokens`);
+    const {name, type} = this.form.value;
+
+    if (this.isEditing) {
+      this.accessTokenService.update(this.accessToken.id, name).subscribe({
+          next: res => {
+            this.isLoading = false;
+            this.close.emit({ isEditing: true, id: this.accessToken.id, name: name});
+            this.message.success($localize`:@@common.operation-success:Operation succeeded`);
+          },
+          error: _ => {
+            this.message.error($localize`:@@common.operation-failed-try-again:Operation failed, please try again`);
+            this.isLoading = false;
+          }
+        }
+      );
+    } else {
+      const policies = this.isServiceAccessToken ? this.selectedPolicyList.map(p => p.id) : [];
+
+      this.accessTokenService.create(name, type, policies).subscribe({
+          next: () => {
+            this.isLoading = false;
+            this.close.emit({ isEditing: false });
+            this.message.success($localize`:@@common.operation-success:Operation succeeded`);
+            this.reset();
+          },
+          error: (e) => {
+            this.isLoading = false;
+            if (e.errors[0] === 'ServiceAccessTokenMustDefinePolicies') {
+              this.message.error($localize`:@@integrations.access-token.service-access-token-must-define-policies:Policies are mandatory for service type access tokens`);
+            }
           }
         }
+      )
     }
-    )
   }
 
   actionTokenTypes = [
diff --git a/modules/front-end/src/app/core/services/access-token.service.ts b/modules/front-end/src/app/core/services/access-token.service.ts
index f2f2d35b1..29c301eb3 100644
--- a/modules/front-end/src/app/core/services/access-token.service.ts
+++ b/modules/front-end/src/app/core/services/access-token.service.ts
@@ -9,6 +9,7 @@ import {
   IAccessToken,
   IPagedAccessToken
 } from "@features/safe/integrations/access-tokens/types/access-token";
+import { IMetric } from "@features/safe/experiments/types";
 
 @Injectable({
   providedIn: 'root'
@@ -53,4 +54,9 @@ export class AccessTokenService {
   toggleStatus(id: string): Observable<any> {
     return this.http.put(`${this.baseUrl}/${id}/toggle`, {});
   }
+
+  update(id: string, name: string): Observable<any> {
+    const url = this.baseUrl;
+    return this.http.put(url + `/${id}`, { name });
+  }
 }
diff --git a/modules/front-end/src/app/features/safe/integrations/access-tokens/index/index.component.html b/modules/front-end/src/app/features/safe/integrations/access-tokens/index/index.component.html
index 920fa296f..7f18224df 100644
--- a/modules/front-end/src/app/features/safe/integrations/access-tokens/index/index.component.html
+++ b/modules/front-end/src/app/features/safe/integrations/access-tokens/index/index.component.html
@@ -34,7 +34,7 @@
       </nz-select>
     </div>
 
-    <button nz-button nzType="primary" (click)="openAccessTokenDrawer()">
+    <button nz-button nzType="primary" (click)="creatOrEdit()">
       <i nz-icon nzType="icons:icon-add"></i>
       <ng-container i18n="@@common.add">Add</ng-container>
     </button>
@@ -75,7 +75,7 @@
         <td>{{ item.status | accessTokenStatus }}</td>
         <td>{{ item.lastUsedAt | date: 'YYYY-MM-dd HH:mm'}}</td>
         <td>
-          <a class="primary-link-btn" i18n="@@common.edit">Edit</a>
+          <a (click)="creatOrEdit(item)" class="primary-link-btn" i18n="@@common.edit">Edit</a>
 
           <ng-container *ngIf="item.status === AccessTokenStatusInactive">
             <nz-divider nzType="vertical"></nz-divider>
@@ -104,5 +104,5 @@
   </div>
 </div>
 
-<access-token-drawer [visible]="accessTokenDrawerVisible" (close)="accessTokenDrawerClosed($event)"></access-token-drawer>
+<access-token-drawer [visible]="accessTokenDrawerVisible" (close)="accessTokenDrawerClosed($event)" [accessToken]="currentAccessToken"></access-token-drawer>
 
diff --git a/modules/front-end/src/app/features/safe/integrations/access-tokens/index/index.component.ts b/modules/front-end/src/app/features/safe/integrations/access-tokens/index/index.component.ts
index 6f4276522..de1a67260 100644
--- a/modules/front-end/src/app/features/safe/integrations/access-tokens/index/index.component.ts
+++ b/modules/front-end/src/app/features/safe/integrations/access-tokens/index/index.component.ts
@@ -7,7 +7,7 @@ import { NzMessageService } from "ng-zorro-antd/message";
 import { IPagedPolicy, IPolicy, PolicyFilter, policyRn } from "@features/safe/iam/types/policy";
 import { PolicyService } from "@services/policy.service";
 import {
-  AccessTokenFilter, AccessTokenStatusEnum,
+  AccessTokenFilter, AccessTokenStatusEnum, AccessTokenTypeEnum,
   IAccessToken,
   IPagedAccessToken
 } from "@features/safe/integrations/access-tokens/types/access-token";
@@ -98,17 +98,36 @@ export class IndexComponent implements OnInit {
   }
 
   accessTokenDrawerVisible: boolean = false;
-  openAccessTokenDrawer(){
+  private openAccessTokenDrawer(){
     this.accessTokenDrawerVisible = true;
   }
-  accessTokenDrawerClosed(created: any) {
+
+  accessTokenDrawerClosed(data: any) { //{ isEditing: boolean, id: string, name: string }
     this.accessTokenDrawerVisible = false;
 
-    if (created) {
+    if (!data) {
+      return;
+    }
+
+    if (!data.isEditing) {
       this.getAccessTokens();
+    } else {
+      this.accessTokens.items = this.accessTokens.items.map((ac) => {
+        if (ac.id === data.id) {
+          return { ...ac, name: data.name };
+        }
+
+        return ac;
+      })
     }
   }
 
+  currentAccessToken: IAccessToken;
+  creatOrEdit(accessToken: IAccessToken = { name: null, type: AccessTokenTypeEnum.Personal, policies: []}) {
+    this.currentAccessToken = accessToken;
+    this.openAccessTokenDrawer();
+  }
+
   delete(accessToken: IAccessToken) {
     this.accessTokenService.delete(accessToken.id).subscribe({
       next:() => {
diff --git a/modules/front-end/src/app/features/safe/integrations/access-tokens/types/access-token.ts b/modules/front-end/src/app/features/safe/integrations/access-tokens/types/access-token.ts
index 1852d30fc..bf1e89c7a 100644
--- a/modules/front-end/src/app/features/safe/integrations/access-tokens/types/access-token.ts
+++ b/modules/front-end/src/app/features/safe/integrations/access-tokens/types/access-token.ts
@@ -2,13 +2,13 @@ import { IPolicy } from "@features/safe/iam/types/policy";
 import { IMember } from "@features/safe/iam/types/member";
 
 export interface IAccessToken {
-  id: string;
+  id?: string;
   type: string;
-  creator: IMember;
-  status: string;
+  creator?: IMember;
+  status?: string;
   name: string;
-  policies: IPolicy[],
-  lastUsedAt: string
+  policies?: IPolicy[],
+  lastUsedAt?: string
 }
 
 export enum AccessTokenTypeEnum {

From 660feaad10dc4c8de3492738553e10b859823149 Mon Sep 17 00:00:00 2001
From: cosmos-explorer <lian.yang.work@gmail.com>
Date: Sun, 12 Mar 2023 01:55:18 +0100
Subject: [PATCH 10/44] added translations

---
 modules/front-end/src/locale/messages.xlf    | 1594 +++++++++--------
 modules/front-end/src/locale/messages.zh.xlf | 1617 ++++++++++--------
 2 files changed, 1840 insertions(+), 1371 deletions(-)

diff --git a/modules/front-end/src/locale/messages.xlf b/modules/front-end/src/locale/messages.xlf
index af77bba42..543335c4f 100644
--- a/modules/front-end/src/locale/messages.xlf
+++ b/modules/front-end/src/locale/messages.xlf
@@ -2,6 +2,721 @@
 <xliff version="1.2" xmlns="urn:oasis:names:tc:xliff:document:1.2">
   <file source-language="en" datatype="plaintext" original="ng2.template">
     <body>
+      <trans-unit id="integrations.access-token.access-token-drawer.title" datatype="html">
+        <source>Add access token</source>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/core/components/access-token-drawer/access-token-drawer.component.html</context>
+          <context context-type="linenumber">7</context>
+        </context-group>
+      </trans-unit>
+      <trans-unit id="common.name" datatype="html">
+        <source>Name</source>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/core/components/access-token-drawer/access-token-drawer.component.html</context>
+          <context context-type="linenumber">15</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/core/components/access-token-drawer/access-token-drawer.component.html</context>
+          <context context-type="linenumber">17</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/core/components/env-drawer/env-drawer.component.html</context>
+          <context context-type="linenumber">22</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/core/components/env-drawer/env-drawer.component.html</context>
+          <context context-type="linenumber">24</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/core/components/group-drawer/group-drawer.component.html</context>
+          <context context-type="linenumber">14</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/core/components/group-drawer/group-drawer.component.html</context>
+          <context context-type="linenumber">16</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/core/components/metric-drawer/metric-drawer.component.html</context>
+          <context context-type="linenumber">12</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/core/components/metric-drawer/metric-drawer.component.html</context>
+          <context context-type="linenumber">14</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/core/components/organization-drawer/organization-drawer.component.html</context>
+          <context context-type="linenumber">13</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/core/components/organization-drawer/organization-drawer.component.html</context>
+          <context context-type="linenumber">15</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/core/components/policy-drawer/policy-drawer.component.html</context>
+          <context context-type="linenumber">14</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/core/components/policy-drawer/policy-drawer.component.html</context>
+          <context context-type="linenumber">16</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/core/components/project-drawer/project-drawer.component.html</context>
+          <context context-type="linenumber">23</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/core/components/project-drawer/project-drawer.component.html</context>
+          <context context-type="linenumber">25</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/core/components/props-drawer/props-drawer.component.html</context>
+          <context context-type="linenumber">39</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/core/components/props-drawer/props-drawer.component.html</context>
+          <context context-type="linenumber">74</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/core/components/user-segments-flags-drawer/user-segments-flags-drawer.component.html</context>
+          <context context-type="linenumber">37,38</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/core/components/user-segments-flags-drawer/user-segments-flags-drawer.component.html</context>
+          <context context-type="linenumber">85,86</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/features/safe/data-sync/remote-sync/remote-sync.component.html</context>
+          <context context-type="linenumber">25</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/features/safe/end-users/details/details.component.html</context>
+          <context context-type="linenumber">16</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/features/safe/feature-flags/details/insights/insights.component.html</context>
+          <context context-type="linenumber">56</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/features/safe/feature-flags/details/setting/setting.component.html</context>
+          <context context-type="linenumber">31</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/features/safe/feature-flags/index/index.component.html</context>
+          <context context-type="linenumber">70</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/features/safe/feature-flags/index/index.component.html</context>
+          <context context-type="linenumber">185</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/features/safe/iam/groups/details/setting/setting.component.html</context>
+          <context context-type="linenumber">10</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/features/safe/iam/groups/details/setting/setting.component.html</context>
+          <context context-type="linenumber">17</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/features/safe/iam/groups/details/team/team.component.html</context>
+          <context context-type="linenumber">27</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/features/safe/iam/groups/index/index.component.html</context>
+          <context context-type="linenumber">29</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/features/safe/iam/policies/details/groups/groups.component.html</context>
+          <context context-type="linenumber">27</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/features/safe/iam/policies/details/setting/setting.component.html</context>
+          <context context-type="linenumber">10</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/features/safe/iam/policies/details/setting/setting.component.html</context>
+          <context context-type="linenumber">17</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/features/safe/iam/policies/details/team/team.component.html</context>
+          <context context-type="linenumber">28</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/features/safe/iam/policies/index/index.component.html</context>
+          <context context-type="linenumber">29</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/features/safe/iam/team/details/direct-policies/direct-policies.component.html</context>
+          <context context-type="linenumber">30</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/features/safe/iam/team/details/groups/groups.component.html</context>
+          <context context-type="linenumber">27</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/features/safe/iam/team/details/inherited-policies/inherited-policies.component.html</context>
+          <context context-type="linenumber">23</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/features/safe/iam/team/details/setting/setting.component.html</context>
+          <context context-type="linenumber">10</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/features/safe/iam/team/index/index.component.html</context>
+          <context context-type="linenumber">29</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/features/safe/integrations/access-tokens/index/index.component.html</context>
+          <context context-type="linenumber">57</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/features/safe/organizations/profile/profile.component.html</context>
+          <context context-type="linenumber">4</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/features/safe/organizations/profile/profile.component.html</context>
+          <context context-type="linenumber">7</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/features/safe/organizations/project/project.component.html</context>
+          <context context-type="linenumber">120</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/features/safe/segments/details/setting/setting.component.html</context>
+          <context context-type="linenumber">15</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/features/safe/segments/index/index.component.html</context>
+          <context context-type="linenumber">35</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/features/safe/segments/index/index.component.html</context>
+          <context context-type="linenumber">82</context>
+        </context-group>
+      </trans-unit>
+      <trans-unit id="common.validating" datatype="html">
+        <source>Validating...</source>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/core/components/access-token-drawer/access-token-drawer.component.html</context>
+          <context context-type="linenumber">16</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/core/components/group-drawer/group-drawer.component.html</context>
+          <context context-type="linenumber">15</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/core/components/policy-drawer/policy-drawer.component.html</context>
+          <context context-type="linenumber">15</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/features/safe/feature-flags/index/index.component.html</context>
+          <context context-type="linenumber">203</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/features/safe/segments/index/index.component.html</context>
+          <context context-type="linenumber">83</context>
+        </context-group>
+      </trans-unit>
+      <trans-unit id="integrations.access-token.access-token-drawer.name-cannot-be-empty" datatype="html">
+        <source>Access token name cannot be empty</source>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/core/components/access-token-drawer/access-token-drawer.component.html</context>
+          <context context-type="linenumber">20</context>
+        </context-group>
+      </trans-unit>
+      <trans-unit id="integrations.access-token.access-token-drawer.name-unavailable" datatype="html">
+        <source>This access token name is not available</source>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/core/components/access-token-drawer/access-token-drawer.component.html</context>
+          <context context-type="linenumber">21</context>
+        </context-group>
+      </trans-unit>
+      <trans-unit id="common.type" datatype="html">
+        <source>Type</source>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/core/components/access-token-drawer/access-token-drawer.component.html</context>
+          <context context-type="linenumber">27</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/features/safe/data-sync/remote-sync/remote-sync.component.html</context>
+          <context context-type="linenumber">26</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/features/safe/iam/policies/details/setting/setting.component.html</context>
+          <context context-type="linenumber">33</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/features/safe/iam/policies/index/index.component.html</context>
+          <context context-type="linenumber">30</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/features/safe/iam/team/details/direct-policies/direct-policies.component.html</context>
+          <context context-type="linenumber">31</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/features/safe/iam/team/details/inherited-policies/inherited-policies.component.html</context>
+          <context context-type="linenumber">25</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/features/safe/integrations/access-tokens/index/index.component.html</context>
+          <context context-type="linenumber">58</context>
+        </context-group>
+      </trans-unit>
+      <trans-unit id="common.policies" datatype="html">
+        <source>Policies</source>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/core/components/access-token-drawer/access-token-drawer.component.html</context>
+          <context context-type="linenumber">45</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/features/safe/iam/groups/details/details.component.html</context>
+          <context context-type="linenumber">13</context>
+        </context-group>
+      </trans-unit>
+      <trans-unit id="integrations.access-token.select-policies" datatype="html">
+        <source>Select policies</source>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/core/components/access-token-drawer/access-token-drawer.component.html</context>
+          <context context-type="linenumber">50</context>
+        </context-group>
+      </trans-unit>
+      <trans-unit id="common.loading" datatype="html">
+        <source>Loading...</source>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/core/components/access-token-drawer/access-token-drawer.component.html</context>
+          <context context-type="linenumber">68</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/core/components/audit-logs/audit-logs.component.html</context>
+          <context context-type="linenumber">26</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/core/components/experiment-drawer/experiment-drawer.component.html</context>
+          <context context-type="linenumber">36</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/core/components/experiment-drawer/experiment-drawer.component.html</context>
+          <context context-type="linenumber">66</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/core/components/member-drawer/member-drawer.component.html</context>
+          <context context-type="linenumber">38</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/core/components/member-drawer/member-drawer.component.html</context>
+          <context context-type="linenumber">55</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/core/components/metric-drawer/metric-drawer.component.html</context>
+          <context context-type="linenumber">43</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/core/components/target-user/target-user.component.html</context>
+          <context context-type="linenumber">44</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/features/safe/end-users/index/index.component.html</context>
+          <context context-type="linenumber">25</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/features/safe/end-users/index/index.component.html</context>
+          <context context-type="linenumber">60</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/features/safe/feature-flags/details/experimentation/experimentation.component.html</context>
+          <context context-type="linenumber">138</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/features/safe/feature-flags/details/insights/insights.component.html</context>
+          <context context-type="linenumber">18</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/features/safe/feature-flags/details/setting/setting.component.html</context>
+          <context context-type="linenumber">136,137</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/features/safe/feature-flags/index/index.component.html</context>
+          <context context-type="linenumber">26</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/features/safe/iam/components/policy-editor/resources-selector/resources-selector.component.html</context>
+          <context context-type="linenumber">38</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/features/safe/integrations/access-tokens/index/index.component.html</context>
+          <context context-type="linenumber">28</context>
+        </context-group>
+      </trans-unit>
+      <trans-unit id="integrations.access-token.service-access-token-must-define-policies" datatype="html">
+        <source>Policies are mandatory for service type access tokens</source>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/core/components/access-token-drawer/access-token-drawer.component.html</context>
+          <context context-type="linenumber">82</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/core/components/access-token-drawer/access-token-drawer.component.ts</context>
+          <context context-type="linenumber">225</context>
+        </context-group>
+      </trans-unit>
+      <trans-unit id="common.save" datatype="html">
+        <source>Save</source>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/core/components/access-token-drawer/access-token-drawer.component.html</context>
+          <context context-type="linenumber">92</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/core/components/change-review/change-review.component.html</context>
+          <context context-type="linenumber">43</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/core/components/env-drawer/env-drawer.component.html</context>
+          <context context-type="linenumber">35</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/core/components/experiment-drawer/experiment-drawer.component.html</context>
+          <context context-type="linenumber">91</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/core/components/expt-rules-drawer/expt-rules-drawer.component.html</context>
+          <context context-type="linenumber">202</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/core/components/group-drawer/group-drawer.component.html</context>
+          <context context-type="linenumber">32</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/core/components/header/header.component.html</context>
+          <context context-type="linenumber">80,81</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/core/components/member-drawer/member-drawer.component.html</context>
+          <context context-type="linenumber">61</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/core/components/metric-drawer/metric-drawer.component.html</context>
+          <context context-type="linenumber">121</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/core/components/organization-drawer/organization-drawer.component.html</context>
+          <context context-type="linenumber">18</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/core/components/policy-drawer/policy-drawer.component.html</context>
+          <context context-type="linenumber">32</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/core/components/project-drawer/project-drawer.component.html</context>
+          <context context-type="linenumber">29</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/core/components/props-drawer/props-drawer.component.html</context>
+          <context context-type="linenumber">90</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/core/components/target-user/target-user.component.html</context>
+          <context context-type="linenumber">69</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/features/safe/feature-flags/details/setting/setting.component.html</context>
+          <context context-type="linenumber">164,166</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/features/safe/feature-flags/index/index.component.html</context>
+          <context context-type="linenumber">224</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/features/safe/iam/components/policy-editor/policy-editor.component.html</context>
+          <context context-type="linenumber">9</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/features/safe/iam/components/policy-editor/resources-selector/resources-selector.component.html</context>
+          <context context-type="linenumber">76</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/features/safe/segments/index/index.component.html</context>
+          <context context-type="linenumber">104</context>
+        </context-group>
+      </trans-unit>
+      <trans-unit id="common.operation-success" datatype="html">
+        <source>Operation succeeded</source>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/core/components/access-token-drawer/access-token-drawer.component.ts</context>
+          <context context-type="linenumber">204</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/core/components/access-token-drawer/access-token-drawer.component.ts</context>
+          <context context-type="linenumber">219</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/core/components/expt-rules-drawer/expt-rules-drawer.component.ts</context>
+          <context context-type="linenumber">193</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/core/components/group-drawer/group-drawer.component.ts</context>
+          <context context-type="linenumber">68</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/core/components/member-drawer/member-drawer.component.ts</context>
+          <context context-type="linenumber">121</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/core/components/metric-drawer/metric-drawer.component.ts</context>
+          <context context-type="linenumber">241</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/core/components/metric-drawer/metric-drawer.component.ts</context>
+          <context context-type="linenumber">258</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/core/components/policy-drawer/policy-drawer.component.ts</context>
+          <context context-type="linenumber">68</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/core/components/props-drawer/props-drawer.component.ts</context>
+          <context context-type="linenumber">93</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/core/components/props-drawer/props-drawer.component.ts</context>
+          <context context-type="linenumber">116</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/core/components/props-drawer/props-drawer.component.ts</context>
+          <context context-type="linenumber">134</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/features/safe/experiments/metrics/metrics.component.ts</context>
+          <context context-type="linenumber">85</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/features/safe/feature-flags/components/flag-triggers/flag-triggers.component.ts</context>
+          <context context-type="linenumber">59</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/features/safe/feature-flags/components/flag-triggers/flag-triggers.component.ts</context>
+          <context context-type="linenumber">77</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/features/safe/feature-flags/components/flag-triggers/flag-triggers.component.ts</context>
+          <context context-type="linenumber">86</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/features/safe/feature-flags/components/flag-triggers/flag-triggers.component.ts</context>
+          <context context-type="linenumber">97</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/features/safe/feature-flags/details/setting/setting.component.ts</context>
+          <context context-type="linenumber">84</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/features/safe/feature-flags/details/setting/setting.component.ts</context>
+          <context context-type="linenumber">95</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/features/safe/feature-flags/details/setting/setting.component.ts</context>
+          <context context-type="linenumber">190</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/features/safe/feature-flags/details/setting/setting.component.ts</context>
+          <context context-type="linenumber">322</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/features/safe/feature-flags/details/setting/setting.component.ts</context>
+          <context context-type="linenumber">333</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/features/safe/feature-flags/details/setting/setting.component.ts</context>
+          <context context-type="linenumber">341</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/features/safe/feature-flags/index/index.component.ts</context>
+          <context context-type="linenumber">336</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/features/safe/feature-flags/index/index.component.ts</context>
+          <context context-type="linenumber">349</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/features/safe/feature-flags/index/index.component.ts</context>
+          <context context-type="linenumber">359</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/features/safe/iam/groups/details/policies/policies.component.ts</context>
+          <context context-type="linenumber">74</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/features/safe/iam/groups/details/policies/policies.component.ts</context>
+          <context context-type="linenumber">88</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/features/safe/iam/groups/details/setting/setting.component.ts</context>
+          <context context-type="linenumber">42</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/features/safe/iam/groups/details/setting/setting.component.ts</context>
+          <context context-type="linenumber">69</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/features/safe/iam/groups/details/team/team.component.ts</context>
+          <context context-type="linenumber">73</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/features/safe/iam/groups/details/team/team.component.ts</context>
+          <context context-type="linenumber">87</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/features/safe/iam/groups/index/index.component.ts</context>
+          <context context-type="linenumber">84</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/features/safe/iam/policies/details/groups/groups.component.ts</context>
+          <context context-type="linenumber">76</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/features/safe/iam/policies/details/groups/groups.component.ts</context>
+          <context context-type="linenumber">90</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/features/safe/iam/policies/details/permission/permission.component.ts</context>
+          <context context-type="linenumber">40</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/features/safe/iam/policies/details/setting/setting.component.ts</context>
+          <context context-type="linenumber">46</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/features/safe/iam/policies/details/setting/setting.component.ts</context>
+          <context context-type="linenumber">53</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/features/safe/iam/policies/details/team/team.component.ts</context>
+          <context context-type="linenumber">76</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/features/safe/iam/policies/details/team/team.component.ts</context>
+          <context context-type="linenumber">90</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/features/safe/iam/policies/index/index.component.ts</context>
+          <context context-type="linenumber">80</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/features/safe/iam/team/details/direct-policies/direct-policies.component.ts</context>
+          <context context-type="linenumber">75</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/features/safe/iam/team/details/direct-policies/direct-policies.component.ts</context>
+          <context context-type="linenumber">89</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/features/safe/iam/team/details/groups/groups.component.ts</context>
+          <context context-type="linenumber">81</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/features/safe/iam/team/details/groups/groups.component.ts</context>
+          <context context-type="linenumber">95</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/features/safe/iam/team/details/setting/setting.component.ts</context>
+          <context context-type="linenumber">51</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/features/safe/iam/team/index/index.component.ts</context>
+          <context context-type="linenumber">72</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/features/safe/integrations/access-tokens/index/index.component.ts</context>
+          <context context-type="linenumber">134</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/features/safe/integrations/access-tokens/index/index.component.ts</context>
+          <context context-type="linenumber">145</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/features/safe/segments/details/setting/setting.component.ts</context>
+          <context context-type="linenumber">60</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/features/safe/segments/details/targeting/targeting.component.ts</context>
+          <context context-type="linenumber">136</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/features/safe/segments/index/index.component.ts</context>
+          <context context-type="linenumber">41</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/features/safe/segments/index/index.component.ts</context>
+          <context context-type="linenumber">63</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/features/safe/segments/index/index.component.ts</context>
+          <context context-type="linenumber">76</context>
+        </context-group>
+      </trans-unit>
+      <trans-unit id="common.operation-failed-try-again" datatype="html">
+        <source>Operation failed, please try again</source>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/core/components/access-token-drawer/access-token-drawer.component.ts</context>
+          <context context-type="linenumber">207</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/core/components/metric-drawer/metric-drawer.component.ts</context>
+          <context context-type="linenumber">244</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/core/components/target-user/target-user.component.ts</context>
+          <context context-type="linenumber">127</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/core/components/target-user/target-user.component.ts</context>
+          <context context-type="linenumber">159</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/features/safe/feature-flags/details/experimentation/experimentation.component.ts</context>
+          <context context-type="linenumber">213</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/features/safe/feature-flags/details/experimentation/experimentation.component.ts</context>
+          <context context-type="linenumber">229</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/features/safe/feature-flags/details/experimentation/experimentation.component.ts</context>
+          <context context-type="linenumber">296</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/features/safe/feature-flags/details/experimentation/experimentation.component.ts</context>
+          <context context-type="linenumber">309</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/features/safe/feature-flags/details/setting/setting.component.ts</context>
+          <context context-type="linenumber">274</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/features/safe/feature-flags/details/targeting/targeting.component.ts</context>
+          <context context-type="linenumber">109</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/features/safe/feature-flags/index/index.component.ts</context>
+          <context context-type="linenumber">339</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/features/safe/onboarding/steps/steps.component.ts</context>
+          <context context-type="linenumber">63</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/features/safe/organizations/project/project.component.ts</context>
+          <context context-type="linenumber">253</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/features/safe/organizations/project/project.component.ts</context>
+          <context context-type="linenumber">287</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/features/safe/organizations/project/project.component.ts</context>
+          <context context-type="linenumber">303</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/features/safe/segments/index/index.component.ts</context>
+          <context context-type="linenumber">79</context>
+        </context-group>
+      </trans-unit>
       <trans-unit id="auditlogs.operation-create" datatype="html">
         <source>created</source>
         <context-group purpose="location">
@@ -53,75 +768,16 @@
       </trans-unit>
       <trans-unit id="ff.history.filter-by" datatype="html">
         <source>Filter by name, comment</source>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/core/components/audit-logs/audit-logs.component.html</context>
-          <context context-type="linenumber">6</context>
-        </context-group>
-      </trans-unit>
-      <trans-unit id="auditlogs.idx.filter-by-team-member" datatype="html">
-        <source>Filter by team member</source>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/core/components/audit-logs/audit-logs.component.html</context>
-          <context context-type="linenumber">20</context>
-        </context-group>
-      </trans-unit>
-      <trans-unit id="common.loading" datatype="html">
-        <source>Loading...</source>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/core/components/audit-logs/audit-logs.component.html</context>
-          <context context-type="linenumber">26</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/core/components/experiment-drawer/experiment-drawer.component.html</context>
-          <context context-type="linenumber">36</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/core/components/experiment-drawer/experiment-drawer.component.html</context>
-          <context context-type="linenumber">66</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/core/components/member-drawer/member-drawer.component.html</context>
-          <context context-type="linenumber">38</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/core/components/member-drawer/member-drawer.component.html</context>
-          <context context-type="linenumber">55</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/core/components/metric-drawer/metric-drawer.component.html</context>
-          <context context-type="linenumber">43</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/core/components/target-user/target-user.component.html</context>
-          <context context-type="linenumber">44</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/end-users/index/index.component.html</context>
-          <context context-type="linenumber">25</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/end-users/index/index.component.html</context>
-          <context context-type="linenumber">60</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/feature-flags/details/experimentation/experimentation.component.html</context>
-          <context context-type="linenumber">138</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/feature-flags/details/insights/insights.component.html</context>
-          <context context-type="linenumber">18</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/feature-flags/details/setting/setting.component.html</context>
-          <context context-type="linenumber">136,137</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/feature-flags/index/index.component.html</context>
-          <context context-type="linenumber">26</context>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/core/components/audit-logs/audit-logs.component.html</context>
+          <context context-type="linenumber">6</context>
         </context-group>
+      </trans-unit>
+      <trans-unit id="auditlogs.idx.filter-by-team-member" datatype="html">
+        <source>Filter by team member</source>
         <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/iam/components/policy-editor/resources-selector/resources-selector.component.html</context>
-          <context context-type="linenumber">38</context>
+          <context context-type="sourcefile">src/app/core/components/audit-logs/audit-logs.component.html</context>
+          <context context-type="linenumber">20</context>
         </context-group>
       </trans-unit>
       <trans-unit id="ff.idx.filter-by-type" datatype="html">
@@ -328,296 +984,50 @@
         <source>Cancel</source>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/core/components/change-review/change-review.component.html</context>
-          <context context-type="linenumber">41</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/core/components/header/header.component.html</context>
-          <context context-type="linenumber">79,80</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/core/components/props-drawer/props-drawer.component.html</context>
-          <context context-type="linenumber">103</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/core/components/target-user/target-user.component.html</context>
-          <context context-type="linenumber">68</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/feature-flags/details/setting/setting.component.html</context>
-          <context context-type="linenumber">162,163</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/feature-flags/index/index.component.html</context>
-          <context context-type="linenumber">223</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/iam/components/policy-editor/resources-selector/resources-selector.component.html</context>
-          <context context-type="linenumber">75</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/segments/index/index.component.html</context>
-          <context context-type="linenumber">102</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/segments/index/index.component.html</context>
-          <context context-type="linenumber">141</context>
-        </context-group>
-      </trans-unit>
-      <trans-unit id="common.save" datatype="html">
-        <source>Save</source>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/core/components/change-review/change-review.component.html</context>
-          <context context-type="linenumber">43</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/core/components/env-drawer/env-drawer.component.html</context>
-          <context context-type="linenumber">35</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/core/components/experiment-drawer/experiment-drawer.component.html</context>
-          <context context-type="linenumber">91</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/core/components/expt-rules-drawer/expt-rules-drawer.component.html</context>
-          <context context-type="linenumber">202</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/core/components/group-drawer/group-drawer.component.html</context>
-          <context context-type="linenumber">32</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/core/components/header/header.component.html</context>
-          <context context-type="linenumber">80,81</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/core/components/member-drawer/member-drawer.component.html</context>
-          <context context-type="linenumber">61</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/core/components/metric-drawer/metric-drawer.component.html</context>
-          <context context-type="linenumber">121</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/core/components/organization-drawer/organization-drawer.component.html</context>
-          <context context-type="linenumber">18</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/core/components/policy-drawer/policy-drawer.component.html</context>
-          <context context-type="linenumber">32</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/core/components/project-drawer/project-drawer.component.html</context>
-          <context context-type="linenumber">29</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/core/components/props-drawer/props-drawer.component.html</context>
-          <context context-type="linenumber">90</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/core/components/target-user/target-user.component.html</context>
-          <context context-type="linenumber">69</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/feature-flags/details/setting/setting.component.html</context>
-          <context context-type="linenumber">164,166</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/feature-flags/index/index.component.html</context>
-          <context context-type="linenumber">224</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/iam/components/policy-editor/policy-editor.component.html</context>
-          <context context-type="linenumber">9</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/iam/components/policy-editor/resources-selector/resources-selector.component.html</context>
-          <context context-type="linenumber">76</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/segments/index/index.component.html</context>
-          <context context-type="linenumber">104</context>
-        </context-group>
-      </trans-unit>
-      <trans-unit id="org.project.permission-will-become-invalid-if-change-name" datatype="html">
-        <source>Permission will become invalid if you change the name</source>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/core/components/env-drawer/env-drawer.component.html</context>
-          <context context-type="linenumber">15</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/core/components/project-drawer/project-drawer.component.html</context>
-          <context context-type="linenumber">16</context>
-        </context-group>
-      </trans-unit>
-      <trans-unit id="common.name" datatype="html">
-        <source>Name</source>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/core/components/env-drawer/env-drawer.component.html</context>
-          <context context-type="linenumber">22</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/core/components/env-drawer/env-drawer.component.html</context>
-          <context context-type="linenumber">24</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/core/components/group-drawer/group-drawer.component.html</context>
-          <context context-type="linenumber">14</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/core/components/group-drawer/group-drawer.component.html</context>
-          <context context-type="linenumber">16</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/core/components/metric-drawer/metric-drawer.component.html</context>
-          <context context-type="linenumber">12</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/core/components/metric-drawer/metric-drawer.component.html</context>
-          <context context-type="linenumber">14</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/core/components/organization-drawer/organization-drawer.component.html</context>
-          <context context-type="linenumber">13</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/core/components/organization-drawer/organization-drawer.component.html</context>
-          <context context-type="linenumber">15</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/core/components/policy-drawer/policy-drawer.component.html</context>
-          <context context-type="linenumber">14</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/core/components/policy-drawer/policy-drawer.component.html</context>
-          <context context-type="linenumber">16</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/core/components/project-drawer/project-drawer.component.html</context>
-          <context context-type="linenumber">23</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/core/components/project-drawer/project-drawer.component.html</context>
-          <context context-type="linenumber">25</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/core/components/props-drawer/props-drawer.component.html</context>
-          <context context-type="linenumber">39</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/core/components/props-drawer/props-drawer.component.html</context>
-          <context context-type="linenumber">74</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/core/components/user-segments-flags-drawer/user-segments-flags-drawer.component.html</context>
-          <context context-type="linenumber">37,38</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/core/components/user-segments-flags-drawer/user-segments-flags-drawer.component.html</context>
-          <context context-type="linenumber">85,86</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/data-sync/remote-sync/remote-sync.component.html</context>
-          <context context-type="linenumber">25</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/end-users/details/details.component.html</context>
-          <context context-type="linenumber">16</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/feature-flags/details/insights/insights.component.html</context>
-          <context context-type="linenumber">56</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/feature-flags/details/setting/setting.component.html</context>
-          <context context-type="linenumber">31</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/feature-flags/index/index.component.html</context>
-          <context context-type="linenumber">70</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/feature-flags/index/index.component.html</context>
-          <context context-type="linenumber">185</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/iam/groups/details/setting/setting.component.html</context>
-          <context context-type="linenumber">10</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/iam/groups/details/setting/setting.component.html</context>
-          <context context-type="linenumber">17</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/iam/groups/details/team/team.component.html</context>
-          <context context-type="linenumber">27</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/iam/groups/index/index.component.html</context>
-          <context context-type="linenumber">29</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/iam/policies/details/groups/groups.component.html</context>
-          <context context-type="linenumber">27</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/iam/policies/details/setting/setting.component.html</context>
-          <context context-type="linenumber">10</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/iam/policies/details/setting/setting.component.html</context>
-          <context context-type="linenumber">17</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/iam/policies/details/team/team.component.html</context>
-          <context context-type="linenumber">28</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/iam/policies/index/index.component.html</context>
-          <context context-type="linenumber">29</context>
+          <context context-type="linenumber">41</context>
         </context-group>
         <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/iam/team/details/direct-policies/direct-policies.component.html</context>
-          <context context-type="linenumber">30</context>
+          <context context-type="sourcefile">src/app/core/components/header/header.component.html</context>
+          <context context-type="linenumber">79,80</context>
         </context-group>
         <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/iam/team/details/groups/groups.component.html</context>
-          <context context-type="linenumber">27</context>
+          <context context-type="sourcefile">src/app/core/components/props-drawer/props-drawer.component.html</context>
+          <context context-type="linenumber">103</context>
         </context-group>
         <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/iam/team/details/inherited-policies/inherited-policies.component.html</context>
-          <context context-type="linenumber">23</context>
+          <context context-type="sourcefile">src/app/core/components/target-user/target-user.component.html</context>
+          <context context-type="linenumber">68</context>
         </context-group>
         <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/iam/team/details/setting/setting.component.html</context>
-          <context context-type="linenumber">10</context>
+          <context context-type="sourcefile">src/app/features/safe/feature-flags/details/setting/setting.component.html</context>
+          <context context-type="linenumber">162,163</context>
         </context-group>
         <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/iam/team/index/index.component.html</context>
-          <context context-type="linenumber">29</context>
+          <context context-type="sourcefile">src/app/features/safe/feature-flags/index/index.component.html</context>
+          <context context-type="linenumber">223</context>
         </context-group>
         <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/organizations/profile/profile.component.html</context>
-          <context context-type="linenumber">4</context>
+          <context context-type="sourcefile">src/app/features/safe/iam/components/policy-editor/resources-selector/resources-selector.component.html</context>
+          <context context-type="linenumber">75</context>
         </context-group>
         <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/organizations/profile/profile.component.html</context>
-          <context context-type="linenumber">7</context>
+          <context context-type="sourcefile">src/app/features/safe/segments/index/index.component.html</context>
+          <context context-type="linenumber">102</context>
         </context-group>
         <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/organizations/project/project.component.html</context>
-          <context context-type="linenumber">120</context>
+          <context context-type="sourcefile">src/app/features/safe/segments/index/index.component.html</context>
+          <context context-type="linenumber">141</context>
         </context-group>
+      </trans-unit>
+      <trans-unit id="org.project.permission-will-become-invalid-if-change-name" datatype="html">
+        <source>Permission will become invalid if you change the name</source>
         <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/segments/details/setting/setting.component.html</context>
+          <context context-type="sourcefile">src/app/core/components/env-drawer/env-drawer.component.html</context>
           <context context-type="linenumber">15</context>
         </context-group>
         <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/segments/index/index.component.html</context>
-          <context context-type="linenumber">35</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/segments/index/index.component.html</context>
-          <context context-type="linenumber">82</context>
+          <context context-type="sourcefile">src/app/core/components/project-drawer/project-drawer.component.html</context>
+          <context context-type="linenumber">16</context>
         </context-group>
       </trans-unit>
       <trans-unit id="org.project.envNameMandatory" datatype="html">
@@ -816,263 +1226,64 @@
           <context context-type="linenumber">127</context>
         </context-group>
       </trans-unit>
-      <trans-unit id="expt.rule-drawer.serve" datatype="html">
-        <source>serve</source>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/core/components/expt-rules-drawer/expt-rules-drawer.component.html</context>
-          <context context-type="linenumber">64</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/core/components/expt-rules-drawer/expt-rules-drawer.component.html</context>
-          <context context-type="linenumber">148</context>
-        </context-group>
-      </trans-unit>
-      <trans-unit id="expt.rule-drawer.user-percentage-to-expt" datatype="html">
-        <source>Percentage of users dispatched to experiment</source>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/core/components/expt-rules-drawer/expt-rules-drawer.component.html</context>
-          <context context-type="linenumber">68</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/core/components/expt-rules-drawer/expt-rules-drawer.component.html</context>
-          <context context-type="linenumber">94</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/core/components/expt-rules-drawer/expt-rules-drawer.component.html</context>
-          <context context-type="linenumber">152</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/core/components/expt-rules-drawer/expt-rules-drawer.component.html</context>
-          <context context-type="linenumber">178</context>
-        </context-group>
-      </trans-unit>
-      <trans-unit id="expt.rule-drawer.user-percentage-to-expt-tooltip" datatype="html">
-        <source>Compared to all users matching this rule</source>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/core/components/expt-rules-drawer/expt-rules-drawer.component.html</context>
-          <context context-type="linenumber">68</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/core/components/expt-rules-drawer/expt-rules-drawer.component.html</context>
-          <context context-type="linenumber">94</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/core/components/expt-rules-drawer/expt-rules-drawer.component.html</context>
-          <context context-type="linenumber">152</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/core/components/expt-rules-drawer/expt-rules-drawer.component.html</context>
-          <context context-type="linenumber">178</context>
-        </context-group>
-      </trans-unit>
-      <trans-unit id="expt.rule-drawer.default-rule" datatype="html">
-        <source>Default rule</source>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/core/components/expt-rules-drawer/expt-rules-drawer.component.html</context>
-          <context context-type="linenumber">88</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/core/components/expt-rules-drawer/expt-rules-drawer.component.html</context>
-          <context context-type="linenumber">172</context>
-        </context-group>
-      </trans-unit>
-      <trans-unit id="common.operation-success" datatype="html">
-        <source>Operation succeeded</source>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/core/components/expt-rules-drawer/expt-rules-drawer.component.ts</context>
-          <context context-type="linenumber">193</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/core/components/group-drawer/group-drawer.component.ts</context>
-          <context context-type="linenumber">68</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/core/components/member-drawer/member-drawer.component.ts</context>
-          <context context-type="linenumber">121</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/core/components/metric-drawer/metric-drawer.component.ts</context>
-          <context context-type="linenumber">241</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/core/components/metric-drawer/metric-drawer.component.ts</context>
-          <context context-type="linenumber">258</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/core/components/policy-drawer/policy-drawer.component.ts</context>
-          <context context-type="linenumber">68</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/core/components/props-drawer/props-drawer.component.ts</context>
-          <context context-type="linenumber">93</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/core/components/props-drawer/props-drawer.component.ts</context>
-          <context context-type="linenumber">116</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/core/components/props-drawer/props-drawer.component.ts</context>
-          <context context-type="linenumber">134</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/experiments/metrics/metrics.component.ts</context>
-          <context context-type="linenumber">85</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/feature-flags/components/flag-triggers/flag-triggers.component.ts</context>
-          <context context-type="linenumber">59</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/feature-flags/components/flag-triggers/flag-triggers.component.ts</context>
-          <context context-type="linenumber">77</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/feature-flags/components/flag-triggers/flag-triggers.component.ts</context>
-          <context context-type="linenumber">86</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/feature-flags/components/flag-triggers/flag-triggers.component.ts</context>
-          <context context-type="linenumber">97</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/feature-flags/details/setting/setting.component.ts</context>
-          <context context-type="linenumber">84</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/feature-flags/details/setting/setting.component.ts</context>
-          <context context-type="linenumber">95</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/feature-flags/details/setting/setting.component.ts</context>
-          <context context-type="linenumber">190</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/feature-flags/details/setting/setting.component.ts</context>
-          <context context-type="linenumber">322</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/feature-flags/details/setting/setting.component.ts</context>
-          <context context-type="linenumber">333</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/feature-flags/details/setting/setting.component.ts</context>
-          <context context-type="linenumber">341</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/feature-flags/index/index.component.ts</context>
-          <context context-type="linenumber">336</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/feature-flags/index/index.component.ts</context>
-          <context context-type="linenumber">349</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/feature-flags/index/index.component.ts</context>
-          <context context-type="linenumber">359</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/iam/groups/details/policies/policies.component.ts</context>
-          <context context-type="linenumber">74</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/iam/groups/details/policies/policies.component.ts</context>
-          <context context-type="linenumber">88</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/iam/groups/details/setting/setting.component.ts</context>
-          <context context-type="linenumber">42</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/iam/groups/details/setting/setting.component.ts</context>
-          <context context-type="linenumber">69</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/iam/groups/details/team/team.component.ts</context>
-          <context context-type="linenumber">73</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/iam/groups/details/team/team.component.ts</context>
-          <context context-type="linenumber">87</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/iam/groups/index/index.component.ts</context>
-          <context context-type="linenumber">84</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/iam/policies/details/groups/groups.component.ts</context>
-          <context context-type="linenumber">76</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/iam/policies/details/groups/groups.component.ts</context>
-          <context context-type="linenumber">90</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/iam/policies/details/permission/permission.component.ts</context>
-          <context context-type="linenumber">40</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/iam/policies/details/setting/setting.component.ts</context>
-          <context context-type="linenumber">46</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/iam/policies/details/setting/setting.component.ts</context>
-          <context context-type="linenumber">53</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/iam/policies/details/team/team.component.ts</context>
-          <context context-type="linenumber">76</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/iam/policies/details/team/team.component.ts</context>
-          <context context-type="linenumber">90</context>
-        </context-group>
+      <trans-unit id="expt.rule-drawer.serve" datatype="html">
+        <source>serve</source>
         <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/iam/policies/index/index.component.ts</context>
-          <context context-type="linenumber">80</context>
+          <context context-type="sourcefile">src/app/core/components/expt-rules-drawer/expt-rules-drawer.component.html</context>
+          <context context-type="linenumber">64</context>
         </context-group>
         <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/iam/team/details/direct-policies/direct-policies.component.ts</context>
-          <context context-type="linenumber">75</context>
+          <context context-type="sourcefile">src/app/core/components/expt-rules-drawer/expt-rules-drawer.component.html</context>
+          <context context-type="linenumber">148</context>
         </context-group>
+      </trans-unit>
+      <trans-unit id="expt.rule-drawer.user-percentage-to-expt" datatype="html">
+        <source>Percentage of users dispatched to experiment</source>
         <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/iam/team/details/direct-policies/direct-policies.component.ts</context>
-          <context context-type="linenumber">89</context>
+          <context context-type="sourcefile">src/app/core/components/expt-rules-drawer/expt-rules-drawer.component.html</context>
+          <context context-type="linenumber">68</context>
         </context-group>
         <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/iam/team/details/groups/groups.component.ts</context>
-          <context context-type="linenumber">81</context>
+          <context context-type="sourcefile">src/app/core/components/expt-rules-drawer/expt-rules-drawer.component.html</context>
+          <context context-type="linenumber">94</context>
         </context-group>
         <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/iam/team/details/groups/groups.component.ts</context>
-          <context context-type="linenumber">95</context>
+          <context context-type="sourcefile">src/app/core/components/expt-rules-drawer/expt-rules-drawer.component.html</context>
+          <context context-type="linenumber">152</context>
         </context-group>
         <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/iam/team/details/setting/setting.component.ts</context>
-          <context context-type="linenumber">51</context>
+          <context context-type="sourcefile">src/app/core/components/expt-rules-drawer/expt-rules-drawer.component.html</context>
+          <context context-type="linenumber">178</context>
         </context-group>
+      </trans-unit>
+      <trans-unit id="expt.rule-drawer.user-percentage-to-expt-tooltip" datatype="html">
+        <source>Compared to all users matching this rule</source>
         <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/iam/team/index/index.component.ts</context>
-          <context context-type="linenumber">72</context>
+          <context context-type="sourcefile">src/app/core/components/expt-rules-drawer/expt-rules-drawer.component.html</context>
+          <context context-type="linenumber">68</context>
         </context-group>
         <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/segments/details/setting/setting.component.ts</context>
-          <context context-type="linenumber">60</context>
+          <context context-type="sourcefile">src/app/core/components/expt-rules-drawer/expt-rules-drawer.component.html</context>
+          <context context-type="linenumber">94</context>
         </context-group>
         <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/segments/details/targeting/targeting.component.ts</context>
-          <context context-type="linenumber">136</context>
+          <context context-type="sourcefile">src/app/core/components/expt-rules-drawer/expt-rules-drawer.component.html</context>
+          <context context-type="linenumber">152</context>
         </context-group>
         <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/segments/index/index.component.ts</context>
-          <context context-type="linenumber">41</context>
+          <context context-type="sourcefile">src/app/core/components/expt-rules-drawer/expt-rules-drawer.component.html</context>
+          <context context-type="linenumber">178</context>
         </context-group>
+      </trans-unit>
+      <trans-unit id="expt.rule-drawer.default-rule" datatype="html">
+        <source>Default rule</source>
         <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/segments/index/index.component.ts</context>
-          <context context-type="linenumber">63</context>
+          <context context-type="sourcefile">src/app/core/components/expt-rules-drawer/expt-rules-drawer.component.html</context>
+          <context context-type="linenumber">88</context>
         </context-group>
         <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/segments/index/index.component.ts</context>
-          <context context-type="linenumber">76</context>
+          <context context-type="sourcefile">src/app/core/components/expt-rules-drawer/expt-rules-drawer.component.html</context>
+          <context context-type="linenumber">172</context>
         </context-group>
       </trans-unit>
       <trans-unit id="common.operation-failed" datatype="html">
@@ -1193,6 +1404,14 @@
           <context context-type="sourcefile">src/app/features/safe/iam/team/index/index.component.ts</context>
           <context context-type="linenumber">75</context>
         </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/features/safe/integrations/access-tokens/index/index.component.ts</context>
+          <context context-type="linenumber">138</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/features/safe/integrations/access-tokens/index/index.component.ts</context>
+          <context context-type="linenumber">148</context>
+        </context-group>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/features/safe/segments/details/targeting/targeting.component.ts</context>
           <context context-type="linenumber">142</context>
@@ -1455,25 +1674,6 @@
           <context context-type="linenumber">7</context>
         </context-group>
       </trans-unit>
-      <trans-unit id="common.validating" datatype="html">
-        <source>Validating...</source>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/core/components/group-drawer/group-drawer.component.html</context>
-          <context context-type="linenumber">15</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/core/components/policy-drawer/policy-drawer.component.html</context>
-          <context context-type="linenumber">15</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/feature-flags/index/index.component.html</context>
-          <context context-type="linenumber">203</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/segments/index/index.component.html</context>
-          <context context-type="linenumber">83</context>
-        </context-group>
-      </trans-unit>
       <trans-unit id="iam.groups.group-drawer.group-name-cannot-be-empty" datatype="html">
         <source>Group name cannot be empty</source>
         <context-group purpose="location">
@@ -2079,69 +2279,6 @@
           <context context-type="linenumber">116</context>
         </context-group>
       </trans-unit>
-      <trans-unit id="common.operation-failed-try-again" datatype="html">
-        <source>Operation failed, please try again</source>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/core/components/metric-drawer/metric-drawer.component.ts</context>
-          <context context-type="linenumber">244</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/core/components/target-user/target-user.component.ts</context>
-          <context context-type="linenumber">127</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/core/components/target-user/target-user.component.ts</context>
-          <context context-type="linenumber">159</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/feature-flags/details/experimentation/experimentation.component.ts</context>
-          <context context-type="linenumber">213</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/feature-flags/details/experimentation/experimentation.component.ts</context>
-          <context context-type="linenumber">229</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/feature-flags/details/experimentation/experimentation.component.ts</context>
-          <context context-type="linenumber">296</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/feature-flags/details/experimentation/experimentation.component.ts</context>
-          <context context-type="linenumber">309</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/feature-flags/details/setting/setting.component.ts</context>
-          <context context-type="linenumber">274</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/feature-flags/details/targeting/targeting.component.ts</context>
-          <context context-type="linenumber">109</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/feature-flags/index/index.component.ts</context>
-          <context context-type="linenumber">339</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/onboarding/steps/steps.component.ts</context>
-          <context context-type="linenumber">63</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/organizations/project/project.component.ts</context>
-          <context context-type="linenumber">253</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/organizations/project/project.component.ts</context>
-          <context context-type="linenumber">287</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/organizations/project/project.component.ts</context>
-          <context context-type="linenumber">303</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/segments/index/index.component.ts</context>
-          <context context-type="linenumber">79</context>
-        </context-group>
-      </trans-unit>
       <trans-unit id="org.org.createOrg" datatype="html">
         <source>Create organization</source>
         <context-group purpose="location">
@@ -2291,6 +2428,10 @@
           <context context-type="sourcefile">src/app/features/safe/iam/team/details/groups/groups.component.html</context>
           <context context-type="linenumber">54</context>
         </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/features/safe/integrations/access-tokens/index/index.component.html</context>
+          <context context-type="linenumber">39</context>
+        </context-group>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/features/safe/organizations/organization/organization.component.html</context>
           <context context-type="linenumber">29</context>
@@ -2396,6 +2537,10 @@
           <context context-type="sourcefile">src/app/features/safe/iam/team/index/index.component.html</context>
           <context context-type="linenumber">34</context>
         </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/features/safe/integrations/access-tokens/index/index.component.html</context>
+          <context context-type="linenumber">62</context>
+        </context-group>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/features/safe/segments/index/index.component.html</context>
           <context context-type="linenumber">37</context>
@@ -2473,6 +2618,10 @@
           <context context-type="sourcefile">src/app/features/safe/iam/team/index/index.component.html</context>
           <context context-type="linenumber">68</context>
         </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/features/safe/integrations/access-tokens/index/index.component.html</context>
+          <context context-type="linenumber">91</context>
+        </context-group>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/features/safe/organizations/project/project.component.html</context>
           <context context-type="linenumber">72</context>
@@ -2556,6 +2705,10 @@
           <context context-type="sourcefile">src/app/features/safe/iam/team/index/index.component.html</context>
           <context context-type="linenumber">72</context>
         </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/features/safe/integrations/access-tokens/index/index.component.html</context>
+          <context context-type="linenumber">95</context>
+        </context-group>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/features/safe/organizations/project/project.component.html</context>
           <context context-type="linenumber">75</context>
@@ -2886,6 +3039,31 @@
           <context context-type="linenumber">158,160</context>
         </context-group>
       </trans-unit>
+      <trans-unit id="integrations.access-token.active" datatype="html">
+        <source>Active</source>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/core/pipes/access-token-status.pipe.ts</context>
+          <context context-type="linenumber">12</context>
+        </context-group>
+      </trans-unit>
+      <trans-unit id="integrations.access-token.inactive" datatype="html">
+        <source>Inactive</source>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/core/pipes/access-token-status.pipe.ts</context>
+          <context context-type="linenumber">13</context>
+        </context-group>
+      </trans-unit>
+      <trans-unit id="integrations.access-token.personal" datatype="html">
+        <source>Personal</source>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/core/pipes/access-token-type.pipe.ts</context>
+          <context context-type="linenumber">9</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/core/pipes/access-token-type.pipe.ts</context>
+          <context context-type="linenumber">10</context>
+        </context-group>
+      </trans-unit>
       <trans-unit id="permission.sys-managed" datatype="html">
         <source>System Managed</source>
         <context-group purpose="location">
@@ -2998,7 +3176,7 @@
         </context-group>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/features/safe/safe-routing.module.ts</context>
-          <context context-type="linenumber">62</context>
+          <context context-type="linenumber">50</context>
         </context-group>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/features/safe/safe.component.ts</context>
@@ -3136,29 +3314,6 @@
           <context context-type="linenumber">51</context>
         </context-group>
       </trans-unit>
-      <trans-unit id="common.type" datatype="html">
-        <source>Type</source>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/data-sync/remote-sync/remote-sync.component.html</context>
-          <context context-type="linenumber">26</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/iam/policies/details/setting/setting.component.html</context>
-          <context context-type="linenumber">33</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/iam/policies/index/index.component.html</context>
-          <context context-type="linenumber">30</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/iam/team/details/direct-policies/direct-policies.component.html</context>
-          <context context-type="linenumber">31</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/iam/team/details/inherited-policies/inherited-policies.component.html</context>
-          <context context-type="linenumber">25</context>
-        </context-group>
-      </trans-unit>
       <trans-unit id="common.url" datatype="html">
         <source>URL</source>
         <context-group purpose="location">
@@ -3376,6 +3531,10 @@
           <context context-type="sourcefile">src/app/features/safe/experiments/metrics/metrics.component.html</context>
           <context context-type="linenumber">72</context>
         </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/features/safe/integrations/access-tokens/index/index.component.html</context>
+          <context context-type="linenumber">78</context>
+        </context-group>
       </trans-unit>
       <trans-unit id="common.loading-failed-try-again" datatype="html">
         <source>Loading failed, please try again</source>
@@ -4432,6 +4591,10 @@
           <context context-type="sourcefile">src/app/features/safe/feature-flags/index/index.component.html</context>
           <context context-type="linenumber">75</context>
         </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/features/safe/integrations/access-tokens/index/index.component.html</context>
+          <context context-type="linenumber">60</context>
+        </context-group>
       </trans-unit>
       <trans-unit id="common.tags" datatype="html">
         <source>Tags</source>
@@ -5038,13 +5201,6 @@
           <context context-type="linenumber">13</context>
         </context-group>
       </trans-unit>
-      <trans-unit id="common.policies" datatype="html">
-        <source>Policies</source>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/iam/groups/details/details.component.html</context>
-          <context context-type="linenumber">13</context>
-        </context-group>
-      </trans-unit>
       <trans-unit id="iam.groups.details.dp-filter-placeholder" datatype="html">
         <source>Filter by policy name</source>
         <context-group purpose="location">
@@ -5421,6 +5577,62 @@
           <context context-type="linenumber">51</context>
         </context-group>
       </trans-unit>
+      <trans-unit id="integrations.access-tokens.searchNamePlaceholder" datatype="html">
+        <source>Filter by name</source>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/features/safe/integrations/access-tokens/index/index.component.html</context>
+          <context context-type="linenumber">5</context>
+        </context-group>
+      </trans-unit>
+      <trans-unit id="integrations.access-tokens.filter-by-creator" datatype="html">
+        <source>Select creator</source>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/features/safe/integrations/access-tokens/index/index.component.html</context>
+          <context context-type="linenumber">12</context>
+        </context-group>
+      </trans-unit>
+      <trans-unit id="integrations.access-tokens.filter-by-type" datatype="html">
+        <source>Filter by type</source>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/features/safe/integrations/access-tokens/index/index.component.html</context>
+          <context context-type="linenumber">31</context>
+        </context-group>
+      </trans-unit>
+      <trans-unit id="common.creator" datatype="html">
+        <source>Creator</source>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/features/safe/integrations/access-tokens/index/index.component.html</context>
+          <context context-type="linenumber">59</context>
+        </context-group>
+      </trans-unit>
+      <trans-unit id="common.last-used" datatype="html">
+        <source>Last used</source>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/features/safe/integrations/access-tokens/index/index.component.html</context>
+          <context context-type="linenumber">61</context>
+        </context-group>
+      </trans-unit>
+      <trans-unit id="common.activate" datatype="html">
+        <source>Activate</source>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/features/safe/integrations/access-tokens/index/index.component.html</context>
+          <context context-type="linenumber">82</context>
+        </context-group>
+      </trans-unit>
+      <trans-unit id="common.Deactivate" datatype="html">
+        <source>Deactivate</source>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/features/safe/integrations/access-tokens/index/index.component.html</context>
+          <context context-type="linenumber">87</context>
+        </context-group>
+      </trans-unit>
+      <trans-unit id="integrations.routing.access-tokens" datatype="html">
+        <source>Access tokens</source>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/features/safe/integrations/integrations-routing.module.ts</context>
+          <context context-type="linenumber">14</context>
+        </context-group>
+      </trans-unit>
       <trans-unit id="onboarding.complete.title" datatype="html">
         <source>We&apos;ve created a project for</source>
         <context-group purpose="location">
@@ -5850,7 +6062,7 @@
         <source>Organization</source>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/features/safe/safe-routing.module.ts</context>
-          <context context-type="linenumber">50</context>
+          <context context-type="linenumber">57</context>
         </context-group>
       </trans-unit>
       <trans-unit id="menu.FF" datatype="html">
@@ -5923,6 +6135,20 @@
           <context context-type="linenumber">107,106</context>
         </context-group>
       </trans-unit>
+      <trans-unit id="menu.integrations" datatype="html">
+        <source>Integrations</source>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/features/safe/safe.component.ts</context>
+          <context context-type="linenumber">114,113</context>
+        </context-group>
+      </trans-unit>
+      <trans-unit id="menu.integrations.access-tokens" datatype="html">
+        <source>Access tokens</source>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/features/safe/safe.component.ts</context>
+          <context context-type="linenumber">119,118</context>
+        </context-group>
+      </trans-unit>
       <trans-unit id="segment.details.segment-not-used" datatype="html">
         <source>This segment is not used by any feature flag</source>
         <context-group purpose="location">
diff --git a/modules/front-end/src/locale/messages.zh.xlf b/modules/front-end/src/locale/messages.zh.xlf
index f914a5f86..d35e115c3 100644
--- a/modules/front-end/src/locale/messages.zh.xlf
+++ b/modules/front-end/src/locale/messages.zh.xlf
@@ -1,7 +1,734 @@
-<?xml version="1.0" encoding="UTF-8"?>
-<xliff version="1.2" xmlns="urn:oasis:names:tc:xliff:document:1.2">
+<?xml version="1.0" encoding="UTF-8"?><xliff version="1.2" xmlns="urn:oasis:names:tc:xliff:document:1.2">
   <file source-language="zh" datatype="plaintext" original="ng2.template">
     <body>
+      <trans-unit id="integrations.access-token.access-token-drawer.title" datatype="html">
+        <source>Add access token</source>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/core/components/access-token-drawer/access-token-drawer.component.html</context>
+          <context context-type="linenumber">7</context>
+        </context-group>
+        <target>添加访问密钥</target>
+      </trans-unit>
+      <trans-unit id="common.name" datatype="html">
+        <source>Name</source>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/core/components/access-token-drawer/access-token-drawer.component.html</context>
+          <context context-type="linenumber">15</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/core/components/access-token-drawer/access-token-drawer.component.html</context>
+          <context context-type="linenumber">17</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/core/components/env-drawer/env-drawer.component.html</context>
+          <context context-type="linenumber">22</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/core/components/env-drawer/env-drawer.component.html</context>
+          <context context-type="linenumber">24</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/core/components/group-drawer/group-drawer.component.html</context>
+          <context context-type="linenumber">14</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/core/components/group-drawer/group-drawer.component.html</context>
+          <context context-type="linenumber">16</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/core/components/metric-drawer/metric-drawer.component.html</context>
+          <context context-type="linenumber">12</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/core/components/metric-drawer/metric-drawer.component.html</context>
+          <context context-type="linenumber">14</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/core/components/organization-drawer/organization-drawer.component.html</context>
+          <context context-type="linenumber">13</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/core/components/organization-drawer/organization-drawer.component.html</context>
+          <context context-type="linenumber">15</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/core/components/policy-drawer/policy-drawer.component.html</context>
+          <context context-type="linenumber">14</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/core/components/policy-drawer/policy-drawer.component.html</context>
+          <context context-type="linenumber">16</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/core/components/project-drawer/project-drawer.component.html</context>
+          <context context-type="linenumber">23</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/core/components/project-drawer/project-drawer.component.html</context>
+          <context context-type="linenumber">25</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/core/components/props-drawer/props-drawer.component.html</context>
+          <context context-type="linenumber">39</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/core/components/props-drawer/props-drawer.component.html</context>
+          <context context-type="linenumber">74</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/core/components/user-segments-flags-drawer/user-segments-flags-drawer.component.html</context>
+          <context context-type="linenumber">37,38</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/core/components/user-segments-flags-drawer/user-segments-flags-drawer.component.html</context>
+          <context context-type="linenumber">85,86</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/features/safe/data-sync/remote-sync/remote-sync.component.html</context>
+          <context context-type="linenumber">25</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/features/safe/end-users/details/details.component.html</context>
+          <context context-type="linenumber">16</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/features/safe/feature-flags/details/insights/insights.component.html</context>
+          <context context-type="linenumber">56</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/features/safe/feature-flags/details/setting/setting.component.html</context>
+          <context context-type="linenumber">31</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/features/safe/feature-flags/index/index.component.html</context>
+          <context context-type="linenumber">70</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/features/safe/feature-flags/index/index.component.html</context>
+          <context context-type="linenumber">185</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/features/safe/iam/groups/details/setting/setting.component.html</context>
+          <context context-type="linenumber">10</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/features/safe/iam/groups/details/setting/setting.component.html</context>
+          <context context-type="linenumber">17</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/features/safe/iam/groups/details/team/team.component.html</context>
+          <context context-type="linenumber">27</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/features/safe/iam/groups/index/index.component.html</context>
+          <context context-type="linenumber">29</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/features/safe/iam/policies/details/groups/groups.component.html</context>
+          <context context-type="linenumber">27</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/features/safe/iam/policies/details/setting/setting.component.html</context>
+          <context context-type="linenumber">10</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/features/safe/iam/policies/details/setting/setting.component.html</context>
+          <context context-type="linenumber">17</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/features/safe/iam/policies/details/team/team.component.html</context>
+          <context context-type="linenumber">28</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/features/safe/iam/policies/index/index.component.html</context>
+          <context context-type="linenumber">29</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/features/safe/iam/team/details/direct-policies/direct-policies.component.html</context>
+          <context context-type="linenumber">30</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/features/safe/iam/team/details/groups/groups.component.html</context>
+          <context context-type="linenumber">27</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/features/safe/iam/team/details/inherited-policies/inherited-policies.component.html</context>
+          <context context-type="linenumber">23</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/features/safe/iam/team/details/setting/setting.component.html</context>
+          <context context-type="linenumber">10</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/features/safe/iam/team/index/index.component.html</context>
+          <context context-type="linenumber">29</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/features/safe/integrations/access-tokens/index/index.component.html</context>
+          <context context-type="linenumber">57</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/features/safe/organizations/profile/profile.component.html</context>
+          <context context-type="linenumber">4</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/features/safe/organizations/profile/profile.component.html</context>
+          <context context-type="linenumber">7</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/features/safe/organizations/project/project.component.html</context>
+          <context context-type="linenumber">120</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/features/safe/segments/details/setting/setting.component.html</context>
+          <context context-type="linenumber">15</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/features/safe/segments/index/index.component.html</context>
+          <context context-type="linenumber">35</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/features/safe/segments/index/index.component.html</context>
+          <context context-type="linenumber">82</context>
+        </context-group>
+        <target>名称</target>
+      </trans-unit>
+      <trans-unit id="common.validating" datatype="html">
+        <source>Validating...</source>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/core/components/access-token-drawer/access-token-drawer.component.html</context>
+          <context context-type="linenumber">16</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/core/components/group-drawer/group-drawer.component.html</context>
+          <context context-type="linenumber">15</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/core/components/policy-drawer/policy-drawer.component.html</context>
+          <context context-type="linenumber">15</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/features/safe/feature-flags/index/index.component.html</context>
+          <context context-type="linenumber">203</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/features/safe/segments/index/index.component.html</context>
+          <context context-type="linenumber">83</context>
+        </context-group>
+        <target>校验中...</target>
+      </trans-unit>
+      <trans-unit id="integrations.access-token.access-token-drawer.name-cannot-be-empty" datatype="html">
+        <source>Access token name cannot be empty</source>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/core/components/access-token-drawer/access-token-drawer.component.html</context>
+          <context context-type="linenumber">20</context>
+        </context-group>
+        <target>访问密钥名称不能为空</target>
+      </trans-unit>
+      <trans-unit id="integrations.access-token.access-token-drawer.name-unavailable" datatype="html">
+        <source>This access token name is not available</source>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/core/components/access-token-drawer/access-token-drawer.component.html</context>
+          <context context-type="linenumber">21</context>
+        </context-group>
+        <target>该名称已被使用</target>
+      </trans-unit>
+      <trans-unit id="common.type" datatype="html">
+        <source>Type</source>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/core/components/access-token-drawer/access-token-drawer.component.html</context>
+          <context context-type="linenumber">27</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/features/safe/data-sync/remote-sync/remote-sync.component.html</context>
+          <context context-type="linenumber">26</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/features/safe/iam/policies/details/setting/setting.component.html</context>
+          <context context-type="linenumber">33</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/features/safe/iam/policies/index/index.component.html</context>
+          <context context-type="linenumber">30</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/features/safe/iam/team/details/direct-policies/direct-policies.component.html</context>
+          <context context-type="linenumber">31</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/features/safe/iam/team/details/inherited-policies/inherited-policies.component.html</context>
+          <context context-type="linenumber">25</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/features/safe/integrations/access-tokens/index/index.component.html</context>
+          <context context-type="linenumber">58</context>
+        </context-group>
+        <target>类型</target>
+      </trans-unit>
+      <trans-unit id="common.policies" datatype="html">
+        <source>Policies</source>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/core/components/access-token-drawer/access-token-drawer.component.html</context>
+          <context context-type="linenumber">45</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/features/safe/iam/groups/details/details.component.html</context>
+          <context context-type="linenumber">13</context>
+        </context-group>
+        <target>策略</target>
+      </trans-unit>
+      <trans-unit id="integrations.access-token.select-policies" datatype="html">
+        <source>Select policies</source>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/core/components/access-token-drawer/access-token-drawer.component.html</context>
+          <context context-type="linenumber">50</context>
+        </context-group>
+        <target>选择策略</target>
+      </trans-unit>
+      <trans-unit id="common.loading" datatype="html">
+        <source>Loading...</source>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/core/components/access-token-drawer/access-token-drawer.component.html</context>
+          <context context-type="linenumber">68</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/core/components/audit-logs/audit-logs.component.html</context>
+          <context context-type="linenumber">26</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/core/components/experiment-drawer/experiment-drawer.component.html</context>
+          <context context-type="linenumber">36</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/core/components/experiment-drawer/experiment-drawer.component.html</context>
+          <context context-type="linenumber">66</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/core/components/member-drawer/member-drawer.component.html</context>
+          <context context-type="linenumber">38</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/core/components/member-drawer/member-drawer.component.html</context>
+          <context context-type="linenumber">55</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/core/components/metric-drawer/metric-drawer.component.html</context>
+          <context context-type="linenumber">43</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/core/components/target-user/target-user.component.html</context>
+          <context context-type="linenumber">44</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/features/safe/end-users/index/index.component.html</context>
+          <context context-type="linenumber">25</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/features/safe/end-users/index/index.component.html</context>
+          <context context-type="linenumber">60</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/features/safe/feature-flags/details/experimentation/experimentation.component.html</context>
+          <context context-type="linenumber">138</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/features/safe/feature-flags/details/insights/insights.component.html</context>
+          <context context-type="linenumber">18</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/features/safe/feature-flags/details/setting/setting.component.html</context>
+          <context context-type="linenumber">136,137</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/features/safe/feature-flags/index/index.component.html</context>
+          <context context-type="linenumber">26</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/features/safe/iam/components/policy-editor/resources-selector/resources-selector.component.html</context>
+          <context context-type="linenumber">38</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/features/safe/integrations/access-tokens/index/index.component.html</context>
+          <context context-type="linenumber">28</context>
+        </context-group>
+        <target>数据加载中...</target>
+      </trans-unit>
+      <trans-unit id="integrations.access-token.service-access-token-must-define-policies" datatype="html">
+        <source>Policies are mandatory for service type access tokens</source>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/core/components/access-token-drawer/access-token-drawer.component.html</context>
+          <context context-type="linenumber">82</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/core/components/access-token-drawer/access-token-drawer.component.ts</context>
+          <context context-type="linenumber">225</context>
+        </context-group>
+        <target>策略不能为空</target>
+      </trans-unit>
+      <trans-unit id="common.save" datatype="html">
+        <source>Save</source>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/core/components/access-token-drawer/access-token-drawer.component.html</context>
+          <context context-type="linenumber">92</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/core/components/change-review/change-review.component.html</context>
+          <context context-type="linenumber">43</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/core/components/env-drawer/env-drawer.component.html</context>
+          <context context-type="linenumber">35</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/core/components/experiment-drawer/experiment-drawer.component.html</context>
+          <context context-type="linenumber">91</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/core/components/expt-rules-drawer/expt-rules-drawer.component.html</context>
+          <context context-type="linenumber">202</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/core/components/group-drawer/group-drawer.component.html</context>
+          <context context-type="linenumber">32</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/core/components/header/header.component.html</context>
+          <context context-type="linenumber">80,81</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/core/components/member-drawer/member-drawer.component.html</context>
+          <context context-type="linenumber">61</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/core/components/metric-drawer/metric-drawer.component.html</context>
+          <context context-type="linenumber">121</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/core/components/organization-drawer/organization-drawer.component.html</context>
+          <context context-type="linenumber">18</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/core/components/policy-drawer/policy-drawer.component.html</context>
+          <context context-type="linenumber">32</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/core/components/project-drawer/project-drawer.component.html</context>
+          <context context-type="linenumber">29</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/core/components/props-drawer/props-drawer.component.html</context>
+          <context context-type="linenumber">90</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/core/components/target-user/target-user.component.html</context>
+          <context context-type="linenumber">69</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/features/safe/feature-flags/details/setting/setting.component.html</context>
+          <context context-type="linenumber">164,166</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/features/safe/feature-flags/index/index.component.html</context>
+          <context context-type="linenumber">224</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/features/safe/iam/components/policy-editor/policy-editor.component.html</context>
+          <context context-type="linenumber">9</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/features/safe/iam/components/policy-editor/resources-selector/resources-selector.component.html</context>
+          <context context-type="linenumber">76</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/features/safe/segments/index/index.component.html</context>
+          <context context-type="linenumber">104</context>
+        </context-group>
+        <target>保存</target>
+      </trans-unit>
+      <trans-unit id="common.operation-success" datatype="html">
+        <source>Operation succeeded</source>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/core/components/access-token-drawer/access-token-drawer.component.ts</context>
+          <context context-type="linenumber">204</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/core/components/access-token-drawer/access-token-drawer.component.ts</context>
+          <context context-type="linenumber">219</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/core/components/expt-rules-drawer/expt-rules-drawer.component.ts</context>
+          <context context-type="linenumber">193</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/core/components/group-drawer/group-drawer.component.ts</context>
+          <context context-type="linenumber">68</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/core/components/member-drawer/member-drawer.component.ts</context>
+          <context context-type="linenumber">121</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/core/components/metric-drawer/metric-drawer.component.ts</context>
+          <context context-type="linenumber">241</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/core/components/metric-drawer/metric-drawer.component.ts</context>
+          <context context-type="linenumber">258</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/core/components/policy-drawer/policy-drawer.component.ts</context>
+          <context context-type="linenumber">68</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/core/components/props-drawer/props-drawer.component.ts</context>
+          <context context-type="linenumber">93</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/core/components/props-drawer/props-drawer.component.ts</context>
+          <context context-type="linenumber">116</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/core/components/props-drawer/props-drawer.component.ts</context>
+          <context context-type="linenumber">134</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/features/safe/experiments/metrics/metrics.component.ts</context>
+          <context context-type="linenumber">85</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/features/safe/feature-flags/components/flag-triggers/flag-triggers.component.ts</context>
+          <context context-type="linenumber">59</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/features/safe/feature-flags/components/flag-triggers/flag-triggers.component.ts</context>
+          <context context-type="linenumber">77</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/features/safe/feature-flags/components/flag-triggers/flag-triggers.component.ts</context>
+          <context context-type="linenumber">86</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/features/safe/feature-flags/components/flag-triggers/flag-triggers.component.ts</context>
+          <context context-type="linenumber">97</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/features/safe/feature-flags/details/setting/setting.component.ts</context>
+          <context context-type="linenumber">84</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/features/safe/feature-flags/details/setting/setting.component.ts</context>
+          <context context-type="linenumber">95</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/features/safe/feature-flags/details/setting/setting.component.ts</context>
+          <context context-type="linenumber">190</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/features/safe/feature-flags/details/setting/setting.component.ts</context>
+          <context context-type="linenumber">322</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/features/safe/feature-flags/details/setting/setting.component.ts</context>
+          <context context-type="linenumber">333</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/features/safe/feature-flags/details/setting/setting.component.ts</context>
+          <context context-type="linenumber">341</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/features/safe/feature-flags/index/index.component.ts</context>
+          <context context-type="linenumber">336</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/features/safe/feature-flags/index/index.component.ts</context>
+          <context context-type="linenumber">349</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/features/safe/feature-flags/index/index.component.ts</context>
+          <context context-type="linenumber">359</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/features/safe/iam/groups/details/policies/policies.component.ts</context>
+          <context context-type="linenumber">74</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/features/safe/iam/groups/details/policies/policies.component.ts</context>
+          <context context-type="linenumber">88</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/features/safe/iam/groups/details/setting/setting.component.ts</context>
+          <context context-type="linenumber">42</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/features/safe/iam/groups/details/setting/setting.component.ts</context>
+          <context context-type="linenumber">69</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/features/safe/iam/groups/details/team/team.component.ts</context>
+          <context context-type="linenumber">73</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/features/safe/iam/groups/details/team/team.component.ts</context>
+          <context context-type="linenumber">87</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/features/safe/iam/groups/index/index.component.ts</context>
+          <context context-type="linenumber">84</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/features/safe/iam/policies/details/groups/groups.component.ts</context>
+          <context context-type="linenumber">76</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/features/safe/iam/policies/details/groups/groups.component.ts</context>
+          <context context-type="linenumber">90</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/features/safe/iam/policies/details/permission/permission.component.ts</context>
+          <context context-type="linenumber">40</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/features/safe/iam/policies/details/setting/setting.component.ts</context>
+          <context context-type="linenumber">46</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/features/safe/iam/policies/details/setting/setting.component.ts</context>
+          <context context-type="linenumber">53</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/features/safe/iam/policies/details/team/team.component.ts</context>
+          <context context-type="linenumber">76</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/features/safe/iam/policies/details/team/team.component.ts</context>
+          <context context-type="linenumber">90</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/features/safe/iam/policies/index/index.component.ts</context>
+          <context context-type="linenumber">80</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/features/safe/iam/team/details/direct-policies/direct-policies.component.ts</context>
+          <context context-type="linenumber">75</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/features/safe/iam/team/details/direct-policies/direct-policies.component.ts</context>
+          <context context-type="linenumber">89</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/features/safe/iam/team/details/groups/groups.component.ts</context>
+          <context context-type="linenumber">81</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/features/safe/iam/team/details/groups/groups.component.ts</context>
+          <context context-type="linenumber">95</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/features/safe/iam/team/details/setting/setting.component.ts</context>
+          <context context-type="linenumber">51</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/features/safe/iam/team/index/index.component.ts</context>
+          <context context-type="linenumber">72</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/features/safe/integrations/access-tokens/index/index.component.ts</context>
+          <context context-type="linenumber">134</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/features/safe/integrations/access-tokens/index/index.component.ts</context>
+          <context context-type="linenumber">145</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/features/safe/segments/details/setting/setting.component.ts</context>
+          <context context-type="linenumber">60</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/features/safe/segments/details/targeting/targeting.component.ts</context>
+          <context context-type="linenumber">136</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/features/safe/segments/index/index.component.ts</context>
+          <context context-type="linenumber">41</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/features/safe/segments/index/index.component.ts</context>
+          <context context-type="linenumber">63</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/features/safe/segments/index/index.component.ts</context>
+          <context context-type="linenumber">76</context>
+        </context-group>
+        <target>操作成功</target>
+      </trans-unit>
+      <trans-unit id="common.operation-failed-try-again" datatype="html">
+        <source>Operation failed, please try again</source>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/core/components/access-token-drawer/access-token-drawer.component.ts</context>
+          <context context-type="linenumber">207</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/core/components/metric-drawer/metric-drawer.component.ts</context>
+          <context context-type="linenumber">244</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/core/components/target-user/target-user.component.ts</context>
+          <context context-type="linenumber">127</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/core/components/target-user/target-user.component.ts</context>
+          <context context-type="linenumber">159</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/features/safe/feature-flags/details/experimentation/experimentation.component.ts</context>
+          <context context-type="linenumber">213</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/features/safe/feature-flags/details/experimentation/experimentation.component.ts</context>
+          <context context-type="linenumber">229</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/features/safe/feature-flags/details/experimentation/experimentation.component.ts</context>
+          <context context-type="linenumber">296</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/features/safe/feature-flags/details/experimentation/experimentation.component.ts</context>
+          <context context-type="linenumber">309</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/features/safe/feature-flags/details/setting/setting.component.ts</context>
+          <context context-type="linenumber">274</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/features/safe/feature-flags/details/targeting/targeting.component.ts</context>
+          <context context-type="linenumber">109</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/features/safe/feature-flags/index/index.component.ts</context>
+          <context context-type="linenumber">339</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/features/safe/onboarding/steps/steps.component.ts</context>
+          <context context-type="linenumber">63</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/features/safe/organizations/project/project.component.ts</context>
+          <context context-type="linenumber">253</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/features/safe/organizations/project/project.component.ts</context>
+          <context context-type="linenumber">287</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/features/safe/organizations/project/project.component.ts</context>
+          <context context-type="linenumber">303</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/features/safe/segments/index/index.component.ts</context>
+          <context context-type="linenumber">79</context>
+        </context-group>
+        <target>操作失败，请重试</target>
+      </trans-unit>
       <trans-unit id="auditlogs.operation-create" datatype="html">
         <source>created</source>
         <context-group purpose="location">
@@ -69,70 +796,10 @@
       <trans-unit id="auditlogs.idx.filter-by-team-member" datatype="html">
         <source>Filter by team member</source>
         <context-group purpose="location">
-          <context context-type="sourcefile">src/app/core/components/audit-logs/audit-logs.component.html</context>
-          <context context-type="linenumber">20</context>
-        </context-group>
-        <target>按团队成员查找</target>
-      </trans-unit>
-      <trans-unit id="common.loading" datatype="html">
-        <source>Loading...</source>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/core/components/audit-logs/audit-logs.component.html</context>
-          <context context-type="linenumber">26</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/core/components/experiment-drawer/experiment-drawer.component.html</context>
-          <context context-type="linenumber">36</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/core/components/experiment-drawer/experiment-drawer.component.html</context>
-          <context context-type="linenumber">66</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/core/components/member-drawer/member-drawer.component.html</context>
-          <context context-type="linenumber">38</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/core/components/member-drawer/member-drawer.component.html</context>
-          <context context-type="linenumber">55</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/core/components/metric-drawer/metric-drawer.component.html</context>
-          <context context-type="linenumber">43</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/core/components/target-user/target-user.component.html</context>
-          <context context-type="linenumber">44</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/end-users/index/index.component.html</context>
-          <context context-type="linenumber">25</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/end-users/index/index.component.html</context>
-          <context context-type="linenumber">60</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/feature-flags/details/experimentation/experimentation.component.html</context>
-          <context context-type="linenumber">138</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/feature-flags/details/insights/insights.component.html</context>
-          <context context-type="linenumber">18</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/feature-flags/details/setting/setting.component.html</context>
-          <context context-type="linenumber">136,137</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/feature-flags/index/index.component.html</context>
-          <context context-type="linenumber">26</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/iam/components/policy-editor/resources-selector/resources-selector.component.html</context>
-          <context context-type="linenumber">38</context>
+          <context context-type="sourcefile">src/app/core/components/audit-logs/audit-logs.component.html</context>
+          <context context-type="linenumber">20</context>
         </context-group>
-        <target>数据加载中...</target>
+        <target>按团队成员查找</target>
       </trans-unit>
       <trans-unit id="ff.idx.filter-by-type" datatype="html">
         <source>Filter by type</source>
@@ -365,298 +1032,50 @@
           <context context-type="linenumber">41</context>
         </context-group>
         <context-group purpose="location">
-          <context context-type="sourcefile">src/app/core/components/header/header.component.html</context>
-          <context context-type="linenumber">79,80</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/core/components/props-drawer/props-drawer.component.html</context>
-          <context context-type="linenumber">103</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/core/components/target-user/target-user.component.html</context>
-          <context context-type="linenumber">68</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/feature-flags/details/setting/setting.component.html</context>
-          <context context-type="linenumber">162,163</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/feature-flags/index/index.component.html</context>
-          <context context-type="linenumber">223</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/iam/components/policy-editor/resources-selector/resources-selector.component.html</context>
-          <context context-type="linenumber">75</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/segments/index/index.component.html</context>
-          <context context-type="linenumber">102</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/segments/index/index.component.html</context>
-          <context context-type="linenumber">141</context>
-        </context-group>
-        <target>取消</target>
-      </trans-unit>
-      <trans-unit id="common.save" datatype="html">
-        <source>Save</source>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/core/components/change-review/change-review.component.html</context>
-          <context context-type="linenumber">43</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/core/components/env-drawer/env-drawer.component.html</context>
-          <context context-type="linenumber">35</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/core/components/experiment-drawer/experiment-drawer.component.html</context>
-          <context context-type="linenumber">91</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/core/components/expt-rules-drawer/expt-rules-drawer.component.html</context>
-          <context context-type="linenumber">202</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/core/components/group-drawer/group-drawer.component.html</context>
-          <context context-type="linenumber">32</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/core/components/header/header.component.html</context>
-          <context context-type="linenumber">80,81</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/core/components/member-drawer/member-drawer.component.html</context>
-          <context context-type="linenumber">61</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/core/components/metric-drawer/metric-drawer.component.html</context>
-          <context context-type="linenumber">121</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/core/components/organization-drawer/organization-drawer.component.html</context>
-          <context context-type="linenumber">18</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/core/components/policy-drawer/policy-drawer.component.html</context>
-          <context context-type="linenumber">32</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/core/components/project-drawer/project-drawer.component.html</context>
-          <context context-type="linenumber">29</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/core/components/props-drawer/props-drawer.component.html</context>
-          <context context-type="linenumber">90</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/core/components/target-user/target-user.component.html</context>
-          <context context-type="linenumber">69</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/feature-flags/details/setting/setting.component.html</context>
-          <context context-type="linenumber">164,166</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/feature-flags/index/index.component.html</context>
-          <context context-type="linenumber">224</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/iam/components/policy-editor/policy-editor.component.html</context>
-          <context context-type="linenumber">9</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/iam/components/policy-editor/resources-selector/resources-selector.component.html</context>
-          <context context-type="linenumber">76</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/segments/index/index.component.html</context>
-          <context context-type="linenumber">104</context>
-        </context-group>
-        <target>保存</target>
-      </trans-unit>
-      <trans-unit id="org.project.permission-will-become-invalid-if-change-name" datatype="html">
-        <source>Permission will become invalid if you change the name</source>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/core/components/env-drawer/env-drawer.component.html</context>
-          <context context-type="linenumber">15</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/core/components/project-drawer/project-drawer.component.html</context>
-          <context context-type="linenumber">16</context>
-        </context-group>
-        <target>修改名称后对其设置的权限将会失效</target>
-      </trans-unit>
-      <trans-unit id="common.name" datatype="html">
-        <source>Name</source>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/core/components/env-drawer/env-drawer.component.html</context>
-          <context context-type="linenumber">22</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/core/components/env-drawer/env-drawer.component.html</context>
-          <context context-type="linenumber">24</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/core/components/group-drawer/group-drawer.component.html</context>
-          <context context-type="linenumber">14</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/core/components/group-drawer/group-drawer.component.html</context>
-          <context context-type="linenumber">16</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/core/components/metric-drawer/metric-drawer.component.html</context>
-          <context context-type="linenumber">12</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/core/components/metric-drawer/metric-drawer.component.html</context>
-          <context context-type="linenumber">14</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/core/components/organization-drawer/organization-drawer.component.html</context>
-          <context context-type="linenumber">13</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/core/components/organization-drawer/organization-drawer.component.html</context>
-          <context context-type="linenumber">15</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/core/components/policy-drawer/policy-drawer.component.html</context>
-          <context context-type="linenumber">14</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/core/components/policy-drawer/policy-drawer.component.html</context>
-          <context context-type="linenumber">16</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/core/components/project-drawer/project-drawer.component.html</context>
-          <context context-type="linenumber">23</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/core/components/project-drawer/project-drawer.component.html</context>
-          <context context-type="linenumber">25</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/core/components/props-drawer/props-drawer.component.html</context>
-          <context context-type="linenumber">39</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/core/components/props-drawer/props-drawer.component.html</context>
-          <context context-type="linenumber">74</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/core/components/user-segments-flags-drawer/user-segments-flags-drawer.component.html</context>
-          <context context-type="linenumber">37,38</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/core/components/user-segments-flags-drawer/user-segments-flags-drawer.component.html</context>
-          <context context-type="linenumber">85,86</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/data-sync/remote-sync/remote-sync.component.html</context>
-          <context context-type="linenumber">25</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/end-users/details/details.component.html</context>
-          <context context-type="linenumber">16</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/feature-flags/details/insights/insights.component.html</context>
-          <context context-type="linenumber">56</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/feature-flags/details/setting/setting.component.html</context>
-          <context context-type="linenumber">31</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/feature-flags/index/index.component.html</context>
-          <context context-type="linenumber">70</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/feature-flags/index/index.component.html</context>
-          <context context-type="linenumber">185</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/iam/groups/details/setting/setting.component.html</context>
-          <context context-type="linenumber">10</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/iam/groups/details/setting/setting.component.html</context>
-          <context context-type="linenumber">17</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/iam/groups/details/team/team.component.html</context>
-          <context context-type="linenumber">27</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/iam/groups/index/index.component.html</context>
-          <context context-type="linenumber">29</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/iam/policies/details/groups/groups.component.html</context>
-          <context context-type="linenumber">27</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/iam/policies/details/setting/setting.component.html</context>
-          <context context-type="linenumber">10</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/iam/policies/details/setting/setting.component.html</context>
-          <context context-type="linenumber">17</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/iam/policies/details/team/team.component.html</context>
-          <context context-type="linenumber">28</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/iam/policies/index/index.component.html</context>
-          <context context-type="linenumber">29</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/iam/team/details/direct-policies/direct-policies.component.html</context>
-          <context context-type="linenumber">30</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/iam/team/details/groups/groups.component.html</context>
-          <context context-type="linenumber">27</context>
+          <context context-type="sourcefile">src/app/core/components/header/header.component.html</context>
+          <context context-type="linenumber">79,80</context>
         </context-group>
         <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/iam/team/details/inherited-policies/inherited-policies.component.html</context>
-          <context context-type="linenumber">23</context>
+          <context context-type="sourcefile">src/app/core/components/props-drawer/props-drawer.component.html</context>
+          <context context-type="linenumber">103</context>
         </context-group>
         <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/iam/team/details/setting/setting.component.html</context>
-          <context context-type="linenumber">10</context>
+          <context context-type="sourcefile">src/app/core/components/target-user/target-user.component.html</context>
+          <context context-type="linenumber">68</context>
         </context-group>
         <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/iam/team/index/index.component.html</context>
-          <context context-type="linenumber">29</context>
+          <context context-type="sourcefile">src/app/features/safe/feature-flags/details/setting/setting.component.html</context>
+          <context context-type="linenumber">162,163</context>
         </context-group>
         <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/organizations/profile/profile.component.html</context>
-          <context context-type="linenumber">4</context>
+          <context context-type="sourcefile">src/app/features/safe/feature-flags/index/index.component.html</context>
+          <context context-type="linenumber">223</context>
         </context-group>
         <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/organizations/profile/profile.component.html</context>
-          <context context-type="linenumber">7</context>
+          <context context-type="sourcefile">src/app/features/safe/iam/components/policy-editor/resources-selector/resources-selector.component.html</context>
+          <context context-type="linenumber">75</context>
         </context-group>
         <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/organizations/project/project.component.html</context>
-          <context context-type="linenumber">120</context>
+          <context context-type="sourcefile">src/app/features/safe/segments/index/index.component.html</context>
+          <context context-type="linenumber">102</context>
         </context-group>
         <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/segments/details/setting/setting.component.html</context>
-          <context context-type="linenumber">15</context>
+          <context context-type="sourcefile">src/app/features/safe/segments/index/index.component.html</context>
+          <context context-type="linenumber">141</context>
         </context-group>
+        <target>取消</target>
+      </trans-unit>
+      <trans-unit id="org.project.permission-will-become-invalid-if-change-name" datatype="html">
+        <source>Permission will become invalid if you change the name</source>
         <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/segments/index/index.component.html</context>
-          <context context-type="linenumber">35</context>
+          <context context-type="sourcefile">src/app/core/components/env-drawer/env-drawer.component.html</context>
+          <context context-type="linenumber">15</context>
         </context-group>
         <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/segments/index/index.component.html</context>
-          <context context-type="linenumber">82</context>
+          <context context-type="sourcefile">src/app/core/components/project-drawer/project-drawer.component.html</context>
+          <context context-type="linenumber">16</context>
         </context-group>
-        <target>名称</target>
+        <target>修改名称后对其设置的权限将会失效</target>
       </trans-unit>
       <trans-unit id="org.project.envNameMandatory" datatype="html">
         <source>Environment name is mandatory!</source>
@@ -886,257 +1305,57 @@
         </context-group>
         <target>返回</target>
       </trans-unit>
-      <trans-unit id="expt.rule-drawer.user-percentage-to-expt" datatype="html">
-        <source>Percentage of users dispatched to experiment</source>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/core/components/expt-rules-drawer/expt-rules-drawer.component.html</context>
-          <context context-type="linenumber">68</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/core/components/expt-rules-drawer/expt-rules-drawer.component.html</context>
-          <context context-type="linenumber">94</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/core/components/expt-rules-drawer/expt-rules-drawer.component.html</context>
-          <context context-type="linenumber">152</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/core/components/expt-rules-drawer/expt-rules-drawer.component.html</context>
-          <context context-type="linenumber">178</context>
-        </context-group>
-        <target>分流入实验的用户所占百分比</target>
-      </trans-unit>
-      <trans-unit id="expt.rule-drawer.user-percentage-to-expt-tooltip" datatype="html">
-        <source>Compared to all users matching this rule</source>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/core/components/expt-rules-drawer/expt-rules-drawer.component.html</context>
-          <context context-type="linenumber">68</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/core/components/expt-rules-drawer/expt-rules-drawer.component.html</context>
-          <context context-type="linenumber">94</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/core/components/expt-rules-drawer/expt-rules-drawer.component.html</context>
-          <context context-type="linenumber">152</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/core/components/expt-rules-drawer/expt-rules-drawer.component.html</context>
-          <context context-type="linenumber">178</context>
-        </context-group>
-        <target>相对于匹配到该规则的总用户数</target>
-      </trans-unit>
-      <trans-unit id="expt.rule-drawer.default-rule" datatype="html">
-        <source>Default rule</source>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/core/components/expt-rules-drawer/expt-rules-drawer.component.html</context>
-          <context context-type="linenumber">88</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/core/components/expt-rules-drawer/expt-rules-drawer.component.html</context>
-          <context context-type="linenumber">172</context>
-        </context-group>
-        <target>默认规则</target>
-      </trans-unit>
-      <trans-unit id="common.operation-success" datatype="html">
-        <source>Operation succeeded</source>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/core/components/expt-rules-drawer/expt-rules-drawer.component.ts</context>
-          <context context-type="linenumber">193</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/core/components/group-drawer/group-drawer.component.ts</context>
-          <context context-type="linenumber">68</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/core/components/member-drawer/member-drawer.component.ts</context>
-          <context context-type="linenumber">121</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/core/components/metric-drawer/metric-drawer.component.ts</context>
-          <context context-type="linenumber">241</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/core/components/metric-drawer/metric-drawer.component.ts</context>
-          <context context-type="linenumber">258</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/core/components/policy-drawer/policy-drawer.component.ts</context>
-          <context context-type="linenumber">68</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/core/components/props-drawer/props-drawer.component.ts</context>
-          <context context-type="linenumber">93</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/core/components/props-drawer/props-drawer.component.ts</context>
-          <context context-type="linenumber">116</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/core/components/props-drawer/props-drawer.component.ts</context>
-          <context context-type="linenumber">134</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/experiments/metrics/metrics.component.ts</context>
-          <context context-type="linenumber">85</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/feature-flags/components/flag-triggers/flag-triggers.component.ts</context>
-          <context context-type="linenumber">59</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/feature-flags/components/flag-triggers/flag-triggers.component.ts</context>
-          <context context-type="linenumber">77</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/feature-flags/components/flag-triggers/flag-triggers.component.ts</context>
-          <context context-type="linenumber">86</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/feature-flags/components/flag-triggers/flag-triggers.component.ts</context>
-          <context context-type="linenumber">97</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/feature-flags/details/setting/setting.component.ts</context>
-          <context context-type="linenumber">84</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/feature-flags/details/setting/setting.component.ts</context>
-          <context context-type="linenumber">95</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/feature-flags/details/setting/setting.component.ts</context>
-          <context context-type="linenumber">190</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/feature-flags/details/setting/setting.component.ts</context>
-          <context context-type="linenumber">322</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/feature-flags/details/setting/setting.component.ts</context>
-          <context context-type="linenumber">333</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/feature-flags/details/setting/setting.component.ts</context>
-          <context context-type="linenumber">341</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/feature-flags/index/index.component.ts</context>
-          <context context-type="linenumber">336</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/feature-flags/index/index.component.ts</context>
-          <context context-type="linenumber">349</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/feature-flags/index/index.component.ts</context>
-          <context context-type="linenumber">359</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/iam/groups/details/policies/policies.component.ts</context>
-          <context context-type="linenumber">74</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/iam/groups/details/policies/policies.component.ts</context>
-          <context context-type="linenumber">88</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/iam/groups/details/setting/setting.component.ts</context>
-          <context context-type="linenumber">42</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/iam/groups/details/setting/setting.component.ts</context>
-          <context context-type="linenumber">69</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/iam/groups/details/team/team.component.ts</context>
-          <context context-type="linenumber">73</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/iam/groups/details/team/team.component.ts</context>
-          <context context-type="linenumber">87</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/iam/groups/index/index.component.ts</context>
-          <context context-type="linenumber">84</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/iam/policies/details/groups/groups.component.ts</context>
-          <context context-type="linenumber">76</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/iam/policies/details/groups/groups.component.ts</context>
-          <context context-type="linenumber">90</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/iam/policies/details/permission/permission.component.ts</context>
-          <context context-type="linenumber">40</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/iam/policies/details/setting/setting.component.ts</context>
-          <context context-type="linenumber">46</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/iam/policies/details/setting/setting.component.ts</context>
-          <context context-type="linenumber">53</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/iam/policies/details/team/team.component.ts</context>
-          <context context-type="linenumber">76</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/iam/policies/details/team/team.component.ts</context>
-          <context context-type="linenumber">90</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/iam/policies/index/index.component.ts</context>
-          <context context-type="linenumber">80</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/iam/team/details/direct-policies/direct-policies.component.ts</context>
-          <context context-type="linenumber">75</context>
-        </context-group>
+      <trans-unit id="expt.rule-drawer.user-percentage-to-expt" datatype="html">
+        <source>Percentage of users dispatched to experiment</source>
         <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/iam/team/details/direct-policies/direct-policies.component.ts</context>
-          <context context-type="linenumber">89</context>
+          <context context-type="sourcefile">src/app/core/components/expt-rules-drawer/expt-rules-drawer.component.html</context>
+          <context context-type="linenumber">68</context>
         </context-group>
         <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/iam/team/details/groups/groups.component.ts</context>
-          <context context-type="linenumber">81</context>
+          <context context-type="sourcefile">src/app/core/components/expt-rules-drawer/expt-rules-drawer.component.html</context>
+          <context context-type="linenumber">94</context>
         </context-group>
         <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/iam/team/details/groups/groups.component.ts</context>
-          <context context-type="linenumber">95</context>
+          <context context-type="sourcefile">src/app/core/components/expt-rules-drawer/expt-rules-drawer.component.html</context>
+          <context context-type="linenumber">152</context>
         </context-group>
         <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/iam/team/details/setting/setting.component.ts</context>
-          <context context-type="linenumber">51</context>
+          <context context-type="sourcefile">src/app/core/components/expt-rules-drawer/expt-rules-drawer.component.html</context>
+          <context context-type="linenumber">178</context>
         </context-group>
+        <target>分流入实验的用户所占百分比</target>
+      </trans-unit>
+      <trans-unit id="expt.rule-drawer.user-percentage-to-expt-tooltip" datatype="html">
+        <source>Compared to all users matching this rule</source>
         <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/iam/team/index/index.component.ts</context>
-          <context context-type="linenumber">72</context>
+          <context context-type="sourcefile">src/app/core/components/expt-rules-drawer/expt-rules-drawer.component.html</context>
+          <context context-type="linenumber">68</context>
         </context-group>
         <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/segments/details/setting/setting.component.ts</context>
-          <context context-type="linenumber">60</context>
+          <context context-type="sourcefile">src/app/core/components/expt-rules-drawer/expt-rules-drawer.component.html</context>
+          <context context-type="linenumber">94</context>
         </context-group>
         <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/segments/details/targeting/targeting.component.ts</context>
-          <context context-type="linenumber">136</context>
+          <context context-type="sourcefile">src/app/core/components/expt-rules-drawer/expt-rules-drawer.component.html</context>
+          <context context-type="linenumber">152</context>
         </context-group>
         <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/segments/index/index.component.ts</context>
-          <context context-type="linenumber">41</context>
+          <context context-type="sourcefile">src/app/core/components/expt-rules-drawer/expt-rules-drawer.component.html</context>
+          <context context-type="linenumber">178</context>
         </context-group>
+        <target>相对于匹配到该规则的总用户数</target>
+      </trans-unit>
+      <trans-unit id="expt.rule-drawer.default-rule" datatype="html">
+        <source>Default rule</source>
         <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/segments/index/index.component.ts</context>
-          <context context-type="linenumber">63</context>
+          <context context-type="sourcefile">src/app/core/components/expt-rules-drawer/expt-rules-drawer.component.html</context>
+          <context context-type="linenumber">88</context>
         </context-group>
         <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/segments/index/index.component.ts</context>
-          <context context-type="linenumber">76</context>
+          <context context-type="sourcefile">src/app/core/components/expt-rules-drawer/expt-rules-drawer.component.html</context>
+          <context context-type="linenumber">172</context>
         </context-group>
-        <target>操作成功</target>
+        <target>默认规则</target>
       </trans-unit>
       <trans-unit id="common.operation-failed" datatype="html">
         <source>Operation failed</source>
@@ -1256,6 +1475,14 @@
           <context context-type="sourcefile">src/app/features/safe/iam/team/index/index.component.ts</context>
           <context context-type="linenumber">75</context>
         </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/features/safe/integrations/access-tokens/index/index.component.ts</context>
+          <context context-type="linenumber">138</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/features/safe/integrations/access-tokens/index/index.component.ts</context>
+          <context context-type="linenumber">148</context>
+        </context-group>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/features/safe/segments/details/targeting/targeting.component.ts</context>
           <context context-type="linenumber">142</context>
@@ -1554,26 +1781,6 @@
         </context-group>
         <target>添加组</target>
       </trans-unit>
-      <trans-unit id="common.validating" datatype="html">
-        <source>Validating...</source>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/core/components/group-drawer/group-drawer.component.html</context>
-          <context context-type="linenumber">15</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/core/components/policy-drawer/policy-drawer.component.html</context>
-          <context context-type="linenumber">15</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/feature-flags/index/index.component.html</context>
-          <context context-type="linenumber">203</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/segments/index/index.component.html</context>
-          <context context-type="linenumber">83</context>
-        </context-group>
-        <target>校验中...</target>
-      </trans-unit>
       <trans-unit id="iam.groups.group-drawer.group-name-cannot-be-empty" datatype="html">
         <source>Group name cannot be empty</source>
         <context-group purpose="location">
@@ -2234,70 +2441,6 @@
         </context-group>
         <target>低于基准值</target>
       </trans-unit>
-      <trans-unit id="common.operation-failed-try-again" datatype="html">
-        <source>Operation failed, please try again</source>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/core/components/metric-drawer/metric-drawer.component.ts</context>
-          <context context-type="linenumber">244</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/core/components/target-user/target-user.component.ts</context>
-          <context context-type="linenumber">127</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/core/components/target-user/target-user.component.ts</context>
-          <context context-type="linenumber">159</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/feature-flags/details/experimentation/experimentation.component.ts</context>
-          <context context-type="linenumber">213</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/feature-flags/details/experimentation/experimentation.component.ts</context>
-          <context context-type="linenumber">229</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/feature-flags/details/experimentation/experimentation.component.ts</context>
-          <context context-type="linenumber">296</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/feature-flags/details/experimentation/experimentation.component.ts</context>
-          <context context-type="linenumber">309</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/feature-flags/details/setting/setting.component.ts</context>
-          <context context-type="linenumber">274</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/feature-flags/details/targeting/targeting.component.ts</context>
-          <context context-type="linenumber">109</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/feature-flags/index/index.component.ts</context>
-          <context context-type="linenumber">339</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/onboarding/steps/steps.component.ts</context>
-          <context context-type="linenumber">63</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/organizations/project/project.component.ts</context>
-          <context context-type="linenumber">253</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/organizations/project/project.component.ts</context>
-          <context context-type="linenumber">287</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/organizations/project/project.component.ts</context>
-          <context context-type="linenumber">303</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/segments/index/index.component.ts</context>
-          <context context-type="linenumber">79</context>
-        </context-group>
-        <target>操作失败，请重试</target>
-      </trans-unit>
       <trans-unit id="org.org.createOrg" datatype="html">
         <source>Create organization</source>
         <context-group purpose="location">
@@ -2460,6 +2603,10 @@
           <context context-type="sourcefile">src/app/features/safe/iam/team/details/groups/groups.component.html</context>
           <context context-type="linenumber">54</context>
         </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/features/safe/integrations/access-tokens/index/index.component.html</context>
+          <context context-type="linenumber">39</context>
+        </context-group>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/features/safe/organizations/organization/organization.component.html</context>
           <context context-type="linenumber">29</context>
@@ -2568,6 +2715,10 @@
           <context context-type="sourcefile">src/app/features/safe/iam/team/index/index.component.html</context>
           <context context-type="linenumber">34</context>
         </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/features/safe/integrations/access-tokens/index/index.component.html</context>
+          <context context-type="linenumber">62</context>
+        </context-group>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/features/safe/segments/index/index.component.html</context>
           <context context-type="linenumber">37</context>
@@ -2648,6 +2799,10 @@
           <context context-type="sourcefile">src/app/features/safe/iam/team/index/index.component.html</context>
           <context context-type="linenumber">68</context>
         </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/features/safe/integrations/access-tokens/index/index.component.html</context>
+          <context context-type="linenumber">91</context>
+        </context-group>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/features/safe/organizations/project/project.component.html</context>
           <context context-type="linenumber">72</context>
@@ -2732,6 +2887,10 @@
           <context context-type="sourcefile">src/app/features/safe/iam/team/index/index.component.html</context>
           <context context-type="linenumber">72</context>
         </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/features/safe/integrations/access-tokens/index/index.component.html</context>
+          <context context-type="linenumber">95</context>
+        </context-group>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/features/safe/organizations/project/project.component.html</context>
           <context context-type="linenumber">75</context>
@@ -3093,6 +3252,34 @@
         </context-group>
         <target>格式化</target>
       </trans-unit>
+      <trans-unit id="integrations.access-token.active" datatype="html">
+        <source>Active</source>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/core/pipes/access-token-status.pipe.ts</context>
+          <context context-type="linenumber">12</context>
+        </context-group>
+        <target>Active</target>
+      </trans-unit>
+      <trans-unit id="integrations.access-token.inactive" datatype="html">
+        <source>Inactive</source>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/core/pipes/access-token-status.pipe.ts</context>
+          <context context-type="linenumber">13</context>
+        </context-group>
+        <target>Inactive</target>
+      </trans-unit>
+      <trans-unit id="integrations.access-token.personal" datatype="html">
+        <source>Personal</source>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/core/pipes/access-token-type.pipe.ts</context>
+          <context context-type="linenumber">9</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/core/pipes/access-token-type.pipe.ts</context>
+          <context context-type="linenumber">10</context>
+        </context-group>
+        <target>Personal</target>
+      </trans-unit>
       <trans-unit id="permission.sys-managed" datatype="html">
         <source>System Managed</source>
         <context-group purpose="location">
@@ -3217,7 +3404,7 @@
         </context-group>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/features/safe/safe-routing.module.ts</context>
-          <context context-type="linenumber">62</context>
+          <context context-type="linenumber">50</context>
         </context-group>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/features/safe/safe.component.ts</context>
@@ -3373,30 +3560,6 @@
         </context-group>
         <target>添加</target>
       </trans-unit>
-      <trans-unit id="common.type" datatype="html">
-        <source>Type</source>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/data-sync/remote-sync/remote-sync.component.html</context>
-          <context context-type="linenumber">26</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/iam/policies/details/setting/setting.component.html</context>
-          <context context-type="linenumber">33</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/iam/policies/index/index.component.html</context>
-          <context context-type="linenumber">30</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/iam/team/details/direct-policies/direct-policies.component.html</context>
-          <context context-type="linenumber">31</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/iam/team/details/inherited-policies/inherited-policies.component.html</context>
-          <context context-type="linenumber">25</context>
-        </context-group>
-        <target>类型</target>
-      </trans-unit>
       <trans-unit id="common.url" datatype="html">
         <source>URL</source>
         <context-group purpose="location">
@@ -3639,6 +3802,10 @@
           <context context-type="sourcefile">src/app/features/safe/experiments/metrics/metrics.component.html</context>
           <context context-type="linenumber">72</context>
         </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/features/safe/integrations/access-tokens/index/index.component.html</context>
+          <context context-type="linenumber">78</context>
+        </context-group>
         <target>编辑</target>
       </trans-unit>
       <trans-unit id="common.loading-failed-try-again" datatype="html">
@@ -4824,6 +4991,10 @@
           <context context-type="sourcefile">src/app/features/safe/feature-flags/index/index.component.html</context>
           <context context-type="linenumber">75</context>
         </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/features/safe/integrations/access-tokens/index/index.component.html</context>
+          <context context-type="linenumber">60</context>
+        </context-group>
         <target>状态</target>
       </trans-unit>
       <trans-unit id="common.tags" datatype="html">
@@ -5501,14 +5672,6 @@
         </context-group>
         <target>团队</target>
       </trans-unit>
-      <trans-unit id="common.policies" datatype="html">
-        <source>Policies</source>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/iam/groups/details/details.component.html</context>
-          <context context-type="linenumber">13</context>
-        </context-group>
-        <target>策略</target>
-      </trans-unit>
       <trans-unit id="iam.groups.details.dp-filter-placeholder" datatype="html">
         <source>Filter by policy name</source>
         <context-group purpose="location">
@@ -5933,6 +6096,70 @@
         </context-group>
         <target>项</target>
       </trans-unit>
+      <trans-unit id="integrations.access-tokens.searchNamePlaceholder" datatype="html">
+        <source>Filter by name</source>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/features/safe/integrations/access-tokens/index/index.component.html</context>
+          <context context-type="linenumber">5</context>
+        </context-group>
+        <target>按名称查找</target>
+      </trans-unit>
+      <trans-unit id="integrations.access-tokens.filter-by-creator" datatype="html">
+        <source>Select creator</source>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/features/safe/integrations/access-tokens/index/index.component.html</context>
+          <context context-type="linenumber">12</context>
+        </context-group>
+        <target>选择创建者</target>
+      </trans-unit>
+      <trans-unit id="integrations.access-tokens.filter-by-type" datatype="html">
+        <source>Filter by type</source>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/features/safe/integrations/access-tokens/index/index.component.html</context>
+          <context context-type="linenumber">31</context>
+        </context-group>
+        <target>按类型查找</target>
+      </trans-unit>
+      <trans-unit id="common.creator" datatype="html">
+        <source>Creator</source>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/features/safe/integrations/access-tokens/index/index.component.html</context>
+          <context context-type="linenumber">59</context>
+        </context-group>
+        <target>创建者</target>
+      </trans-unit>
+      <trans-unit id="common.last-used" datatype="html">
+        <source>Last used</source>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/features/safe/integrations/access-tokens/index/index.component.html</context>
+          <context context-type="linenumber">61</context>
+        </context-group>
+        <target>上一次使用</target>
+      </trans-unit>
+      <trans-unit id="common.activate" datatype="html">
+        <source>Activate</source>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/features/safe/integrations/access-tokens/index/index.component.html</context>
+          <context context-type="linenumber">82</context>
+        </context-group>
+        <target>激活</target>
+      </trans-unit>
+      <trans-unit id="common.Deactivate" datatype="html">
+        <source>Deactivate</source>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/features/safe/integrations/access-tokens/index/index.component.html</context>
+          <context context-type="linenumber">87</context>
+        </context-group>
+        <target>停用</target>
+      </trans-unit>
+      <trans-unit id="integrations.routing.access-tokens" datatype="html">
+        <source>Access tokens</source>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/features/safe/integrations/integrations-routing.module.ts</context>
+          <context context-type="linenumber">14</context>
+        </context-group>
+        <target>访问密钥</target>
+      </trans-unit>
       <trans-unit id="onboarding.complete.title" datatype="html">
         <source>We&apos;ve created a project for</source>
         <context-group purpose="location">
@@ -6422,7 +6649,7 @@
         <source>Organization</source>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/features/safe/safe-routing.module.ts</context>
-          <context context-type="linenumber">50</context>
+          <context context-type="linenumber">57</context>
         </context-group>
         <target>组织机构</target>
       </trans-unit>
@@ -6506,6 +6733,22 @@
         </context-group>
         <target>策略</target>
       </trans-unit>
+      <trans-unit id="menu.integrations" datatype="html">
+        <source>Integrations</source>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/features/safe/safe.component.ts</context>
+          <context context-type="linenumber">114,113</context>
+        </context-group>
+        <target>服务集成</target>
+      </trans-unit>
+      <trans-unit id="menu.integrations.access-tokens" datatype="html">
+        <source>Access tokens</source>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/features/safe/safe.component.ts</context>
+          <context context-type="linenumber">119,118</context>
+        </context-group>
+        <target>访问密钥</target>
+      </trans-unit>
       <trans-unit id="segment.details.segment-not-used" datatype="html">
         <source>This segment is not used by any feature flag</source>
         <context-group purpose="location">

From e9525bfaa9b17b6f39b3609c962e8216b0d609a5 Mon Sep 17 00:00:00 2001
From: cosmos-explorer <lian.yang.work@gmail.com>
Date: Sun, 12 Mar 2023 02:13:34 +0100
Subject: [PATCH 11/44] in progress

---
 .../access-token-drawer.component.html        |  5 +---
 .../access-token-drawer.component.ts          | 30 ++++++++-----------
 .../app/core/services/permissions.service.ts  |  2 ++
 3 files changed, 15 insertions(+), 22 deletions(-)

diff --git a/modules/front-end/src/app/core/components/access-token-drawer/access-token-drawer.component.html b/modules/front-end/src/app/core/components/access-token-drawer/access-token-drawer.component.html
index 55b6a9e46..0651a4350 100644
--- a/modules/front-end/src/app/core/components/access-token-drawer/access-token-drawer.component.html
+++ b/modules/front-end/src/app/core/components/access-token-drawer/access-token-drawer.component.html
@@ -54,7 +54,7 @@
             (ngModelChange)="onPolicySelectChange()"
             (nzOnSearch)="policyDebouncer.next($event)">
             <ng-container *ngFor="let policy of policySearchResultList">
-              <nz-option nzCustomContent *ngIf="!isLoadingPolicies" [nzLabel]="policy.name" [nzValue]="policy">
+              <nz-option nzCustomContent [nzLabel]="policy.name" [nzValue]="policy">
                 <span style="display: flex;justify-content: space-between;align-items: center">
                   <span>
                   <i *ngIf="policy.type === 'SysManaged'" style="color: #28a17d;" nz-icon nzType="star" nzTheme="outline"></i>
@@ -64,9 +64,6 @@
                 </span>
               </nz-option>
             </ng-container>
-            <nz-option *ngIf="isLoadingPolicies" nzDisabled nzCustomContent>
-              <i nz-icon nzType="loading" class="loading-icon"></i> <ng-container i18n="@@common.loading">Loading...</ng-container>
-            </nz-option>
           </nz-select>
         </nz-form-control>
         <div class="selected-policies" nz-row *ngIf="selectedPolicyList.length">
diff --git a/modules/front-end/src/app/core/components/access-token-drawer/access-token-drawer.component.ts b/modules/front-end/src/app/core/components/access-token-drawer/access-token-drawer.component.ts
index cb9c03ad3..6a25d85bd 100644
--- a/modules/front-end/src/app/core/components/access-token-drawer/access-token-drawer.component.ts
+++ b/modules/front-end/src/app/core/components/access-token-drawer/access-token-drawer.component.ts
@@ -1,19 +1,17 @@
 import { Component, OnInit, Input, Output, EventEmitter, ViewChild } from '@angular/core';
 import { FormBuilder, FormControl, FormGroup, Validators } from '@angular/forms';
 import { NzMessageService } from 'ng-zorro-antd/message';
-import { debounceTime, distinctUntilChanged, first, map, switchMap } from "rxjs/operators";
+import { debounceTime, first, map, switchMap } from "rxjs/operators";
 import { PolicyService } from "@services/policy.service";
 import {
   AccessTokenTypeEnum,
   IAccessToken,
   IAccessTokenPolicy
 } from "@features/safe/integrations/access-tokens/types/access-token";
-import { PolicyFilter } from "@features/safe/iam/types/policy";
 import { NzSelectComponent } from "ng-zorro-antd/select";
 import { Subject } from "rxjs";
 import { AccessTokenService } from "@services/access-token.service";
-import { CustomEventSuccessCriteria, CustomEventTrackOption, IMetric } from "@features/safe/experiments/types";
-import { uuidv4 } from "@utils/index";
+import { PermissionsService } from "@services/permissions.service";
 
 @Component({
   selector: 'access-token-drawer',
@@ -54,12 +52,12 @@ export class AccessTokenDrawerComponent implements OnInit {
   constructor(
     private fb: FormBuilder,
     private policyService: PolicyService,
+    private permissionsService: PermissionsService,
     private accessTokenService: AccessTokenService,
     private message: NzMessageService
   ) {
     this.policyDebouncer.pipe(
-      debounceTime(500),
-      distinctUntilChanged()
+      debounceTime(100),
     ).subscribe(query => this.searchPolicies(query));
   }
 
@@ -130,19 +128,15 @@ export class AccessTokenDrawerComponent implements OnInit {
     this.validatePoliciesControl();
   }
 
-  isLoadingPolicies = true;
-
   searchPolicies(query: string = '') {
-    this.isLoadingPolicies = true;
-
-    this.policyService.getList(new PolicyFilter(query, 1, 50)).subscribe(policies => {
-      this.policySearchResultList = policies.items.map(p => ({
-        ...p,
-        isSelected: this.selectedPolicyList.some((sp => sp.id === p.id))
-      }));
-
-      this.isLoadingPolicies = false;
-    }, () => this.isLoadingPolicies = false);
+    const regex = new RegExp(query,'ig')
+    this.policySearchResultList = this.permissionsService.policies
+      .filter((policy) => query === '' || policy.name.match(regex))
+      .map((policy) => ({
+          ...policy,
+          isSelected: this.selectedPolicyList.some((sp => sp.id === policy.id))
+        })
+      );
   }
 
   nameAsyncValidator = (control: FormControl) => control.valueChanges.pipe(
diff --git a/modules/front-end/src/app/core/services/permissions.service.ts b/modules/front-end/src/app/core/services/permissions.service.ts
index a74e7383c..80720cd8e 100644
--- a/modules/front-end/src/app/core/services/permissions.service.ts
+++ b/modules/front-end/src/app/core/services/permissions.service.ts
@@ -8,6 +8,7 @@ import {EffectEnum, ResourceTypeEnum} from "@features/safe/iam/components/policy
   providedIn: 'root'
 })
 export class PermissionsService {
+  policies: IPolicy[];
   private permissions: IPolicyStatement[];
 
   genericDenyMessage: string = $localize `:@@permissions.need-permissions-to-operate:You don't have permissions to take this action, please contact the admin to grant you the necessary permissions`;
@@ -17,6 +18,7 @@ export class PermissionsService {
 
   async fetchPolicies(memberId: string) {
     const policies = await lastValueFrom<IPolicy[]>(this.memberSvc.getAllPolicies(memberId));
+    this.policies = [...policies];
     this.permissions = policies.flatMap(p => p.statements);
   }
 

From da2a2b9b5a0066f3cd8c284216074f673adfd2f4 Mon Sep 17 00:00:00 2001
From: cosmos-explorer <lian.yang.work@gmail.com>
Date: Sun, 12 Mar 2023 02:32:43 +0100
Subject: [PATCH 12/44] in progress

---
 .../docker-entrypoint-initdb.d/init.js        | 21 +++++++++++++++++++
 .../actions-selector.component.html           |  2 +-
 .../iam/components/policy-editor/types.ts     | 15 +++++++++++++
 .../front-end/src/app/shared/permissions.ts   |  7 ++++++-
 4 files changed, 43 insertions(+), 2 deletions(-)

diff --git a/infra/mongodb/docker-entrypoint-initdb.d/init.js b/infra/mongodb/docker-entrypoint-initdb.d/init.js
index 3579f200b..80089bf73 100644
--- a/infra/mongodb/docker-entrypoint-initdb.d/init.js
+++ b/infra/mongodb/docker-entrypoint-initdb.d/init.js
@@ -108,6 +108,17 @@ db.Policies.insertOne(
                 actions: ["UpdateOrgName"],
                 resources: ["account"]
             },
+            {
+                _id: getUUIDString(),
+                resourceType: "general",
+                effect: "allow",
+                actions: [
+                    "CreateServiceAccessTokens",
+                    "CreatePersonalAccessTokens",
+                    "ListAccessTokens"
+                ],
+                resources: ["account"]
+            },
             {
                 _id: getUUIDString(),
                 resourceType: "general",
@@ -151,6 +162,16 @@ db.Policies.insertOne(
                     "ListEnvs"
                 ],
                 resources: ["project"]
+            },
+            {
+                _id: getUUIDString(),
+                resourceType: "general",
+                effect: "allow",
+                actions: [
+                    "CreatePersonalAccessTokens",
+                    "ListAccessTokens"
+                ],
+                resources: ["account"]
             }
         ],
         createdAt: new Date(),
diff --git a/modules/front-end/src/app/features/safe/iam/components/policy-editor/actions-selector/actions-selector.component.html b/modules/front-end/src/app/features/safe/iam/components/policy-editor/actions-selector/actions-selector.component.html
index fb83f65e5..6b98472f4 100644
--- a/modules/front-end/src/app/features/safe/iam/components/policy-editor/actions-selector/actions-selector.component.html
+++ b/modules/front-end/src/app/features/safe/iam/components/policy-editor/actions-selector/actions-selector.component.html
@@ -7,7 +7,7 @@
   </div>
   <div class="selected-actions" *ngIf="selectedActions.length">
     <div nz-col class="action" *ngFor="let act of selectedActions">
-      <div class="inner-box">
+      <div class="inner-box" nz-tooltip="{{act.displayName}} ({{act.name}})">
         {{act.displayName}} ({{act.name}})
       </div>
       <button nz-button nzType="default" [nzSize]="'large'" (click)="removeAction(act)"><i nz-icon nzType="close"></i></button>
diff --git a/modules/front-end/src/app/features/safe/iam/components/policy-editor/types.ts b/modules/front-end/src/app/features/safe/iam/components/policy-editor/types.ts
index 6c04d785b..74e01065b 100644
--- a/modules/front-end/src/app/features/safe/iam/components/policy-editor/types.ts
+++ b/modules/front-end/src/app/features/safe/iam/components/policy-editor/types.ts
@@ -126,6 +126,21 @@ export const resourceActionsDict: {[key: string]: IamPolicyAction[]} = {
       name: permissionActions.UpdateOrgName,
       displayName: $localize`:@@iam.action.update-org-name:Update org name`
     },
+    {
+      id: uuidv4(),
+      name: permissionActions.ListAccessTokens,
+      displayName: $localize`:@@iam.action.list-access-tokens:List access tokens`
+    },
+    {
+      id: uuidv4(),
+      name: permissionActions.CreateServiceAccessTokens,
+      displayName: $localize`:@@iam.action.create-service-access-tokens:Create service access tokens`
+    },
+    {
+      id: uuidv4(),
+      name: permissionActions.CreatePersonalAccessTokens,
+      displayName: $localize`:@@iam.action.create-personal-access-tokens:Create personal access tokens`
+    },
   ],
   [`${ResourceTypeEnum.General},iam`]: [
     {
diff --git a/modules/front-end/src/app/shared/permissions.ts b/modules/front-end/src/app/shared/permissions.ts
index 29d294877..1b8472d63 100644
--- a/modules/front-end/src/app/shared/permissions.ts
+++ b/modules/front-end/src/app/shared/permissions.ts
@@ -26,5 +26,10 @@ export const permissionActions = {
   UpdateOrgName: 'UpdateOrgName',
 
   // iam
-  CanManageIAM: 'CanManageIAM'
+  CanManageIAM: 'CanManageIAM',
+
+  // access tokens
+  ListAccessTokens: 'ListAccessTokens',
+  CreateServiceAccessTokens: 'CreateServiceAccessTokens',
+  CreatePersonalAccessTokens: 'CreatePersonalAccessTokens',
 }

From 1f299f94d92cfcc1846d3ffab117ab979441a564 Mon Sep 17 00:00:00 2001
From: cosmos-explorer <lian.yang.work@gmail.com>
Date: Sun, 12 Mar 2023 02:57:45 +0100
Subject: [PATCH 13/44] in progress

---
 .../src/app/core/guards/accessTokens.guard.ts |  33 +++
 .../app/core/pipes/access-token-type.pipe.ts  |   2 +-
 .../access-tokens/index/index.component.html  |  10 +-
 .../access-tokens/index/index.component.less  |  24 +-
 .../integrations-routing.module.ts            |   2 +
 .../app/features/safe/safe-routing.module.ts  |   1 -
 modules/front-end/src/locale/messages.xlf     | 234 +++++++++--------
 modules/front-end/src/locale/messages.zh.xlf  | 242 ++++++++++--------
 8 files changed, 308 insertions(+), 240 deletions(-)
 create mode 100644 modules/front-end/src/app/core/guards/accessTokens.guard.ts

diff --git a/modules/front-end/src/app/core/guards/accessTokens.guard.ts b/modules/front-end/src/app/core/guards/accessTokens.guard.ts
new file mode 100644
index 000000000..223754ed0
--- /dev/null
+++ b/modules/front-end/src/app/core/guards/accessTokens.guard.ts
@@ -0,0 +1,33 @@
+import { Injectable } from '@angular/core';
+import { CanActivate, ActivatedRouteSnapshot, RouterStateSnapshot, UrlTree, Router } from '@angular/router';
+import {PermissionsService} from "@services/permissions.service";
+import {generalResourceRNPattern, permissionActions} from "@shared/permissions";
+import {NzMessageService} from "ng-zorro-antd/message";
+
+@Injectable({
+  providedIn: 'root'
+})
+export class AccessTokensGuard implements CanActivate {
+
+  constructor(
+    private router: Router,
+    private message: NzMessageService,
+    private permissionsService: PermissionsService
+  ) { }
+
+  async canActivate(
+    route: ActivatedRouteSnapshot,
+    state: RouterStateSnapshot): Promise<boolean | UrlTree> {
+    return await this.checkPermission(state.url);
+  }
+
+  async checkPermission(url: string): Promise<boolean | UrlTree> {
+    const canListAccessTokens = !!this.permissionsService.canTakeAction(generalResourceRNPattern.account, permissionActions.ListAccessTokens);
+
+    if (!canListAccessTokens) {
+      this.message.warning(this.permissionsService.genericDenyMessage);
+    }
+
+    return canListAccessTokens;
+  }
+}
diff --git a/modules/front-end/src/app/core/pipes/access-token-type.pipe.ts b/modules/front-end/src/app/core/pipes/access-token-type.pipe.ts
index 6a3f6e7fc..3e1fc1b65 100644
--- a/modules/front-end/src/app/core/pipes/access-token-type.pipe.ts
+++ b/modules/front-end/src/app/core/pipes/access-token-type.pipe.ts
@@ -7,7 +7,7 @@ import { AccessTokenTypeEnum } from "@features/safe/integrations/access-tokens/t
 export class AccessTokenTypePipe implements PipeTransform {
   typeDict = {
     [AccessTokenTypeEnum.Personal]: $localize `:@@integrations.access-token.personal:Personal`,
-    [AccessTokenTypeEnum.Service]: $localize `:@@integrations.access-token.personal:Service`
+    [AccessTokenTypeEnum.Service]: $localize `:@@integrations.access-token.service:Service`
   }
 
   transform(value: string): string {
diff --git a/modules/front-end/src/app/features/safe/integrations/access-tokens/index/index.component.html b/modules/front-end/src/app/features/safe/integrations/access-tokens/index/index.component.html
index 7f18224df..4f8711b58 100644
--- a/modules/front-end/src/app/features/safe/integrations/access-tokens/index/index.component.html
+++ b/modules/front-end/src/app/features/safe/integrations/access-tokens/index/index.component.html
@@ -72,7 +72,15 @@
           <ng-container *ngIf="item.creator.name">{{ item.creator.name }} ({{ item.creator.email }})</ng-container>
           <ng-container *ngIf="!item.creator.name">{{ item.creator.email }}</ng-container>
         </td>
-        <td>{{ item.status | accessTokenStatus }}</td>
+        <td class="status status-{{item.status}}">
+          <ng-container *ngIf="item.status === AccessTokenStatusActive">
+            <i nz-icon [nzType]="'check-circle'"></i>
+          </ng-container>
+          <ng-container *ngIf="item.status === AccessTokenStatusInactive">
+            <i nz-icon [nzType]="'close-circle'"></i>
+          </ng-container>
+          {{ item.status | accessTokenStatus }}
+        </td>
         <td>{{ item.lastUsedAt | date: 'YYYY-MM-dd HH:mm'}}</td>
         <td>
           <a (click)="creatOrEdit(item)" class="primary-link-btn" i18n="@@common.edit">Edit</a>
diff --git a/modules/front-end/src/app/features/safe/integrations/access-tokens/index/index.component.less b/modules/front-end/src/app/features/safe/integrations/access-tokens/index/index.component.less
index 7ca329a39..112bb4460 100644
--- a/modules/front-end/src/app/features/safe/integrations/access-tokens/index/index.component.less
+++ b/modules/front-end/src/app/features/safe/integrations/access-tokens/index/index.component.less
@@ -21,27 +21,9 @@
     }
   }
 
-  .table-wrapper {
-    .more-tags-item {
-      max-width: 150px;
-    }
-
-    .tag {
-      max-width: 150px;
-    }
-
-    .col-rn {
-      height: 56px;
-      display: flex;
-      justify-content: flex-start;
-      align-items: center;
-      .rn {
-        display: inline-block;
-        max-width: 310px;
-        overflow: hidden;
-        white-space: nowrap;
-        text-overflow: ellipsis;
-      }
+  .status {
+    &.status-Active {
+      color: @green70-color;
     }
   }
 }
diff --git a/modules/front-end/src/app/features/safe/integrations/integrations-routing.module.ts b/modules/front-end/src/app/features/safe/integrations/integrations-routing.module.ts
index 6ab0fd0c0..5fb59285d 100644
--- a/modules/front-end/src/app/features/safe/integrations/integrations-routing.module.ts
+++ b/modules/front-end/src/app/features/safe/integrations/integrations-routing.module.ts
@@ -1,6 +1,7 @@
 import { NgModule } from '@angular/core';
 import { RouterModule, Routes } from '@angular/router';
 import { IntegrationsComponent } from './integrations.component';
+import { AccessTokensGuard } from "@core/guards/accessTokens.guard";
 
 const routes: Routes = [
   {
@@ -9,6 +10,7 @@ const routes: Routes = [
     children: [
       {
         path: 'access-tokens',
+        canActivate: [AccessTokensGuard],
         loadChildren: () => import("./access-tokens/access-tokens.module").then(m => m.AccessTokensModule),
         data: {
           breadcrumb: $localize `:@@integrations.routing.access-tokens:Access tokens`
diff --git a/modules/front-end/src/app/features/safe/safe-routing.module.ts b/modules/front-end/src/app/features/safe/safe-routing.module.ts
index a6f1a1319..eb870bfed 100644
--- a/modules/front-end/src/app/features/safe/safe-routing.module.ts
+++ b/modules/front-end/src/app/features/safe/safe-routing.module.ts
@@ -64,7 +64,6 @@ const routes: Routes = [
       },
       {
         path: 'integrations',
-        canActivate: [IAMGuard],
         loadChildren: () => import("./integrations/integrations.module").then(m => m.IntegrationsModule),
       },
       {
diff --git a/modules/front-end/src/locale/messages.xlf b/modules/front-end/src/locale/messages.xlf
index 543335c4f..300c95477 100644
--- a/modules/front-end/src/locale/messages.xlf
+++ b/modules/front-end/src/locale/messages.xlf
@@ -278,89 +278,22 @@
           <context context-type="linenumber">50</context>
         </context-group>
       </trans-unit>
-      <trans-unit id="common.loading" datatype="html">
-        <source>Loading...</source>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/core/components/access-token-drawer/access-token-drawer.component.html</context>
-          <context context-type="linenumber">68</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/core/components/audit-logs/audit-logs.component.html</context>
-          <context context-type="linenumber">26</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/core/components/experiment-drawer/experiment-drawer.component.html</context>
-          <context context-type="linenumber">36</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/core/components/experiment-drawer/experiment-drawer.component.html</context>
-          <context context-type="linenumber">66</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/core/components/member-drawer/member-drawer.component.html</context>
-          <context context-type="linenumber">38</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/core/components/member-drawer/member-drawer.component.html</context>
-          <context context-type="linenumber">55</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/core/components/metric-drawer/metric-drawer.component.html</context>
-          <context context-type="linenumber">43</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/core/components/target-user/target-user.component.html</context>
-          <context context-type="linenumber">44</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/end-users/index/index.component.html</context>
-          <context context-type="linenumber">25</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/end-users/index/index.component.html</context>
-          <context context-type="linenumber">60</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/feature-flags/details/experimentation/experimentation.component.html</context>
-          <context context-type="linenumber">138</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/feature-flags/details/insights/insights.component.html</context>
-          <context context-type="linenumber">18</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/feature-flags/details/setting/setting.component.html</context>
-          <context context-type="linenumber">136,137</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/feature-flags/index/index.component.html</context>
-          <context context-type="linenumber">26</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/iam/components/policy-editor/resources-selector/resources-selector.component.html</context>
-          <context context-type="linenumber">38</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/integrations/access-tokens/index/index.component.html</context>
-          <context context-type="linenumber">28</context>
-        </context-group>
-      </trans-unit>
       <trans-unit id="integrations.access-token.service-access-token-must-define-policies" datatype="html">
         <source>Policies are mandatory for service type access tokens</source>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/core/components/access-token-drawer/access-token-drawer.component.html</context>
-          <context context-type="linenumber">82</context>
+          <context context-type="linenumber">79</context>
         </context-group>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/core/components/access-token-drawer/access-token-drawer.component.ts</context>
-          <context context-type="linenumber">225</context>
+          <context context-type="linenumber">219</context>
         </context-group>
       </trans-unit>
       <trans-unit id="common.save" datatype="html">
         <source>Save</source>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/core/components/access-token-drawer/access-token-drawer.component.html</context>
-          <context context-type="linenumber">92</context>
+          <context context-type="linenumber">89</context>
         </context-group>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/core/components/change-review/change-review.component.html</context>
@@ -439,11 +372,11 @@
         <source>Operation succeeded</source>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/core/components/access-token-drawer/access-token-drawer.component.ts</context>
-          <context context-type="linenumber">204</context>
+          <context context-type="linenumber">198</context>
         </context-group>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/core/components/access-token-drawer/access-token-drawer.component.ts</context>
-          <context context-type="linenumber">219</context>
+          <context context-type="linenumber">213</context>
         </context-group>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/core/components/expt-rules-drawer/expt-rules-drawer.component.ts</context>
@@ -654,7 +587,7 @@
         <source>Operation failed, please try again</source>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/core/components/access-token-drawer/access-token-drawer.component.ts</context>
-          <context context-type="linenumber">207</context>
+          <context context-type="linenumber">201</context>
         </context-group>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/core/components/metric-drawer/metric-drawer.component.ts</context>
@@ -780,6 +713,69 @@
           <context context-type="linenumber">20</context>
         </context-group>
       </trans-unit>
+      <trans-unit id="common.loading" datatype="html">
+        <source>Loading...</source>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/core/components/audit-logs/audit-logs.component.html</context>
+          <context context-type="linenumber">26</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/core/components/experiment-drawer/experiment-drawer.component.html</context>
+          <context context-type="linenumber">36</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/core/components/experiment-drawer/experiment-drawer.component.html</context>
+          <context context-type="linenumber">66</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/core/components/member-drawer/member-drawer.component.html</context>
+          <context context-type="linenumber">38</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/core/components/member-drawer/member-drawer.component.html</context>
+          <context context-type="linenumber">55</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/core/components/metric-drawer/metric-drawer.component.html</context>
+          <context context-type="linenumber">43</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/core/components/target-user/target-user.component.html</context>
+          <context context-type="linenumber">44</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/features/safe/end-users/index/index.component.html</context>
+          <context context-type="linenumber">25</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/features/safe/end-users/index/index.component.html</context>
+          <context context-type="linenumber">60</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/features/safe/feature-flags/details/experimentation/experimentation.component.html</context>
+          <context context-type="linenumber">138</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/features/safe/feature-flags/details/insights/insights.component.html</context>
+          <context context-type="linenumber">18</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/features/safe/feature-flags/details/setting/setting.component.html</context>
+          <context context-type="linenumber">136,137</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/features/safe/feature-flags/index/index.component.html</context>
+          <context context-type="linenumber">26</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/features/safe/iam/components/policy-editor/resources-selector/resources-selector.component.html</context>
+          <context context-type="linenumber">38</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/features/safe/integrations/access-tokens/index/index.component.html</context>
+          <context context-type="linenumber">28</context>
+        </context-group>
+      </trans-unit>
       <trans-unit id="ff.idx.filter-by-type" datatype="html">
         <source>Filter by type</source>
         <context-group purpose="location">
@@ -2620,7 +2616,7 @@
         </context-group>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/features/safe/integrations/access-tokens/index/index.component.html</context>
-          <context context-type="linenumber">91</context>
+          <context context-type="linenumber">99</context>
         </context-group>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/features/safe/organizations/project/project.component.html</context>
@@ -2707,7 +2703,7 @@
         </context-group>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/features/safe/integrations/access-tokens/index/index.component.html</context>
-          <context context-type="linenumber">95</context>
+          <context context-type="linenumber">103</context>
         </context-group>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/features/safe/organizations/project/project.component.html</context>
@@ -3059,6 +3055,9 @@
           <context context-type="sourcefile">src/app/core/pipes/access-token-type.pipe.ts</context>
           <context context-type="linenumber">9</context>
         </context-group>
+      </trans-unit>
+      <trans-unit id="integrations.access-token.service" datatype="html">
+        <source>Service</source>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/core/pipes/access-token-type.pipe.ts</context>
           <context context-type="linenumber">10</context>
@@ -3082,7 +3081,7 @@
         <source>You don&apos;t have permissions to take this action, please contact the admin to grant you the necessary permissions</source>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/core/services/permissions.service.ts</context>
-          <context context-type="linenumber">13</context>
+          <context context-type="linenumber">14</context>
         </context-group>
       </trans-unit>
       <trans-unit id="2454050363478003966" datatype="html">
@@ -3533,7 +3532,7 @@
         </context-group>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/features/safe/integrations/access-tokens/index/index.component.html</context>
-          <context context-type="linenumber">78</context>
+          <context context-type="linenumber">86</context>
         </context-group>
       </trans-unit>
       <trans-unit id="common.loading-failed-try-again" datatype="html">
@@ -5017,151 +5016,172 @@
           <context context-type="linenumber">127</context>
         </context-group>
       </trans-unit>
+      <trans-unit id="iam.action.list-access-tokens" datatype="html">
+        <source>List access tokens</source>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/features/safe/iam/components/policy-editor/types.ts</context>
+          <context context-type="linenumber">132</context>
+        </context-group>
+      </trans-unit>
+      <trans-unit id="iam.action.create-service-access-tokens" datatype="html">
+        <source>Create service access tokens</source>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/features/safe/iam/components/policy-editor/types.ts</context>
+          <context context-type="linenumber">137</context>
+        </context-group>
+      </trans-unit>
+      <trans-unit id="iam.action.create-personal-access-tokens" datatype="html">
+        <source>Create personal access tokens</source>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/features/safe/iam/components/policy-editor/types.ts</context>
+          <context context-type="linenumber">142</context>
+        </context-group>
+      </trans-unit>
       <trans-unit id="iam.action.iam" datatype="html">
         <source>IAM</source>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/features/safe/iam/components/policy-editor/types.ts</context>
-          <context context-type="linenumber">134</context>
+          <context context-type="linenumber">149</context>
         </context-group>
       </trans-unit>
       <trans-unit id="iam.action.list-projects" datatype="html">
         <source>List projects</source>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/features/safe/iam/components/policy-editor/types.ts</context>
-          <context context-type="linenumber">141</context>
+          <context context-type="linenumber">156</context>
         </context-group>
       </trans-unit>
       <trans-unit id="iam.action.create-projects" datatype="html">
         <source>Create projects</source>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/features/safe/iam/components/policy-editor/types.ts</context>
-          <context context-type="linenumber">146</context>
+          <context context-type="linenumber">161</context>
         </context-group>
       </trans-unit>
       <trans-unit id="iam.action.delete-projects" datatype="html">
         <source>Delete projects</source>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/features/safe/iam/components/policy-editor/types.ts</context>
-          <context context-type="linenumber">151</context>
+          <context context-type="linenumber">166</context>
         </context-group>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/features/safe/iam/components/policy-editor/types.ts</context>
-          <context context-type="linenumber">208</context>
+          <context context-type="linenumber">223</context>
         </context-group>
       </trans-unit>
       <trans-unit id="iam.action.update-project-settings" datatype="html">
         <source>Update project settings</source>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/features/safe/iam/components/policy-editor/types.ts</context>
-          <context context-type="linenumber">156</context>
+          <context context-type="linenumber">171</context>
         </context-group>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/features/safe/iam/components/policy-editor/types.ts</context>
-          <context context-type="linenumber">213</context>
+          <context context-type="linenumber">228</context>
         </context-group>
       </trans-unit>
       <trans-unit id="iam.action.list-envs" datatype="html">
         <source>List environments</source>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/features/safe/iam/components/policy-editor/types.ts</context>
-          <context context-type="linenumber">161</context>
+          <context context-type="linenumber">176</context>
         </context-group>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/features/safe/iam/components/policy-editor/types.ts</context>
-          <context context-type="linenumber">218</context>
+          <context context-type="linenumber">233</context>
         </context-group>
       </trans-unit>
       <trans-unit id="iam.action.create-env" datatype="html">
         <source>Create environment</source>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/features/safe/iam/components/policy-editor/types.ts</context>
-          <context context-type="linenumber">166</context>
+          <context context-type="linenumber">181</context>
         </context-group>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/features/safe/iam/components/policy-editor/types.ts</context>
-          <context context-type="linenumber">223</context>
+          <context context-type="linenumber">238</context>
         </context-group>
       </trans-unit>
       <trans-unit id="iam.action.access-envs" datatype="html">
         <source>Access environments</source>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/features/safe/iam/components/policy-editor/types.ts</context>
-          <context context-type="linenumber">171</context>
+          <context context-type="linenumber">186</context>
         </context-group>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/features/safe/iam/components/policy-editor/types.ts</context>
-          <context context-type="linenumber">203</context>
+          <context context-type="linenumber">218</context>
         </context-group>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/features/safe/iam/components/policy-editor/types.ts</context>
-          <context context-type="linenumber">245</context>
+          <context context-type="linenumber">260</context>
         </context-group>
       </trans-unit>
       <trans-unit id="iam.action.delete-envs" datatype="html">
         <source>Delete environments</source>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/features/safe/iam/components/policy-editor/types.ts</context>
-          <context context-type="linenumber">176</context>
+          <context context-type="linenumber">191</context>
         </context-group>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/features/safe/iam/components/policy-editor/types.ts</context>
-          <context context-type="linenumber">250</context>
+          <context context-type="linenumber">265</context>
         </context-group>
       </trans-unit>
       <trans-unit id="iam.action.update-env-settings" datatype="html">
         <source>Update environment settings</source>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/features/safe/iam/components/policy-editor/types.ts</context>
-          <context context-type="linenumber">181</context>
+          <context context-type="linenumber">196</context>
         </context-group>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/features/safe/iam/components/policy-editor/types.ts</context>
-          <context context-type="linenumber">255</context>
+          <context context-type="linenumber">270</context>
         </context-group>
       </trans-unit>
       <trans-unit id="iam.action.delete-env-secret" datatype="html">
         <source>Delete environment secret</source>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/features/safe/iam/components/policy-editor/types.ts</context>
-          <context context-type="linenumber">186</context>
+          <context context-type="linenumber">201</context>
         </context-group>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/features/safe/iam/components/policy-editor/types.ts</context>
-          <context context-type="linenumber">228</context>
+          <context context-type="linenumber">243</context>
         </context-group>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/features/safe/iam/components/policy-editor/types.ts</context>
-          <context context-type="linenumber">260</context>
+          <context context-type="linenumber">275</context>
         </context-group>
       </trans-unit>
       <trans-unit id="iam.action.create-env-secret" datatype="html">
         <source>Create environment secret</source>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/features/safe/iam/components/policy-editor/types.ts</context>
-          <context context-type="linenumber">191</context>
+          <context context-type="linenumber">206</context>
         </context-group>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/features/safe/iam/components/policy-editor/types.ts</context>
-          <context context-type="linenumber">233</context>
+          <context context-type="linenumber">248</context>
         </context-group>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/features/safe/iam/components/policy-editor/types.ts</context>
-          <context context-type="linenumber">265</context>
+          <context context-type="linenumber">280</context>
         </context-group>
       </trans-unit>
       <trans-unit id="iam.action.update-env-secret" datatype="html">
         <source>Update environment secret</source>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/features/safe/iam/components/policy-editor/types.ts</context>
-          <context context-type="linenumber">196</context>
+          <context context-type="linenumber">211</context>
         </context-group>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/features/safe/iam/components/policy-editor/types.ts</context>
-          <context context-type="linenumber">238</context>
+          <context context-type="linenumber">253</context>
         </context-group>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/features/safe/iam/components/policy-editor/types.ts</context>
-          <context context-type="linenumber">270</context>
+          <context context-type="linenumber">285</context>
         </context-group>
       </trans-unit>
       <trans-unit id="iam.routing.team" datatype="html">
@@ -5616,21 +5636,21 @@
         <source>Activate</source>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/features/safe/integrations/access-tokens/index/index.component.html</context>
-          <context context-type="linenumber">82</context>
+          <context context-type="linenumber">90</context>
         </context-group>
       </trans-unit>
       <trans-unit id="common.Deactivate" datatype="html">
         <source>Deactivate</source>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/features/safe/integrations/access-tokens/index/index.component.html</context>
-          <context context-type="linenumber">87</context>
+          <context context-type="linenumber">95</context>
         </context-group>
       </trans-unit>
       <trans-unit id="integrations.routing.access-tokens" datatype="html">
         <source>Access tokens</source>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/features/safe/integrations/integrations-routing.module.ts</context>
-          <context context-type="linenumber">14</context>
+          <context context-type="linenumber">16</context>
         </context-group>
       </trans-unit>
       <trans-unit id="onboarding.complete.title" datatype="html">
diff --git a/modules/front-end/src/locale/messages.zh.xlf b/modules/front-end/src/locale/messages.zh.xlf
index d35e115c3..9f55d0634 100644
--- a/modules/front-end/src/locale/messages.zh.xlf
+++ b/modules/front-end/src/locale/messages.zh.xlf
@@ -285,83 +285,15 @@
         </context-group>
         <target>选择策略</target>
       </trans-unit>
-      <trans-unit id="common.loading" datatype="html">
-        <source>Loading...</source>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/core/components/access-token-drawer/access-token-drawer.component.html</context>
-          <context context-type="linenumber">68</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/core/components/audit-logs/audit-logs.component.html</context>
-          <context context-type="linenumber">26</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/core/components/experiment-drawer/experiment-drawer.component.html</context>
-          <context context-type="linenumber">36</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/core/components/experiment-drawer/experiment-drawer.component.html</context>
-          <context context-type="linenumber">66</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/core/components/member-drawer/member-drawer.component.html</context>
-          <context context-type="linenumber">38</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/core/components/member-drawer/member-drawer.component.html</context>
-          <context context-type="linenumber">55</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/core/components/metric-drawer/metric-drawer.component.html</context>
-          <context context-type="linenumber">43</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/core/components/target-user/target-user.component.html</context>
-          <context context-type="linenumber">44</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/end-users/index/index.component.html</context>
-          <context context-type="linenumber">25</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/end-users/index/index.component.html</context>
-          <context context-type="linenumber">60</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/feature-flags/details/experimentation/experimentation.component.html</context>
-          <context context-type="linenumber">138</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/feature-flags/details/insights/insights.component.html</context>
-          <context context-type="linenumber">18</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/feature-flags/details/setting/setting.component.html</context>
-          <context context-type="linenumber">136,137</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/feature-flags/index/index.component.html</context>
-          <context context-type="linenumber">26</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/iam/components/policy-editor/resources-selector/resources-selector.component.html</context>
-          <context context-type="linenumber">38</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/integrations/access-tokens/index/index.component.html</context>
-          <context context-type="linenumber">28</context>
-        </context-group>
-        <target>数据加载中...</target>
-      </trans-unit>
       <trans-unit id="integrations.access-token.service-access-token-must-define-policies" datatype="html">
         <source>Policies are mandatory for service type access tokens</source>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/core/components/access-token-drawer/access-token-drawer.component.html</context>
-          <context context-type="linenumber">82</context>
+          <context context-type="linenumber">79</context>
         </context-group>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/core/components/access-token-drawer/access-token-drawer.component.ts</context>
-          <context context-type="linenumber">225</context>
+          <context context-type="linenumber">219</context>
         </context-group>
         <target>策略不能为空</target>
       </trans-unit>
@@ -369,7 +301,7 @@
         <source>Save</source>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/core/components/access-token-drawer/access-token-drawer.component.html</context>
-          <context context-type="linenumber">92</context>
+          <context context-type="linenumber">89</context>
         </context-group>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/core/components/change-review/change-review.component.html</context>
@@ -449,11 +381,11 @@
         <source>Operation succeeded</source>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/core/components/access-token-drawer/access-token-drawer.component.ts</context>
-          <context context-type="linenumber">204</context>
+          <context context-type="linenumber">198</context>
         </context-group>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/core/components/access-token-drawer/access-token-drawer.component.ts</context>
-          <context context-type="linenumber">219</context>
+          <context context-type="linenumber">213</context>
         </context-group>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/core/components/expt-rules-drawer/expt-rules-drawer.component.ts</context>
@@ -665,7 +597,7 @@
         <source>Operation failed, please try again</source>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/core/components/access-token-drawer/access-token-drawer.component.ts</context>
-          <context context-type="linenumber">207</context>
+          <context context-type="linenumber">201</context>
         </context-group>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/core/components/metric-drawer/metric-drawer.component.ts</context>
@@ -801,6 +733,70 @@
         </context-group>
         <target>按团队成员查找</target>
       </trans-unit>
+      <trans-unit id="common.loading" datatype="html">
+        <source>Loading...</source>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/core/components/audit-logs/audit-logs.component.html</context>
+          <context context-type="linenumber">26</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/core/components/experiment-drawer/experiment-drawer.component.html</context>
+          <context context-type="linenumber">36</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/core/components/experiment-drawer/experiment-drawer.component.html</context>
+          <context context-type="linenumber">66</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/core/components/member-drawer/member-drawer.component.html</context>
+          <context context-type="linenumber">38</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/core/components/member-drawer/member-drawer.component.html</context>
+          <context context-type="linenumber">55</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/core/components/metric-drawer/metric-drawer.component.html</context>
+          <context context-type="linenumber">43</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/core/components/target-user/target-user.component.html</context>
+          <context context-type="linenumber">44</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/features/safe/end-users/index/index.component.html</context>
+          <context context-type="linenumber">25</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/features/safe/end-users/index/index.component.html</context>
+          <context context-type="linenumber">60</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/features/safe/feature-flags/details/experimentation/experimentation.component.html</context>
+          <context context-type="linenumber">138</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/features/safe/feature-flags/details/insights/insights.component.html</context>
+          <context context-type="linenumber">18</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/features/safe/feature-flags/details/setting/setting.component.html</context>
+          <context context-type="linenumber">136,137</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/features/safe/feature-flags/index/index.component.html</context>
+          <context context-type="linenumber">26</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/features/safe/iam/components/policy-editor/resources-selector/resources-selector.component.html</context>
+          <context context-type="linenumber">38</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/features/safe/integrations/access-tokens/index/index.component.html</context>
+          <context context-type="linenumber">28</context>
+        </context-group>
+        <target>数据加载中...</target>
+      </trans-unit>
       <trans-unit id="ff.idx.filter-by-type" datatype="html">
         <source>Filter by type</source>
         <context-group purpose="location">
@@ -2801,7 +2797,7 @@
         </context-group>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/features/safe/integrations/access-tokens/index/index.component.html</context>
-          <context context-type="linenumber">91</context>
+          <context context-type="linenumber">99</context>
         </context-group>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/features/safe/organizations/project/project.component.html</context>
@@ -2889,7 +2885,7 @@
         </context-group>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/features/safe/integrations/access-tokens/index/index.component.html</context>
-          <context context-type="linenumber">95</context>
+          <context context-type="linenumber">103</context>
         </context-group>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/features/safe/organizations/project/project.component.html</context>
@@ -3274,11 +3270,15 @@
           <context context-type="sourcefile">src/app/core/pipes/access-token-type.pipe.ts</context>
           <context context-type="linenumber">9</context>
         </context-group>
+        <target>Personal</target>
+      </trans-unit>
+      <trans-unit id="integrations.access-token.service" datatype="html">
+        <source>Service</source>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/core/pipes/access-token-type.pipe.ts</context>
           <context context-type="linenumber">10</context>
         </context-group>
-        <target>Personal</target>
+        <target>Service</target>
       </trans-unit>
       <trans-unit id="permission.sys-managed" datatype="html">
         <source>System Managed</source>
@@ -3300,7 +3300,7 @@
         <source>You don&apos;t have permissions to take this action, please contact the admin to grant you the necessary permissions</source>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/core/services/permissions.service.ts</context>
-          <context context-type="linenumber">13</context>
+          <context context-type="linenumber">14</context>
         </context-group>
         <target>您未被授权进行该操作, 请联系账户管理员添加相关权限</target>
       </trans-unit>
@@ -3804,7 +3804,7 @@
         </context-group>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/features/safe/integrations/access-tokens/index/index.component.html</context>
-          <context context-type="linenumber">78</context>
+          <context context-type="linenumber">86</context>
         </context-group>
         <target>编辑</target>
       </trans-unit>
@@ -5472,11 +5472,35 @@
         </context-group>
         <target>修改机构名称</target>
       </trans-unit>
+      <trans-unit id="iam.action.list-access-tokens" datatype="html">
+        <source>List access tokens</source>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/features/safe/iam/components/policy-editor/types.ts</context>
+          <context context-type="linenumber">132</context>
+        </context-group>
+        <target>查看访问策略列表</target>
+      </trans-unit>
+      <trans-unit id="iam.action.create-service-access-tokens" datatype="html">
+        <source>Create service access tokens</source>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/features/safe/iam/components/policy-editor/types.ts</context>
+          <context context-type="linenumber">137</context>
+        </context-group>
+        <target>创建 Service 访问策略</target>
+      </trans-unit>
+      <trans-unit id="iam.action.create-personal-access-tokens" datatype="html">
+        <source>Create personal access tokens</source>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/features/safe/iam/components/policy-editor/types.ts</context>
+          <context context-type="linenumber">142</context>
+        </context-group>
+        <target>创建 Personal 访问策略</target>
+      </trans-unit>
       <trans-unit id="iam.action.iam" datatype="html">
         <source>IAM</source>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/features/safe/iam/components/policy-editor/types.ts</context>
-          <context context-type="linenumber">134</context>
+          <context context-type="linenumber">149</context>
         </context-group>
         <target>权限管理</target>
       </trans-unit>
@@ -5484,7 +5508,7 @@
         <source>List projects</source>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/features/safe/iam/components/policy-editor/types.ts</context>
-          <context context-type="linenumber">141</context>
+          <context context-type="linenumber">156</context>
         </context-group>
         <target>查看项目列表</target>
       </trans-unit>
@@ -5492,7 +5516,7 @@
         <source>Create projects</source>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/features/safe/iam/components/policy-editor/types.ts</context>
-          <context context-type="linenumber">146</context>
+          <context context-type="linenumber">161</context>
         </context-group>
         <target>创建项目</target>
       </trans-unit>
@@ -5500,11 +5524,11 @@
         <source>Delete projects</source>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/features/safe/iam/components/policy-editor/types.ts</context>
-          <context context-type="linenumber">151</context>
+          <context context-type="linenumber">166</context>
         </context-group>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/features/safe/iam/components/policy-editor/types.ts</context>
-          <context context-type="linenumber">208</context>
+          <context context-type="linenumber">223</context>
         </context-group>
         <target>删除项目</target>
       </trans-unit>
@@ -5512,11 +5536,11 @@
         <source>Update project settings</source>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/features/safe/iam/components/policy-editor/types.ts</context>
-          <context context-type="linenumber">156</context>
+          <context context-type="linenumber">171</context>
         </context-group>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/features/safe/iam/components/policy-editor/types.ts</context>
-          <context context-type="linenumber">213</context>
+          <context context-type="linenumber">228</context>
         </context-group>
         <target>修改项目设置</target>
       </trans-unit>
@@ -5524,11 +5548,11 @@
         <source>List environments</source>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/features/safe/iam/components/policy-editor/types.ts</context>
-          <context context-type="linenumber">161</context>
+          <context context-type="linenumber">176</context>
         </context-group>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/features/safe/iam/components/policy-editor/types.ts</context>
-          <context context-type="linenumber">218</context>
+          <context context-type="linenumber">233</context>
         </context-group>
         <target>查看环境列表</target>
       </trans-unit>
@@ -5536,11 +5560,11 @@
         <source>Create environment</source>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/features/safe/iam/components/policy-editor/types.ts</context>
-          <context context-type="linenumber">166</context>
+          <context context-type="linenumber">181</context>
         </context-group>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/features/safe/iam/components/policy-editor/types.ts</context>
-          <context context-type="linenumber">223</context>
+          <context context-type="linenumber">238</context>
         </context-group>
         <target>创建环境</target>
       </trans-unit>
@@ -5548,15 +5572,15 @@
         <source>Access environments</source>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/features/safe/iam/components/policy-editor/types.ts</context>
-          <context context-type="linenumber">171</context>
+          <context context-type="linenumber">186</context>
         </context-group>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/features/safe/iam/components/policy-editor/types.ts</context>
-          <context context-type="linenumber">203</context>
+          <context context-type="linenumber">218</context>
         </context-group>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/features/safe/iam/components/policy-editor/types.ts</context>
-          <context context-type="linenumber">245</context>
+          <context context-type="linenumber">260</context>
         </context-group>
         <target>进入环境</target>
       </trans-unit>
@@ -5564,11 +5588,11 @@
         <source>Delete environments</source>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/features/safe/iam/components/policy-editor/types.ts</context>
-          <context context-type="linenumber">176</context>
+          <context context-type="linenumber">191</context>
         </context-group>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/features/safe/iam/components/policy-editor/types.ts</context>
-          <context context-type="linenumber">250</context>
+          <context context-type="linenumber">265</context>
         </context-group>
         <target>删除环境</target>
       </trans-unit>
@@ -5576,11 +5600,11 @@
         <source>Update environment settings</source>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/features/safe/iam/components/policy-editor/types.ts</context>
-          <context context-type="linenumber">181</context>
+          <context context-type="linenumber">196</context>
         </context-group>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/features/safe/iam/components/policy-editor/types.ts</context>
-          <context context-type="linenumber">255</context>
+          <context context-type="linenumber">270</context>
         </context-group>
         <target>修改环境设置</target>
       </trans-unit>
@@ -5588,15 +5612,15 @@
         <source>Delete environment secret</source>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/features/safe/iam/components/policy-editor/types.ts</context>
-          <context context-type="linenumber">186</context>
+          <context context-type="linenumber">201</context>
         </context-group>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/features/safe/iam/components/policy-editor/types.ts</context>
-          <context context-type="linenumber">228</context>
+          <context context-type="linenumber">243</context>
         </context-group>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/features/safe/iam/components/policy-editor/types.ts</context>
-          <context context-type="linenumber">260</context>
+          <context context-type="linenumber">275</context>
         </context-group>
         <target>删除环境秘钥</target>
       </trans-unit>
@@ -5604,15 +5628,15 @@
         <source>Create environment secret</source>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/features/safe/iam/components/policy-editor/types.ts</context>
-          <context context-type="linenumber">191</context>
+          <context context-type="linenumber">206</context>
         </context-group>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/features/safe/iam/components/policy-editor/types.ts</context>
-          <context context-type="linenumber">233</context>
+          <context context-type="linenumber">248</context>
         </context-group>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/features/safe/iam/components/policy-editor/types.ts</context>
-          <context context-type="linenumber">265</context>
+          <context context-type="linenumber">280</context>
         </context-group>
         <target>创建环境秘钥</target>
       </trans-unit>
@@ -5620,15 +5644,15 @@
         <source>Update environment secret</source>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/features/safe/iam/components/policy-editor/types.ts</context>
-          <context context-type="linenumber">196</context>
+          <context context-type="linenumber">211</context>
         </context-group>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/features/safe/iam/components/policy-editor/types.ts</context>
-          <context context-type="linenumber">238</context>
+          <context context-type="linenumber">253</context>
         </context-group>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/features/safe/iam/components/policy-editor/types.ts</context>
-          <context context-type="linenumber">270</context>
+          <context context-type="linenumber">285</context>
         </context-group>
         <target>修改环境秘钥</target>
       </trans-unit>
@@ -6140,7 +6164,7 @@
         <source>Activate</source>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/features/safe/integrations/access-tokens/index/index.component.html</context>
-          <context context-type="linenumber">82</context>
+          <context context-type="linenumber">90</context>
         </context-group>
         <target>激活</target>
       </trans-unit>
@@ -6148,7 +6172,7 @@
         <source>Deactivate</source>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/features/safe/integrations/access-tokens/index/index.component.html</context>
-          <context context-type="linenumber">87</context>
+          <context context-type="linenumber">95</context>
         </context-group>
         <target>停用</target>
       </trans-unit>
@@ -6156,7 +6180,7 @@
         <source>Access tokens</source>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/features/safe/integrations/integrations-routing.module.ts</context>
-          <context context-type="linenumber">14</context>
+          <context context-type="linenumber">16</context>
         </context-group>
         <target>访问密钥</target>
       </trans-unit>

From 76fcb95028484c49663a53bb6ed27639bc9a678c Mon Sep 17 00:00:00 2001
From: cosmos-explorer <lian.yang.work@gmail.com>
Date: Sun, 12 Mar 2023 03:38:46 +0100
Subject: [PATCH 14/44] in progress

---
 .../src/Domain/AccessTokens/AccessToken.cs    |   2 +-
 .../AccessTokens/AccessTokenService.cs        |   4 +-
 .../access-token-drawer.component.html        |   5 +-
 .../access-token-drawer.component.ts          |  49 ++++-
 .../access-tokens/index/index.component.html  |  38 ++--
 .../access-tokens/index/index.component.ts    |  11 ++
 modules/front-end/src/locale/messages.xlf     | 178 +++++++++--------
 modules/front-end/src/locale/messages.zh.xlf  | 182 +++++++++---------
 8 files changed, 266 insertions(+), 203 deletions(-)

diff --git a/modules/back-end/src/Domain/AccessTokens/AccessToken.cs b/modules/back-end/src/Domain/AccessTokens/AccessToken.cs
index 553a699f5..d1c03f8f4 100644
--- a/modules/back-end/src/Domain/AccessTokens/AccessToken.cs
+++ b/modules/back-end/src/Domain/AccessTokens/AccessToken.cs
@@ -24,7 +24,7 @@ public AccessToken(Guid organizationId, Guid creatorId, string name, string type
         Name = name;
         
         Status = AccessTokenStatus.Active;
-        Type = AccessTokenTypes.Personal;
+        Type = type;
         Policies = policies.ToArray();
     }
     
diff --git a/modules/back-end/src/Infrastructure/AccessTokens/AccessTokenService.cs b/modules/back-end/src/Infrastructure/AccessTokens/AccessTokenService.cs
index aed6b62bf..3546711c5 100644
--- a/modules/back-end/src/Infrastructure/AccessTokens/AccessTokenService.cs
+++ b/modules/back-end/src/Infrastructure/AccessTokens/AccessTokenService.cs
@@ -30,9 +30,9 @@ public async Task<PagedResult<AccessToken>> GetListAsync(Guid organizationId, Ac
         }
         
         var creatorId = filter.CreatorId;
-        if (!string.IsNullOrWhiteSpace(type))
+        if (creatorId.HasValue)
         {
-            query = query.Where(x => x.CreatorId == creatorId);
+            query = query.Where(x => x.CreatorId == creatorId.Value);
         }
 
         var totalCount = await query.CountAsync();
diff --git a/modules/front-end/src/app/core/components/access-token-drawer/access-token-drawer.component.html b/modules/front-end/src/app/core/components/access-token-drawer/access-token-drawer.component.html
index 0651a4350..55b6a9e46 100644
--- a/modules/front-end/src/app/core/components/access-token-drawer/access-token-drawer.component.html
+++ b/modules/front-end/src/app/core/components/access-token-drawer/access-token-drawer.component.html
@@ -54,7 +54,7 @@
             (ngModelChange)="onPolicySelectChange()"
             (nzOnSearch)="policyDebouncer.next($event)">
             <ng-container *ngFor="let policy of policySearchResultList">
-              <nz-option nzCustomContent [nzLabel]="policy.name" [nzValue]="policy">
+              <nz-option nzCustomContent *ngIf="!isLoadingPolicies" [nzLabel]="policy.name" [nzValue]="policy">
                 <span style="display: flex;justify-content: space-between;align-items: center">
                   <span>
                   <i *ngIf="policy.type === 'SysManaged'" style="color: #28a17d;" nz-icon nzType="star" nzTheme="outline"></i>
@@ -64,6 +64,9 @@
                 </span>
               </nz-option>
             </ng-container>
+            <nz-option *ngIf="isLoadingPolicies" nzDisabled nzCustomContent>
+              <i nz-icon nzType="loading" class="loading-icon"></i> <ng-container i18n="@@common.loading">Loading...</ng-container>
+            </nz-option>
           </nz-select>
         </nz-form-control>
         <div class="selected-policies" nz-row *ngIf="selectedPolicyList.length">
diff --git a/modules/front-end/src/app/core/components/access-token-drawer/access-token-drawer.component.ts b/modules/front-end/src/app/core/components/access-token-drawer/access-token-drawer.component.ts
index 6a25d85bd..0aed41c66 100644
--- a/modules/front-end/src/app/core/components/access-token-drawer/access-token-drawer.component.ts
+++ b/modules/front-end/src/app/core/components/access-token-drawer/access-token-drawer.component.ts
@@ -12,6 +12,8 @@ import { NzSelectComponent } from "ng-zorro-antd/select";
 import { Subject } from "rxjs";
 import { AccessTokenService } from "@services/access-token.service";
 import { PermissionsService } from "@services/permissions.service";
+import { generalResourceRNPattern, permissionActions } from "@shared/permissions";
+import { PolicyFilter } from "@features/safe/iam/types/policy";
 
 @Component({
   selector: 'access-token-drawer',
@@ -49,6 +51,8 @@ export class AccessTokenDrawerComponent implements OnInit {
 
   policyDebouncer = new Subject<string>();
 
+  canTakeActionOnPersonalAccessToken = false;
+  canTakeActionOnServiceAccessToken = false;
   constructor(
     private fb: FormBuilder,
     private policyService: PolicyService,
@@ -59,6 +63,9 @@ export class AccessTokenDrawerComponent implements OnInit {
     this.policyDebouncer.pipe(
       debounceTime(100),
     ).subscribe(query => this.searchPolicies(query));
+
+    this.canTakeActionOnPersonalAccessToken = this.permissionsService.canTakeAction(generalResourceRNPattern.account, permissionActions.CreatePersonalAccessTokens);
+    this.canTakeActionOnServiceAccessToken = this.permissionsService.canTakeAction(generalResourceRNPattern.account, permissionActions.CreateServiceAccessTokens);
   }
 
   isServiceAccessToken: boolean = false
@@ -128,15 +135,34 @@ export class AccessTokenDrawerComponent implements OnInit {
     this.validatePoliciesControl();
   }
 
+  isLoadingPolicies = false;
   searchPolicies(query: string = '') {
-    const regex = new RegExp(query,'ig')
-    this.policySearchResultList = this.permissionsService.policies
-      .filter((policy) => query === '' || policy.name.match(regex))
-      .map((policy) => ({
-          ...policy,
-          isSelected: this.selectedPolicyList.some((sp => sp.id === policy.id))
-        })
-      );
+    const hasOwnerPolicy = this.permissionsService.policies.some((policy) => policy.name === 'Owner' && policy.type === 'SysManaged');
+
+    if (hasOwnerPolicy) {
+      this.isLoadingPolicies = true;
+
+      this.policyService.getList(new PolicyFilter(query, 1, 50)).subscribe({
+        next: policies => {
+          this.policySearchResultList = policies.items.map(p => ({
+            ...p,
+            isSelected: this.selectedPolicyList.some((sp => sp.id === p.id))
+          }));
+
+          this.isLoadingPolicies = false;
+        }, error: () => this.isLoadingPolicies = false
+      });
+    } else {
+      const regex = new RegExp(query,'ig');
+      this.policySearchResultList = this.permissionsService.policies
+        .filter((policy) => query === '' || policy.name.match(regex))
+        .map((policy) => ({
+            ...policy,
+            isSelected: this.selectedPolicyList.some((sp => sp.id === policy.id))
+          })
+        );
+    }
+
   }
 
   nameAsyncValidator = (control: FormControl) => control.valueChanges.pipe(
@@ -187,9 +213,14 @@ export class AccessTokenDrawerComponent implements OnInit {
       return;
     }
 
-    this.isLoading = true;
     const {name, type} = this.form.value;
 
+    if ((type === AccessTokenTypeEnum.Personal && !this.canTakeActionOnPersonalAccessToken) || (type === AccessTokenTypeEnum.Service && !this.canTakeActionOnServiceAccessToken)) {
+      this.message.warning($localize `:@@permissions.need-permissions-to-operate:You don't have permissions to take this action, please contact the admin to grant you the necessary permissions`);
+      return;
+    }
+
+    this.isLoading = true;
     if (this.isEditing) {
       this.accessTokenService.update(this.accessToken.id, name).subscribe({
           next: res => {
diff --git a/modules/front-end/src/app/features/safe/integrations/access-tokens/index/index.component.html b/modules/front-end/src/app/features/safe/integrations/access-tokens/index/index.component.html
index 4f8711b58..f728ef06f 100644
--- a/modules/front-end/src/app/features/safe/integrations/access-tokens/index/index.component.html
+++ b/modules/front-end/src/app/features/safe/integrations/access-tokens/index/index.component.html
@@ -29,12 +29,12 @@
         </nz-option>
       </nz-select>
       <nz-select nzAllowClear [(ngModel)]="filter.type" (ngModelChange)="doSearch(true)" i18n-nzPlaceHolder="@@integrations.access-tokens.filter-by-type" nzPlaceHolder="Filter by type">
-        <nz-option [nzValue]="AccessTokenStatusActive" [nzLabel]="AccessTokenStatusActive | accessTokenStatus"></nz-option>
-        <nz-option [nzValue]="AccessTokenStatusInactive" [nzLabel]="AccessTokenStatusInactive | accessTokenStatus"></nz-option>
+        <nz-option [nzValue]="AccessTokenTypePersonal" [nzLabel]="AccessTokenTypePersonal | accessTokenType"></nz-option>
+        <nz-option [nzValue]="AccessTokenTypeService" [nzLabel]="AccessTokenTypeService | accessTokenType"></nz-option>
       </nz-select>
     </div>
 
-    <button nz-button nzType="primary" (click)="creatOrEdit()">
+    <button *ngIf="canTakeActionOnPersonalAccessToken || canTakeActionOnServiceAccessToken" nz-button nzType="primary" (click)="creatOrEdit()">
       <i nz-icon nzType="icons:icon-add"></i>
       <ng-container i18n="@@common.add">Add</ng-container>
     </button>
@@ -83,25 +83,27 @@
         </td>
         <td>{{ item.lastUsedAt | date: 'YYYY-MM-dd HH:mm'}}</td>
         <td>
-          <a (click)="creatOrEdit(item)" class="primary-link-btn" i18n="@@common.edit">Edit</a>
+          <ng-container *ngIf="(item.type === AccessTokenTypePersonal && canTakeActionOnPersonalAccessToken) || (item.type === AccessTokenTypeService && canTakeActionOnServiceAccessToken)">
+            <a (click)="creatOrEdit(item)" class="primary-link-btn" i18n="@@common.edit">Edit</a>
 
-          <ng-container *ngIf="item.status === AccessTokenStatusInactive">
-            <nz-divider nzType="vertical"></nz-divider>
-            <a (click)="toggleStatus(item)" class="primary-link-btn" i18n="@@common.activate">Activate</a>
-          </ng-container>
+            <ng-container *ngIf="item.status === AccessTokenStatusInactive">
+              <nz-divider nzType="vertical"></nz-divider>
+              <a (click)="toggleStatus(item)" class="primary-link-btn" i18n="@@common.activate">Activate</a>
+            </ng-container>
+
+            <ng-container *ngIf="item.status === AccessTokenStatusActive">
+              <nz-divider nzType="vertical"></nz-divider>
+              <a (click)="toggleStatus(item)" style="color: #717D8A" i18n="@@common.Deactivate">Deactivate</a>
+            </ng-container>
 
-          <ng-container *ngIf="item.status === AccessTokenStatusActive">
             <nz-divider nzType="vertical"></nz-divider>
-            <a (click)="toggleStatus(item)" style="color: #717D8A" i18n="@@common.Deactivate">Deactivate</a>
+            <a style="color: #717D8A" i18n-nz-popconfirm="@@common.remove-confirm"  nz-popconfirm="This operation cannot be reverted, are you sure to remove it?"
+               nzPopconfirmPlacement="bottomRight"
+               [nzPopconfirmOverlayStyle]="{minWidth: '240px'}"
+               (nzOnConfirm)="delete(item)" [nzIcon]="iconTplIamUser">
+              <ng-container i18n="@@common.remove">Remove</ng-container>
+            </a>
           </ng-container>
-
-          <nz-divider nzType="vertical"></nz-divider>
-          <a style="color: #717D8A" i18n-nz-popconfirm="@@common.remove-confirm"  nz-popconfirm="This operation cannot be reverted, are you sure to remove it?"
-             nzPopconfirmPlacement="bottomRight"
-             [nzPopconfirmOverlayStyle]="{minWidth: '240px'}"
-             (nzOnConfirm)="delete(item)" [nzIcon]="iconTplIamUser">
-            <ng-container i18n="@@common.remove">Remove</ng-container>
-          </a>
         </td>
       </tr>
       </tbody>
diff --git a/modules/front-end/src/app/features/safe/integrations/access-tokens/index/index.component.ts b/modules/front-end/src/app/features/safe/integrations/access-tokens/index/index.component.ts
index de1a67260..c2fde6ca6 100644
--- a/modules/front-end/src/app/features/safe/integrations/access-tokens/index/index.component.ts
+++ b/modules/front-end/src/app/features/safe/integrations/access-tokens/index/index.component.ts
@@ -15,6 +15,8 @@ import { AccessTokenService } from "@services/access-token.service";
 import { IOrganization } from "@shared/types";
 import { CURRENT_ORGANIZATION } from "@utils/localstorage-keys";
 import { TeamService } from "@services/team.service";
+import { PermissionsService } from "@services/permissions.service";
+import { generalResourceRNPattern, permissionActions } from "@shared/permissions";
 
 @Component({
   selector: 'access-tokens',
@@ -26,10 +28,16 @@ export class IndexComponent implements OnInit {
   AccessTokenStatusActive = AccessTokenStatusEnum.Active;
   AccessTokenStatusInactive = AccessTokenStatusEnum.Inactive;
 
+  AccessTokenTypePersonal = AccessTokenTypeEnum.Personal;
+  AccessTokenTypeService = AccessTokenTypeEnum.Service;
+
+  canTakeActionOnPersonalAccessToken = false;
+  canTakeActionOnServiceAccessToken = false;
   constructor(
     private router: Router,
     private message: NzMessageService,
     private teamService: TeamService,
+    private permissionsService: PermissionsService,
     private accessTokenService: AccessTokenService
   ) {
     const currentAccount: IOrganization = JSON.parse(localStorage.getItem(CURRENT_ORGANIZATION()));
@@ -47,6 +55,9 @@ export class IndexComponent implements OnInit {
         }
       });
     });
+
+    this.canTakeActionOnPersonalAccessToken = this.permissionsService.canTakeAction(generalResourceRNPattern.account, permissionActions.CreatePersonalAccessTokens);
+    this.canTakeActionOnServiceAccessToken = this.permissionsService.canTakeAction(generalResourceRNPattern.account, permissionActions.CreateServiceAccessTokens);
   }
 
   private search$ = new Subject();
diff --git a/modules/front-end/src/locale/messages.xlf b/modules/front-end/src/locale/messages.xlf
index 300c95477..cfa59764d 100644
--- a/modules/front-end/src/locale/messages.xlf
+++ b/modules/front-end/src/locale/messages.xlf
@@ -278,22 +278,89 @@
           <context context-type="linenumber">50</context>
         </context-group>
       </trans-unit>
+      <trans-unit id="common.loading" datatype="html">
+        <source>Loading...</source>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/core/components/access-token-drawer/access-token-drawer.component.html</context>
+          <context context-type="linenumber">68</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/core/components/audit-logs/audit-logs.component.html</context>
+          <context context-type="linenumber">26</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/core/components/experiment-drawer/experiment-drawer.component.html</context>
+          <context context-type="linenumber">36</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/core/components/experiment-drawer/experiment-drawer.component.html</context>
+          <context context-type="linenumber">66</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/core/components/member-drawer/member-drawer.component.html</context>
+          <context context-type="linenumber">38</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/core/components/member-drawer/member-drawer.component.html</context>
+          <context context-type="linenumber">55</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/core/components/metric-drawer/metric-drawer.component.html</context>
+          <context context-type="linenumber">43</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/core/components/target-user/target-user.component.html</context>
+          <context context-type="linenumber">44</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/features/safe/end-users/index/index.component.html</context>
+          <context context-type="linenumber">25</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/features/safe/end-users/index/index.component.html</context>
+          <context context-type="linenumber">60</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/features/safe/feature-flags/details/experimentation/experimentation.component.html</context>
+          <context context-type="linenumber">138</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/features/safe/feature-flags/details/insights/insights.component.html</context>
+          <context context-type="linenumber">18</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/features/safe/feature-flags/details/setting/setting.component.html</context>
+          <context context-type="linenumber">136,137</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/features/safe/feature-flags/index/index.component.html</context>
+          <context context-type="linenumber">26</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/features/safe/iam/components/policy-editor/resources-selector/resources-selector.component.html</context>
+          <context context-type="linenumber">38</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/features/safe/integrations/access-tokens/index/index.component.html</context>
+          <context context-type="linenumber">28</context>
+        </context-group>
+      </trans-unit>
       <trans-unit id="integrations.access-token.service-access-token-must-define-policies" datatype="html">
         <source>Policies are mandatory for service type access tokens</source>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/core/components/access-token-drawer/access-token-drawer.component.html</context>
-          <context context-type="linenumber">79</context>
+          <context context-type="linenumber">82</context>
         </context-group>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/core/components/access-token-drawer/access-token-drawer.component.ts</context>
-          <context context-type="linenumber">219</context>
+          <context context-type="linenumber">250</context>
         </context-group>
       </trans-unit>
       <trans-unit id="common.save" datatype="html">
         <source>Save</source>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/core/components/access-token-drawer/access-token-drawer.component.html</context>
-          <context context-type="linenumber">89</context>
+          <context context-type="linenumber">92</context>
         </context-group>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/core/components/change-review/change-review.component.html</context>
@@ -368,15 +435,26 @@
           <context context-type="linenumber">104</context>
         </context-group>
       </trans-unit>
+      <trans-unit id="permissions.need-permissions-to-operate" datatype="html">
+        <source>You don&apos;t have permissions to take this action, please contact the admin to grant you the necessary permissions</source>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/core/components/access-token-drawer/access-token-drawer.component.ts</context>
+          <context context-type="linenumber">219</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/core/services/permissions.service.ts</context>
+          <context context-type="linenumber">14</context>
+        </context-group>
+      </trans-unit>
       <trans-unit id="common.operation-success" datatype="html">
         <source>Operation succeeded</source>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/core/components/access-token-drawer/access-token-drawer.component.ts</context>
-          <context context-type="linenumber">198</context>
+          <context context-type="linenumber">229</context>
         </context-group>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/core/components/access-token-drawer/access-token-drawer.component.ts</context>
-          <context context-type="linenumber">213</context>
+          <context context-type="linenumber">244</context>
         </context-group>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/core/components/expt-rules-drawer/expt-rules-drawer.component.ts</context>
@@ -556,11 +634,11 @@
         </context-group>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/features/safe/integrations/access-tokens/index/index.component.ts</context>
-          <context context-type="linenumber">134</context>
+          <context context-type="linenumber">145</context>
         </context-group>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/features/safe/integrations/access-tokens/index/index.component.ts</context>
-          <context context-type="linenumber">145</context>
+          <context context-type="linenumber">156</context>
         </context-group>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/features/safe/segments/details/setting/setting.component.ts</context>
@@ -587,7 +665,7 @@
         <source>Operation failed, please try again</source>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/core/components/access-token-drawer/access-token-drawer.component.ts</context>
-          <context context-type="linenumber">201</context>
+          <context context-type="linenumber">232</context>
         </context-group>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/core/components/metric-drawer/metric-drawer.component.ts</context>
@@ -713,69 +791,6 @@
           <context context-type="linenumber">20</context>
         </context-group>
       </trans-unit>
-      <trans-unit id="common.loading" datatype="html">
-        <source>Loading...</source>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/core/components/audit-logs/audit-logs.component.html</context>
-          <context context-type="linenumber">26</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/core/components/experiment-drawer/experiment-drawer.component.html</context>
-          <context context-type="linenumber">36</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/core/components/experiment-drawer/experiment-drawer.component.html</context>
-          <context context-type="linenumber">66</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/core/components/member-drawer/member-drawer.component.html</context>
-          <context context-type="linenumber">38</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/core/components/member-drawer/member-drawer.component.html</context>
-          <context context-type="linenumber">55</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/core/components/metric-drawer/metric-drawer.component.html</context>
-          <context context-type="linenumber">43</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/core/components/target-user/target-user.component.html</context>
-          <context context-type="linenumber">44</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/end-users/index/index.component.html</context>
-          <context context-type="linenumber">25</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/end-users/index/index.component.html</context>
-          <context context-type="linenumber">60</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/feature-flags/details/experimentation/experimentation.component.html</context>
-          <context context-type="linenumber">138</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/feature-flags/details/insights/insights.component.html</context>
-          <context context-type="linenumber">18</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/feature-flags/details/setting/setting.component.html</context>
-          <context context-type="linenumber">136,137</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/feature-flags/index/index.component.html</context>
-          <context context-type="linenumber">26</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/iam/components/policy-editor/resources-selector/resources-selector.component.html</context>
-          <context context-type="linenumber">38</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/integrations/access-tokens/index/index.component.html</context>
-          <context context-type="linenumber">28</context>
-        </context-group>
-      </trans-unit>
       <trans-unit id="ff.idx.filter-by-type" datatype="html">
         <source>Filter by type</source>
         <context-group purpose="location">
@@ -1402,11 +1417,11 @@
         </context-group>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/features/safe/integrations/access-tokens/index/index.component.ts</context>
-          <context context-type="linenumber">138</context>
+          <context context-type="linenumber">149</context>
         </context-group>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/features/safe/integrations/access-tokens/index/index.component.ts</context>
-          <context context-type="linenumber">148</context>
+          <context context-type="linenumber">159</context>
         </context-group>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/features/safe/segments/details/targeting/targeting.component.ts</context>
@@ -2616,7 +2631,7 @@
         </context-group>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/features/safe/integrations/access-tokens/index/index.component.html</context>
-          <context context-type="linenumber">99</context>
+          <context context-type="linenumber">100</context>
         </context-group>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/features/safe/organizations/project/project.component.html</context>
@@ -2703,7 +2718,7 @@
         </context-group>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/features/safe/integrations/access-tokens/index/index.component.html</context>
-          <context context-type="linenumber">103</context>
+          <context context-type="linenumber">104</context>
         </context-group>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/features/safe/organizations/project/project.component.html</context>
@@ -3077,13 +3092,6 @@
           <context context-type="linenumber">9</context>
         </context-group>
       </trans-unit>
-      <trans-unit id="permissions.need-permissions-to-operate" datatype="html">
-        <source>You don&apos;t have permissions to take this action, please contact the admin to grant you the necessary permissions</source>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/core/services/permissions.service.ts</context>
-          <context context-type="linenumber">14</context>
-        </context-group>
-      </trans-unit>
       <trans-unit id="2454050363478003966" datatype="html">
         <source>Login</source>
         <context-group purpose="location">
@@ -3532,7 +3540,7 @@
         </context-group>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/features/safe/integrations/access-tokens/index/index.component.html</context>
-          <context context-type="linenumber">86</context>
+          <context context-type="linenumber">87</context>
         </context-group>
       </trans-unit>
       <trans-unit id="common.loading-failed-try-again" datatype="html">
@@ -5636,14 +5644,14 @@
         <source>Activate</source>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/features/safe/integrations/access-tokens/index/index.component.html</context>
-          <context context-type="linenumber">90</context>
+          <context context-type="linenumber">91</context>
         </context-group>
       </trans-unit>
       <trans-unit id="common.Deactivate" datatype="html">
         <source>Deactivate</source>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/features/safe/integrations/access-tokens/index/index.component.html</context>
-          <context context-type="linenumber">95</context>
+          <context context-type="linenumber">96</context>
         </context-group>
       </trans-unit>
       <trans-unit id="integrations.routing.access-tokens" datatype="html">
diff --git a/modules/front-end/src/locale/messages.zh.xlf b/modules/front-end/src/locale/messages.zh.xlf
index 9f55d0634..6dc7844cf 100644
--- a/modules/front-end/src/locale/messages.zh.xlf
+++ b/modules/front-end/src/locale/messages.zh.xlf
@@ -285,15 +285,83 @@
         </context-group>
         <target>选择策略</target>
       </trans-unit>
+      <trans-unit id="common.loading" datatype="html">
+        <source>Loading...</source>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/core/components/access-token-drawer/access-token-drawer.component.html</context>
+          <context context-type="linenumber">68</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/core/components/audit-logs/audit-logs.component.html</context>
+          <context context-type="linenumber">26</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/core/components/experiment-drawer/experiment-drawer.component.html</context>
+          <context context-type="linenumber">36</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/core/components/experiment-drawer/experiment-drawer.component.html</context>
+          <context context-type="linenumber">66</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/core/components/member-drawer/member-drawer.component.html</context>
+          <context context-type="linenumber">38</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/core/components/member-drawer/member-drawer.component.html</context>
+          <context context-type="linenumber">55</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/core/components/metric-drawer/metric-drawer.component.html</context>
+          <context context-type="linenumber">43</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/core/components/target-user/target-user.component.html</context>
+          <context context-type="linenumber">44</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/features/safe/end-users/index/index.component.html</context>
+          <context context-type="linenumber">25</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/features/safe/end-users/index/index.component.html</context>
+          <context context-type="linenumber">60</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/features/safe/feature-flags/details/experimentation/experimentation.component.html</context>
+          <context context-type="linenumber">138</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/features/safe/feature-flags/details/insights/insights.component.html</context>
+          <context context-type="linenumber">18</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/features/safe/feature-flags/details/setting/setting.component.html</context>
+          <context context-type="linenumber">136,137</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/features/safe/feature-flags/index/index.component.html</context>
+          <context context-type="linenumber">26</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/features/safe/iam/components/policy-editor/resources-selector/resources-selector.component.html</context>
+          <context context-type="linenumber">38</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/features/safe/integrations/access-tokens/index/index.component.html</context>
+          <context context-type="linenumber">28</context>
+        </context-group>
+        <target>数据加载中...</target>
+      </trans-unit>
       <trans-unit id="integrations.access-token.service-access-token-must-define-policies" datatype="html">
         <source>Policies are mandatory for service type access tokens</source>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/core/components/access-token-drawer/access-token-drawer.component.html</context>
-          <context context-type="linenumber">79</context>
+          <context context-type="linenumber">82</context>
         </context-group>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/core/components/access-token-drawer/access-token-drawer.component.ts</context>
-          <context context-type="linenumber">219</context>
+          <context context-type="linenumber">250</context>
         </context-group>
         <target>策略不能为空</target>
       </trans-unit>
@@ -301,7 +369,7 @@
         <source>Save</source>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/core/components/access-token-drawer/access-token-drawer.component.html</context>
-          <context context-type="linenumber">89</context>
+          <context context-type="linenumber">92</context>
         </context-group>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/core/components/change-review/change-review.component.html</context>
@@ -377,15 +445,27 @@
         </context-group>
         <target>保存</target>
       </trans-unit>
+      <trans-unit id="permissions.need-permissions-to-operate" datatype="html">
+        <source>You don&apos;t have permissions to take this action, please contact the admin to grant you the necessary permissions</source>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/core/components/access-token-drawer/access-token-drawer.component.ts</context>
+          <context context-type="linenumber">219</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/core/services/permissions.service.ts</context>
+          <context context-type="linenumber">14</context>
+        </context-group>
+        <target>您未被授权进行该操作, 请联系账户管理员添加相关权限</target>
+      </trans-unit>
       <trans-unit id="common.operation-success" datatype="html">
         <source>Operation succeeded</source>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/core/components/access-token-drawer/access-token-drawer.component.ts</context>
-          <context context-type="linenumber">198</context>
+          <context context-type="linenumber">229</context>
         </context-group>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/core/components/access-token-drawer/access-token-drawer.component.ts</context>
-          <context context-type="linenumber">213</context>
+          <context context-type="linenumber">244</context>
         </context-group>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/core/components/expt-rules-drawer/expt-rules-drawer.component.ts</context>
@@ -565,11 +645,11 @@
         </context-group>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/features/safe/integrations/access-tokens/index/index.component.ts</context>
-          <context context-type="linenumber">134</context>
+          <context context-type="linenumber">145</context>
         </context-group>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/features/safe/integrations/access-tokens/index/index.component.ts</context>
-          <context context-type="linenumber">145</context>
+          <context context-type="linenumber">156</context>
         </context-group>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/features/safe/segments/details/setting/setting.component.ts</context>
@@ -597,7 +677,7 @@
         <source>Operation failed, please try again</source>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/core/components/access-token-drawer/access-token-drawer.component.ts</context>
-          <context context-type="linenumber">201</context>
+          <context context-type="linenumber">232</context>
         </context-group>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/core/components/metric-drawer/metric-drawer.component.ts</context>
@@ -733,70 +813,6 @@
         </context-group>
         <target>按团队成员查找</target>
       </trans-unit>
-      <trans-unit id="common.loading" datatype="html">
-        <source>Loading...</source>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/core/components/audit-logs/audit-logs.component.html</context>
-          <context context-type="linenumber">26</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/core/components/experiment-drawer/experiment-drawer.component.html</context>
-          <context context-type="linenumber">36</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/core/components/experiment-drawer/experiment-drawer.component.html</context>
-          <context context-type="linenumber">66</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/core/components/member-drawer/member-drawer.component.html</context>
-          <context context-type="linenumber">38</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/core/components/member-drawer/member-drawer.component.html</context>
-          <context context-type="linenumber">55</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/core/components/metric-drawer/metric-drawer.component.html</context>
-          <context context-type="linenumber">43</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/core/components/target-user/target-user.component.html</context>
-          <context context-type="linenumber">44</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/end-users/index/index.component.html</context>
-          <context context-type="linenumber">25</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/end-users/index/index.component.html</context>
-          <context context-type="linenumber">60</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/feature-flags/details/experimentation/experimentation.component.html</context>
-          <context context-type="linenumber">138</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/feature-flags/details/insights/insights.component.html</context>
-          <context context-type="linenumber">18</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/feature-flags/details/setting/setting.component.html</context>
-          <context context-type="linenumber">136,137</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/feature-flags/index/index.component.html</context>
-          <context context-type="linenumber">26</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/iam/components/policy-editor/resources-selector/resources-selector.component.html</context>
-          <context context-type="linenumber">38</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/integrations/access-tokens/index/index.component.html</context>
-          <context context-type="linenumber">28</context>
-        </context-group>
-        <target>数据加载中...</target>
-      </trans-unit>
       <trans-unit id="ff.idx.filter-by-type" datatype="html">
         <source>Filter by type</source>
         <context-group purpose="location">
@@ -1473,11 +1489,11 @@
         </context-group>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/features/safe/integrations/access-tokens/index/index.component.ts</context>
-          <context context-type="linenumber">138</context>
+          <context context-type="linenumber">149</context>
         </context-group>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/features/safe/integrations/access-tokens/index/index.component.ts</context>
-          <context context-type="linenumber">148</context>
+          <context context-type="linenumber">159</context>
         </context-group>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/features/safe/segments/details/targeting/targeting.component.ts</context>
@@ -2797,7 +2813,7 @@
         </context-group>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/features/safe/integrations/access-tokens/index/index.component.html</context>
-          <context context-type="linenumber">99</context>
+          <context context-type="linenumber">100</context>
         </context-group>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/features/safe/organizations/project/project.component.html</context>
@@ -2885,7 +2901,7 @@
         </context-group>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/features/safe/integrations/access-tokens/index/index.component.html</context>
-          <context context-type="linenumber">103</context>
+          <context context-type="linenumber">104</context>
         </context-group>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/features/safe/organizations/project/project.component.html</context>
@@ -3296,14 +3312,6 @@
         </context-group>
         <target>客户托管</target>
       </trans-unit>
-      <trans-unit id="permissions.need-permissions-to-operate" datatype="html">
-        <source>You don&apos;t have permissions to take this action, please contact the admin to grant you the necessary permissions</source>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/core/services/permissions.service.ts</context>
-          <context context-type="linenumber">14</context>
-        </context-group>
-        <target>您未被授权进行该操作, 请联系账户管理员添加相关权限</target>
-      </trans-unit>
       <trans-unit id="2454050363478003966" datatype="html">
         <source>Login</source>
         <context-group purpose="location">
@@ -3804,7 +3812,7 @@
         </context-group>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/features/safe/integrations/access-tokens/index/index.component.html</context>
-          <context context-type="linenumber">86</context>
+          <context context-type="linenumber">87</context>
         </context-group>
         <target>编辑</target>
       </trans-unit>
@@ -6164,7 +6172,7 @@
         <source>Activate</source>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/features/safe/integrations/access-tokens/index/index.component.html</context>
-          <context context-type="linenumber">90</context>
+          <context context-type="linenumber">91</context>
         </context-group>
         <target>激活</target>
       </trans-unit>
@@ -6172,7 +6180,7 @@
         <source>Deactivate</source>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/features/safe/integrations/access-tokens/index/index.component.html</context>
-          <context context-type="linenumber">95</context>
+          <context context-type="linenumber">96</context>
         </context-group>
         <target>停用</target>
       </trans-unit>

From 010fac9b0509ca377fbbd68ba56bf70808e06719 Mon Sep 17 00:00:00 2001
From: cosmos-explorer <lian.yang.work@gmail.com>
Date: Sun, 12 Mar 2023 03:41:38 +0100
Subject: [PATCH 15/44] in progress

---
 modules/front-end/src/app/core/guards/accessTokens.guard.ts | 1 +
 modules/front-end/src/app/core/guards/iam.guard.ts          | 1 +
 2 files changed, 2 insertions(+)

diff --git a/modules/front-end/src/app/core/guards/accessTokens.guard.ts b/modules/front-end/src/app/core/guards/accessTokens.guard.ts
index 223754ed0..c11c0c1b6 100644
--- a/modules/front-end/src/app/core/guards/accessTokens.guard.ts
+++ b/modules/front-end/src/app/core/guards/accessTokens.guard.ts
@@ -26,6 +26,7 @@ export class AccessTokensGuard implements CanActivate {
 
     if (!canListAccessTokens) {
       this.message.warning(this.permissionsService.genericDenyMessage);
+      return this.router.parseUrl('/');
     }
 
     return canListAccessTokens;
diff --git a/modules/front-end/src/app/core/guards/iam.guard.ts b/modules/front-end/src/app/core/guards/iam.guard.ts
index 715d36169..9539775fb 100644
--- a/modules/front-end/src/app/core/guards/iam.guard.ts
+++ b/modules/front-end/src/app/core/guards/iam.guard.ts
@@ -26,6 +26,7 @@ export class IAMGuard implements CanActivate {
 
     if (!canManageIAM) {
       this.message.warning(this.permissionsService.genericDenyMessage);
+      return this.router.parseUrl('/');
     }
 
     return canManageIAM;

From 7a04461605d528873aea5fbb6d6d883d853b9d62 Mon Sep 17 00:00:00 2001
From: cosmos-explorer <lian.yang.work@gmail.com>
Date: Sun, 12 Mar 2023 03:46:23 +0100
Subject: [PATCH 16/44] in progress

---
 .../access-token-drawer.component.ts                   |  8 ++++++++
 modules/front-end/src/locale/messages.xlf              | 10 +++++-----
 modules/front-end/src/locale/messages.zh.xlf           | 10 +++++-----
 3 files changed, 18 insertions(+), 10 deletions(-)

diff --git a/modules/front-end/src/app/core/components/access-token-drawer/access-token-drawer.component.ts b/modules/front-end/src/app/core/components/access-token-drawer/access-token-drawer.component.ts
index 0aed41c66..e44577fc2 100644
--- a/modules/front-end/src/app/core/components/access-token-drawer/access-token-drawer.component.ts
+++ b/modules/front-end/src/app/core/components/access-token-drawer/access-token-drawer.component.ts
@@ -99,6 +99,12 @@ export class AccessTokenDrawerComponent implements OnInit {
     });
   }
 
+  resetPolicy() {
+    this.form.patchValue({
+      policy: {},
+    });
+  }
+
   onClose() {
     this.reset();
     this.close.emit();
@@ -111,6 +117,8 @@ export class AccessTokenDrawerComponent implements OnInit {
   onTypeChange() {
     const {type} = this.form.value;
     this.isServiceAccessToken = type === AccessTokenTypeEnum.Service;
+    this.selectedPolicyList = [];
+    this.resetPolicy();
   }
 
   onPolicySelectChange() {
diff --git a/modules/front-end/src/locale/messages.xlf b/modules/front-end/src/locale/messages.xlf
index cfa59764d..034b5b882 100644
--- a/modules/front-end/src/locale/messages.xlf
+++ b/modules/front-end/src/locale/messages.xlf
@@ -353,7 +353,7 @@
         </context-group>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/core/components/access-token-drawer/access-token-drawer.component.ts</context>
-          <context context-type="linenumber">250</context>
+          <context context-type="linenumber">258</context>
         </context-group>
       </trans-unit>
       <trans-unit id="common.save" datatype="html">
@@ -439,7 +439,7 @@
         <source>You don&apos;t have permissions to take this action, please contact the admin to grant you the necessary permissions</source>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/core/components/access-token-drawer/access-token-drawer.component.ts</context>
-          <context context-type="linenumber">219</context>
+          <context context-type="linenumber">227</context>
         </context-group>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/core/services/permissions.service.ts</context>
@@ -450,11 +450,11 @@
         <source>Operation succeeded</source>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/core/components/access-token-drawer/access-token-drawer.component.ts</context>
-          <context context-type="linenumber">229</context>
+          <context context-type="linenumber">237</context>
         </context-group>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/core/components/access-token-drawer/access-token-drawer.component.ts</context>
-          <context context-type="linenumber">244</context>
+          <context context-type="linenumber">252</context>
         </context-group>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/core/components/expt-rules-drawer/expt-rules-drawer.component.ts</context>
@@ -665,7 +665,7 @@
         <source>Operation failed, please try again</source>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/core/components/access-token-drawer/access-token-drawer.component.ts</context>
-          <context context-type="linenumber">232</context>
+          <context context-type="linenumber">240</context>
         </context-group>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/core/components/metric-drawer/metric-drawer.component.ts</context>
diff --git a/modules/front-end/src/locale/messages.zh.xlf b/modules/front-end/src/locale/messages.zh.xlf
index 6dc7844cf..1e04534d9 100644
--- a/modules/front-end/src/locale/messages.zh.xlf
+++ b/modules/front-end/src/locale/messages.zh.xlf
@@ -361,7 +361,7 @@
         </context-group>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/core/components/access-token-drawer/access-token-drawer.component.ts</context>
-          <context context-type="linenumber">250</context>
+          <context context-type="linenumber">258</context>
         </context-group>
         <target>策略不能为空</target>
       </trans-unit>
@@ -449,7 +449,7 @@
         <source>You don&apos;t have permissions to take this action, please contact the admin to grant you the necessary permissions</source>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/core/components/access-token-drawer/access-token-drawer.component.ts</context>
-          <context context-type="linenumber">219</context>
+          <context context-type="linenumber">227</context>
         </context-group>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/core/services/permissions.service.ts</context>
@@ -461,11 +461,11 @@
         <source>Operation succeeded</source>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/core/components/access-token-drawer/access-token-drawer.component.ts</context>
-          <context context-type="linenumber">229</context>
+          <context context-type="linenumber">237</context>
         </context-group>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/core/components/access-token-drawer/access-token-drawer.component.ts</context>
-          <context context-type="linenumber">244</context>
+          <context context-type="linenumber">252</context>
         </context-group>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/core/components/expt-rules-drawer/expt-rules-drawer.component.ts</context>
@@ -677,7 +677,7 @@
         <source>Operation failed, please try again</source>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/core/components/access-token-drawer/access-token-drawer.component.ts</context>
-          <context context-type="linenumber">232</context>
+          <context context-type="linenumber">240</context>
         </context-group>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/core/components/metric-drawer/metric-drawer.component.ts</context>

From cf38cbc941c5acce738a2053c1d3b9438c6d95c3 Mon Sep 17 00:00:00 2001
From: cosmos-explorer <lian.yang.work@gmail.com>
Date: Sun, 12 Mar 2023 03:47:49 +0100
Subject: [PATCH 17/44] Update init.js

---
 infra/mongodb/docker-entrypoint-initdb.d/init.js | 1 +
 1 file changed, 1 insertion(+)

diff --git a/infra/mongodb/docker-entrypoint-initdb.d/init.js b/infra/mongodb/docker-entrypoint-initdb.d/init.js
index 80089bf73..51008e60a 100644
--- a/infra/mongodb/docker-entrypoint-initdb.d/init.js
+++ b/infra/mongodb/docker-entrypoint-initdb.d/init.js
@@ -168,6 +168,7 @@ db.Policies.insertOne(
                 resourceType: "general",
                 effect: "allow",
                 actions: [
+                    "CreateServiceAccessTokens",
                     "CreatePersonalAccessTokens",
                     "ListAccessTokens"
                 ],

From 484b06e18d0fa4775071a7c8d9cb454167ff58ca Mon Sep 17 00:00:00 2001
From: cosmos-explorer <lian.yang.work@gmail.com>
Date: Sun, 12 Mar 2023 03:49:20 +0100
Subject: [PATCH 18/44] fix

---
 .../back-end/src/Api/Controllers/AccessTokenController.cs   | 4 ++--
 modules/back-end/src/Api/appsettings.json                   | 6 +++---
 2 files changed, 5 insertions(+), 5 deletions(-)

diff --git a/modules/back-end/src/Api/Controllers/AccessTokenController.cs b/modules/back-end/src/Api/Controllers/AccessTokenController.cs
index b7146d98f..35104be3d 100644
--- a/modules/back-end/src/Api/Controllers/AccessTokenController.cs
+++ b/modules/back-end/src/Api/Controllers/AccessTokenController.cs
@@ -74,8 +74,8 @@ public async Task<ApiResponse<AccessTokenVm>> UpdateAsync(Guid id, UpdateAccessT
     {
         request.Id = id;
 
-        var metricVm = await Mediator.Send(request);
+        var accessTokenVm = await Mediator.Send(request);
 
-        return Ok(metricVm);
+        return Ok(accessTokenVm);
     }
 }
\ No newline at end of file
diff --git a/modules/back-end/src/Api/appsettings.json b/modules/back-end/src/Api/appsettings.json
index 38ba7e844..acb39b6c7 100644
--- a/modules/back-end/src/Api/appsettings.json
+++ b/modules/back-end/src/Api/appsettings.json
@@ -11,14 +11,14 @@
     "Key": "featbit-identity-key"
   },
   "MongoDb": {
-    "ConnectionString": "mongodb://admin:password@localhost:27017",
+    "ConnectionString": "mongodb://admin:password@mongodb:27017",
     "Database": "featbit"
   },
   "Kafka": {
-    "BootstrapServers": "localhost:9092"
+    "BootstrapServers": "kafka:9092"
   },
   "OLAP": {
-    "ServiceHost": "http://localhost"
+    "ServiceHost": "http://da-server"
   },
   "AllowedHosts": "*"
 }

From ab7906e8a10652f5d4aaf9022432efe1beb11330 Mon Sep 17 00:00:00 2001
From: cosmos-explorer <lian.yang.work@gmail.com>
Date: Sun, 12 Mar 2023 03:55:58 +0100
Subject: [PATCH 19/44] in progress

---
 modules/back-end/src/Application/AccessTokens/AccessTokenVm.cs  | 1 +
 .../back-end/src/Application/AccessTokens/DeleteAccessToken.cs  | 2 +-
 .../src/Application/AccessTokens/ToggleAccessTokenStatus.cs     | 2 +-
 modules/back-end/src/Application/Policies/MapperProfile.cs      | 1 -
 4 files changed, 3 insertions(+), 3 deletions(-)

diff --git a/modules/back-end/src/Application/AccessTokens/AccessTokenVm.cs b/modules/back-end/src/Application/AccessTokens/AccessTokenVm.cs
index f81633442..427add870 100644
--- a/modules/back-end/src/Application/AccessTokens/AccessTokenVm.cs
+++ b/modules/back-end/src/Application/AccessTokens/AccessTokenVm.cs
@@ -12,6 +12,7 @@ public class AccessTokenVm
     public string Type { get; set; }
     
     public string Status { get; set; }
+    
     public MemberVm Creator { get; set; }
 
     public IEnumerable<Policy> Policies { get; set; }
diff --git a/modules/back-end/src/Application/AccessTokens/DeleteAccessToken.cs b/modules/back-end/src/Application/AccessTokens/DeleteAccessToken.cs
index 3d4a8f07b..808d27cb9 100644
--- a/modules/back-end/src/Application/AccessTokens/DeleteAccessToken.cs
+++ b/modules/back-end/src/Application/AccessTokens/DeleteAccessToken.cs
@@ -1,4 +1,4 @@
-namespace Application.Policies;
+namespace Application.AccessTokens;
 
 public class DeleteAccessToken : IRequest<bool>
 {
diff --git a/modules/back-end/src/Application/AccessTokens/ToggleAccessTokenStatus.cs b/modules/back-end/src/Application/AccessTokens/ToggleAccessTokenStatus.cs
index db85cd5d8..1c135c909 100644
--- a/modules/back-end/src/Application/AccessTokens/ToggleAccessTokenStatus.cs
+++ b/modules/back-end/src/Application/AccessTokens/ToggleAccessTokenStatus.cs
@@ -1,7 +1,7 @@
 using Application.Users;
 using Domain.AuditLogs;
 
-namespace Application.FeatureFlags;
+namespace Application.AccessTokens;
 
 public class ToggleAccessTokenStatus : IRequest<bool>
 {
diff --git a/modules/back-end/src/Application/Policies/MapperProfile.cs b/modules/back-end/src/Application/Policies/MapperProfile.cs
index 6febbe829..45e35bd19 100644
--- a/modules/back-end/src/Application/Policies/MapperProfile.cs
+++ b/modules/back-end/src/Application/Policies/MapperProfile.cs
@@ -8,7 +8,6 @@ public class MapperProfile : Profile
     public MapperProfile()
     {
         CreateMap<Policy, PolicyVm>();
-        CreateMap<IEnumerable<PolicyVm>, IEnumerable<Policy>>();
         CreateMap<PagedResult<Policy>, PagedResult<PolicyVm>>();
     }
 }
\ No newline at end of file

From a97f23c15fc029e084310b2631db98060a48b3e0 Mon Sep 17 00:00:00 2001
From: cosmos-explorer <lian.yang.work@gmail.com>
Date: Sun, 12 Mar 2023 11:15:38 +0100
Subject: [PATCH 20/44] in progress

---
 .../Application/AccessTokens/AccessTokenVm.cs |   2 +-
 .../AccessTokens/GetAccessTokenList.cs        |   1 +
 .../src/Domain/AccessTokens/AccessToken.cs    |  21 +-
 .../access-token-drawer.component.html        |  30 ++
 .../access-token-drawer.component.less        |  19 ++
 .../access-token-drawer.component.ts          |  21 +-
 .../change-review.component.less              |   4 +-
 .../expt-rules-drawer.component.less          |   4 +-
 .../flag-triggers.component.html              |   4 +-
 .../flag-triggers.component.less              |  10 +-
 .../flag-triggers/flag-triggers.component.ts  |   7 +
 .../experimentation.component.html            |   4 +-
 .../experimentation.component.less            |   2 +-
 .../details/setting/setting.component.less    |   4 +-
 .../feature-flags/index/index.component.less  |   2 +-
 .../access-tokens/index/index.component.html  |  59 ++--
 .../access-tokens/index/index.component.ts    |   4 +-
 .../access-tokens/types/access-token.ts       |   1 +
 .../safe/segments/index/index.component.less  |   4 +-
 modules/front-end/src/locale/messages.xlf     | 265 ++++++++++-------
 modules/front-end/src/locale/messages.zh.xlf  | 272 ++++++++++--------
 modules/front-end/src/styles-common.less      |   8 +
 modules/front-end/src/variables.less          |   1 +
 23 files changed, 480 insertions(+), 269 deletions(-)

diff --git a/modules/back-end/src/Application/AccessTokens/AccessTokenVm.cs b/modules/back-end/src/Application/AccessTokens/AccessTokenVm.cs
index 427add870..e4660e40f 100644
--- a/modules/back-end/src/Application/AccessTokens/AccessTokenVm.cs
+++ b/modules/back-end/src/Application/AccessTokens/AccessTokenVm.cs
@@ -12,7 +12,7 @@ public class AccessTokenVm
     public string Type { get; set; }
     
     public string Status { get; set; }
-    
+    public string Token { get; set; }
     public MemberVm Creator { get; set; }
 
     public IEnumerable<Policy> Policies { get; set; }
diff --git a/modules/back-end/src/Application/AccessTokens/GetAccessTokenList.cs b/modules/back-end/src/Application/AccessTokens/GetAccessTokenList.cs
index 2d43e64ef..6c815fe88 100644
--- a/modules/back-end/src/Application/AccessTokens/GetAccessTokenList.cs
+++ b/modules/back-end/src/Application/AccessTokens/GetAccessTokenList.cs
@@ -33,6 +33,7 @@ public async Task<PagedResult<AccessTokenVm>> Handle(GetAccessTokenList request,
         {
             var accessTokenVm = accessTokenVms.Items.First(x => x.Id == accessTokenItem.Id);
             accessTokenVm.Creator = _mapper.Map<MemberVm>(creators.First(x => x.Id == accessTokenItem.CreatorId));
+            accessTokenVm.Token = accessTokenVm.Token[..15] + "**************";
         }
 
         return accessTokenVms;
diff --git a/modules/back-end/src/Domain/AccessTokens/AccessToken.cs b/modules/back-end/src/Domain/AccessTokens/AccessToken.cs
index d1c03f8f4..4b9a5b9f8 100644
--- a/modules/back-end/src/Domain/AccessTokens/AccessToken.cs
+++ b/modules/back-end/src/Domain/AccessTokens/AccessToken.cs
@@ -1,3 +1,4 @@
+using System.Text;
 using Domain.Policies;
 
 namespace Domain.AccessTokens;
@@ -10,13 +11,29 @@ public class AccessToken : AuditedEntity
 
     public string Type { get; set; }
     public string Status { get; set; }
-
+    public string Token { get; set; }
     public Guid CreatorId { get; set; }
 
     public ICollection<Policy> Policies { get; set; }
     
     public DateTime? LastUsedAt { get; set; }
 
+    private string NewToken()
+    {
+        // timestamp in millis, length is 13
+        var reversedTimestamp =
+            new string(DateTimeOffset.UtcNow.ToUnixTimeMilliseconds().ToString().Reverse().ToArray());
+
+        // header length is (13 + 2) * 4/3 = 20, we trim '=' character, so got 18 chars
+        var header = Convert.ToBase64String(Encoding.UTF8.GetBytes(reversedTimestamp)).TrimEnd('=');
+
+        // 22 chars
+        var guid = GuidHelper.Encode(Guid.NewGuid());
+
+        // 4 + 18 + 22 = 44 chars
+        return $"api-{header}{guid}";
+    }
+    
     public AccessToken(Guid organizationId, Guid creatorId, string name, string type, IEnumerable<Policy> policies)
     {
         OrganizationId = organizationId;
@@ -26,6 +43,8 @@ public AccessToken(Guid organizationId, Guid creatorId, string name, string type
         Status = AccessTokenStatus.Active;
         Type = type;
         Policies = policies.ToArray();
+
+        Token = NewToken();
     }
     
     public void RefreshLastUsedAt()
diff --git a/modules/front-end/src/app/core/components/access-token-drawer/access-token-drawer.component.html b/modules/front-end/src/app/core/components/access-token-drawer/access-token-drawer.component.html
index 55b6a9e46..2a2403bdc 100644
--- a/modules/front-end/src/app/core/components/access-token-drawer/access-token-drawer.component.html
+++ b/modules/front-end/src/app/core/components/access-token-drawer/access-token-drawer.component.html
@@ -94,3 +94,33 @@
   </ng-template>
 </nz-drawer>
 
+<nz-modal
+  [(nzVisible)]="isCreationConfirmModalVisible"
+  i18n-nzTitle="@@integrations.access-tokens.access-token-created"
+  nzTitle="Access token created"
+  [nzFooter]="confirmFooter"
+  (nzOnOk)="isCreationConfirmModalVisible = false">
+  <ng-container *nzModalContent>
+    <div class="">
+      <nz-alert
+        nzType="warning"
+        i18n-nzDescription="@@integrations.access-token.copy-token-warning"
+        nzDescription="Copy and save this token now, the token value will be masked once you leave the page."
+        nzShowIcon
+        nzIconType="icons:icon-warning"
+      ></nz-alert>
+
+      <div class="token-wrapper">
+        <div class="token-name">{{tokenName}}:</div>
+        <div>
+          <span>{{tokenValue}}</span>
+          <i (click)="copyText($event, tokenValue)" class="copy-icon" nz-icon nzType="icons:icon-copy"></i>
+        </div>
+      </div>
+    </div>
+  </ng-container>
+  <ng-template #confirmFooter>
+    <button id="confirm-modal-ok" nz-button nzType="primary" (click)="isCreationConfirmModalVisible = false" i18n="@@common.ok">OK</button>
+  </ng-template>
+</nz-modal>
+
diff --git a/modules/front-end/src/app/core/components/access-token-drawer/access-token-drawer.component.less b/modules/front-end/src/app/core/components/access-token-drawer/access-token-drawer.component.less
index 75b92cc95..ea11d5fcc 100644
--- a/modules/front-end/src/app/core/components/access-token-drawer/access-token-drawer.component.less
+++ b/modules/front-end/src/app/core/components/access-token-drawer/access-token-drawer.component.less
@@ -4,6 +4,25 @@
   color: @red60-color;
 }
 
+#confirm-modal-ok {
+  color: @white;
+
+  &:hover, &:focus {
+    color: @white;
+    border-color: #61d4aa;
+    background: #61d4aa;
+  }
+}
+
+.token-wrapper {
+  margin: 32px 0;
+  display: flex;
+  justify-content: center;
+  align-items: center;
+  gap: 8px;
+  font-size: 15px;
+}
+
 .selected-policies {
   border: 1px solid @grey20-color;
   background-color: #ffffff;
diff --git a/modules/front-end/src/app/core/components/access-token-drawer/access-token-drawer.component.ts b/modules/front-end/src/app/core/components/access-token-drawer/access-token-drawer.component.ts
index e44577fc2..4eeecc425 100644
--- a/modules/front-end/src/app/core/components/access-token-drawer/access-token-drawer.component.ts
+++ b/modules/front-end/src/app/core/components/access-token-drawer/access-token-drawer.component.ts
@@ -14,6 +14,9 @@ import { AccessTokenService } from "@services/access-token.service";
 import { PermissionsService } from "@services/permissions.service";
 import { generalResourceRNPattern, permissionActions } from "@shared/permissions";
 import { PolicyFilter } from "@features/safe/iam/types/policy";
+import { IFeatureFlag } from "@features/safe/feature-flags/types/details";
+import { NzModalService } from "ng-zorro-antd/modal";
+import { copyToClipboard } from "@utils/index";
 
 @Component({
   selector: 'access-token-drawer',
@@ -58,6 +61,7 @@ export class AccessTokenDrawerComponent implements OnInit {
     private policyService: PolicyService,
     private permissionsService: PermissionsService,
     private accessTokenService: AccessTokenService,
+    private modal: NzModalService,
     private message: NzMessageService
   ) {
     this.policyDebouncer.pipe(
@@ -205,6 +209,9 @@ export class AccessTokenDrawerComponent implements OnInit {
     }
   }
 
+  tokenName = '';
+  tokenValue = '';
+  isCreationConfirmModalVisible = false;
   doSubmit() {
     // we validate name and type only here
     if (this.form.invalid) {
@@ -227,13 +234,12 @@ export class AccessTokenDrawerComponent implements OnInit {
       this.message.warning($localize `:@@permissions.need-permissions-to-operate:You don't have permissions to take this action, please contact the admin to grant you the necessary permissions`);
       return;
     }
-
     this.isLoading = true;
     if (this.isEditing) {
       this.accessTokenService.update(this.accessToken.id, name).subscribe({
           next: res => {
             this.isLoading = false;
-            this.close.emit({ isEditing: true, id: this.accessToken.id, name: name});
+            this.close.emit({ isEditing: true, id: this.accessToken.id, name: name });
             this.message.success($localize`:@@common.operation-success:Operation succeeded`);
           },
           error: _ => {
@@ -246,11 +252,14 @@ export class AccessTokenDrawerComponent implements OnInit {
       const policies = this.isServiceAccessToken ? this.selectedPolicyList.map(p => p.id) : [];
 
       this.accessTokenService.create(name, type, policies).subscribe({
-          next: () => {
+          next: ({id, name, token}) => {
             this.isLoading = false;
             this.close.emit({ isEditing: false });
             this.message.success($localize`:@@common.operation-success:Operation succeeded`);
             this.reset();
+            this.tokenName = name;
+            this.tokenValue = token;
+            this.isCreationConfirmModalVisible = true;
           },
           error: (e) => {
             this.isLoading = false;
@@ -263,6 +272,12 @@ export class AccessTokenDrawerComponent implements OnInit {
     }
   }
 
+  copyText(event, text: string) {
+    copyToClipboard(text).then(
+      () => this.message.success($localize `:@@common.copy-success:Copied`)
+    );
+  }
+
   actionTokenTypes = [
     AccessTokenTypeEnum.Personal,
     AccessTokenTypeEnum.Service
diff --git a/modules/front-end/src/app/core/components/change-review/change-review.component.less b/modules/front-end/src/app/core/components/change-review/change-review.component.less
index 96efddd29..1e41b1728 100644
--- a/modules/front-end/src/app/core/components/change-review/change-review.component.less
+++ b/modules/front-end/src/app/core/components/change-review/change-review.component.less
@@ -28,14 +28,14 @@
     padding: 10px;
     border: 1px solid #d2d2d2;
     margin: 12px 0;
-    border-left: 3px solid #ff912b;
+    border-left: 3px solid @yellow5-color;
     border-radius: 10px;
 
     .warning {
       display: flex;
 
       .warning-icon {
-        color: #ff912b;
+        color: @yellow5-color;
       }
 
       .warning-content {
diff --git a/modules/front-end/src/app/core/components/expt-rules-drawer/expt-rules-drawer.component.less b/modules/front-end/src/app/core/components/expt-rules-drawer/expt-rules-drawer.component.less
index 9962bfc4e..a895ccfa8 100644
--- a/modules/front-end/src/app/core/components/expt-rules-drawer/expt-rules-drawer.component.less
+++ b/modules/front-end/src/app/core/components/expt-rules-drawer/expt-rules-drawer.component.less
@@ -9,14 +9,14 @@
       padding: 10px;
       border: 1px solid #d2d2d2;
       margin-bottom: 15px;
-      border-left: 3px solid #ff912b;
+      border-left: 3px solid @yellow5-color;
       border-radius: 10px;
 
         .warning {
           display: flex;
 
           .warning-icon {
-            color: #ff912b;
+            color: @yellow5-color;
           }
           .warning-content {
             padding-left: 5px;
diff --git a/modules/front-end/src/app/features/safe/feature-flags/components/flag-triggers/flag-triggers.component.html b/modules/front-end/src/app/features/safe/feature-flags/components/flag-triggers/flag-triggers.component.html
index ff356544f..9a9278b3f 100644
--- a/modules/front-end/src/app/features/safe/feature-flags/components/flag-triggers/flag-triggers.component.html
+++ b/modules/front-end/src/app/features/safe/feature-flags/components/flag-triggers/flag-triggers.component.html
@@ -38,8 +38,8 @@
                 </div>
                 <div class="trigger-description">{{trigger.description}}</div>
                 <div class="trigger-url">
-                  <span *ngIf="!trigger.canCopyToken">{{getTriggerUrl(trigger.token)}}</span>
-                  <span *ngIf="trigger.canCopyToken" nz-typography nzCopyable nzCopyText="{{ getTriggerUrl(trigger.token) }}">{{getTriggerUrl(trigger.token)}}</span>
+                  <span>{{getTriggerUrl(trigger.token)}}</span>
+                  <i *ngIf="trigger.canCopyToken" (click)="copyText($event, getTriggerUrl(trigger.token))" class="copy-icon" nz-icon nzType="icons:icon-copy"></i>
                 </div>
                 <div class="warning" *ngIf="trigger.canCopyToken">
                   <span class="warning-icon"><i nz-icon nzType="warning" nzTheme="fill"></i></span>
diff --git a/modules/front-end/src/app/features/safe/feature-flags/components/flag-triggers/flag-triggers.component.less b/modules/front-end/src/app/features/safe/feature-flags/components/flag-triggers/flag-triggers.component.less
index f07696382..b02d4d7b5 100644
--- a/modules/front-end/src/app/features/safe/feature-flags/components/flag-triggers/flag-triggers.component.less
+++ b/modules/front-end/src/app/features/safe/feature-flags/components/flag-triggers/flag-triggers.component.less
@@ -179,6 +179,14 @@
 
             .trigger-url{
               color: rgba(0, 0, 0, 0.85);
+
+              .copy-icon {
+                font-size: 13px;
+
+                &:hover {
+                  color: @green60-color;
+                }
+              }
             }
 
             .warning {
@@ -188,7 +196,7 @@
               margin-top: 5px;
 
               .warning-icon {
-                color: #ff912b;
+                color: @yellow5-color;
               }
             }
           }
diff --git a/modules/front-end/src/app/features/safe/feature-flags/components/flag-triggers/flag-triggers.component.ts b/modules/front-end/src/app/features/safe/feature-flags/components/flag-triggers/flag-triggers.component.ts
index 2a317179a..7d883c90e 100644
--- a/modules/front-end/src/app/features/safe/feature-flags/components/flag-triggers/flag-triggers.component.ts
+++ b/modules/front-end/src/app/features/safe/feature-flags/components/flag-triggers/flag-triggers.component.ts
@@ -4,6 +4,7 @@ import { FlagTriggerService } from '@services/flag-trigger.service';
 import { FlagTriggerActionEnum, FlagTriggerTypeEnum, IFlagTrigger } from '../../types/flag-triggers';
 import {IFeatureFlag} from "@features/safe/feature-flags/types/details";
 import {FeatureFlagService} from "@services/feature-flag.service";
+import { copyToClipboard } from "@utils/index";
 
 @Component({
   selector: 'flag-triggers',
@@ -104,6 +105,12 @@ export class FlagTriggersComponent implements OnInit {
     return this.flagTriggerService.getTriggerUrl(token);
   }
 
+  copyText(event, text: string) {
+    copyToClipboard(text).then(
+      () => this.message.success($localize `:@@common.copy-success:Copied`)
+    );
+  }
+
   flagTriggerTypeLabel = {
     [FlagTriggerTypeEnum.FeatureFlagGeneral]: 'General'
   }
diff --git a/modules/front-end/src/app/features/safe/feature-flags/details/experimentation/experimentation.component.html b/modules/front-end/src/app/features/safe/feature-flags/details/experimentation/experimentation.component.html
index a60f984e2..225e0a0ea 100644
--- a/modules/front-end/src/app/features/safe/feature-flags/details/experimentation/experimentation.component.html
+++ b/modules/front-end/src/app/features/safe/feature-flags/details/experimentation/experimentation.component.html
@@ -58,7 +58,7 @@ <h2>
                         <ng-container i18n="@@ff.expt.refresh">Refresh</ng-container>
                       </button>
                     </div>
-                    <i class="options" nz-icon style="cursor: pointer;font-size: 25px; font-weight: bold; margin-left: 20px" nzType="ellipsis" [nzRotate]="90" nzTheme="outline" nz-dropdown [nzDropdownMenu]="options" [nzClickHide]="false"></i>
+                    <i class="options" nzPlacement="bottomCenter" nz-icon style="cursor: pointer;font-size: 25px; font-weight: bold; margin-left: 20px" nzType="ellipsis" [nzRotate]="90" nzTheme="outline" nz-dropdown [nzDropdownMenu]="options" [nzClickHide]="false"></i>
 
                     <nz-dropdown-menu #options="nzDropdownMenu">
                       <ul nz-menu nzSelectable style="min-width: 150px;">
@@ -68,7 +68,6 @@ <h2>
                             nzPopconfirmTitle="This would remove all data of this experiment, it cannot be reverted, are you sure to remove it?"
                             nzPopconfirmPlacement="bottomRight"
                             [nzPopconfirmOverlayStyle]="{minWidth: '240px'}"
-                            style="width: 100%;display: flex;justify-content: center;"
                             (nzOnConfirm)="onDeleteExptDataClick(experiment)">
                           <ng-container i18n="@@ff.expt.remove-data">Remove data</ng-container>
                         </li>
@@ -78,7 +77,6 @@ <h2>
                             nzPopconfirmTitle="This would remove the experiment and all data, it cannot be reverted, are you sure to remove it?"
                             nzPopconfirmPlacement="bottomRight"
                             [nzPopconfirmOverlayStyle]="{minWidth: '240px'}"
-                            style="width: 100%;display: flex;justify-content: center;"
                             (nzOnConfirm)="onDeleteExptClick(experiment)">
                           <ng-container i18n="@@ff.expt.remove-experiment">Remove experiment</ng-container>
                         </li>
diff --git a/modules/front-end/src/app/features/safe/feature-flags/details/experimentation/experimentation.component.less b/modules/front-end/src/app/features/safe/feature-flags/details/experimentation/experimentation.component.less
index 5bf414121..83d81a4fe 100644
--- a/modules/front-end/src/app/features/safe/feature-flags/details/experimentation/experimentation.component.less
+++ b/modules/front-end/src/app/features/safe/feature-flags/details/experimentation/experimentation.component.less
@@ -111,7 +111,7 @@
                     display: flex;
 
                     .warning-icon {
-                      color: #ff912b;
+                      color: @yellow5-color;
                     }
                     .warning-content {
                       padding-left: 5px;
diff --git a/modules/front-end/src/app/features/safe/feature-flags/details/setting/setting.component.less b/modules/front-end/src/app/features/safe/feature-flags/details/setting/setting.component.less
index 49042c946..e7996626d 100644
--- a/modules/front-end/src/app/features/safe/feature-flags/details/setting/setting.component.less
+++ b/modules/front-end/src/app/features/safe/feature-flags/details/setting/setting.component.less
@@ -362,14 +362,14 @@
     font-weight: 500;
     padding: 10px;
     border: 1px solid #d2d2d2;
-    border-left: 3px solid #ff912b;
+    border-left: 3px solid @yellow5-color;
     border-radius: 10px;
 
     .warning {
       display: flex;
 
       .warning-icon {
-        color: #ff912b;
+        color: @yellow5-color;
       }
       .warning-content {
         padding-left: 5px;
diff --git a/modules/front-end/src/app/features/safe/feature-flags/index/index.component.less b/modules/front-end/src/app/features/safe/feature-flags/index/index.component.less
index 8d595eae6..92ee3c71d 100644
--- a/modules/front-end/src/app/features/safe/feature-flags/index/index.component.less
+++ b/modules/front-end/src/app/features/safe/feature-flags/index/index.component.less
@@ -35,7 +35,7 @@ section.body-container {
   }
 
   .copy-icon {
-    margin-right: 4px;
+    margin-left: 0px;
 
     &:hover {
       cursor: pointer;
diff --git a/modules/front-end/src/app/features/safe/integrations/access-tokens/index/index.component.html b/modules/front-end/src/app/features/safe/integrations/access-tokens/index/index.component.html
index f728ef06f..ba877cbee 100644
--- a/modules/front-end/src/app/features/safe/integrations/access-tokens/index/index.component.html
+++ b/modules/front-end/src/app/features/safe/integrations/access-tokens/index/index.component.html
@@ -56,9 +56,10 @@
       <tr>
         <th nzWidth="20%" i18n="@@common.name">Name</th>
         <th nzWidth="10%" i18n="@@common.type">Type</th>
-        <th nzWidth="15%" i18n="@@common.creator">Creator</th>
+        <th nzWidth="15%" i18n="@@common.created-by">Created by</th>
         <th nzWidth="10%" i18n="@@common.status">Status</th>
         <th nzWidth="20%" i18n="@@common.last-used">Last used</th>
+        <th nzWidth="20%" i18n="@@common.access-token">Access token</th>
         <th i18n="@@common.actions">Actions</th>
       </tr>
       </thead>
@@ -82,33 +83,47 @@
           {{ item.status | accessTokenStatus }}
         </td>
         <td>{{ item.lastUsedAt | date: 'YYYY-MM-dd HH:mm'}}</td>
-        <td>
+        <td>{{ item.token }}</td>
+        <td style="text-align: center">
           <ng-container *ngIf="(item.type === AccessTokenTypePersonal && canTakeActionOnPersonalAccessToken) || (item.type === AccessTokenTypeService && canTakeActionOnServiceAccessToken)">
-            <a (click)="creatOrEdit(item)" class="primary-link-btn" i18n="@@common.edit">Edit</a>
-
-            <ng-container *ngIf="item.status === AccessTokenStatusInactive">
-              <nz-divider nzType="vertical"></nz-divider>
-              <a (click)="toggleStatus(item)" class="primary-link-btn" i18n="@@common.activate">Activate</a>
-            </ng-container>
-
-            <ng-container *ngIf="item.status === AccessTokenStatusActive">
-              <nz-divider nzType="vertical"></nz-divider>
-              <a (click)="toggleStatus(item)" style="color: #717D8A" i18n="@@common.Deactivate">Deactivate</a>
-            </ng-container>
-
-            <nz-divider nzType="vertical"></nz-divider>
-            <a style="color: #717D8A" i18n-nz-popconfirm="@@common.remove-confirm"  nz-popconfirm="This operation cannot be reverted, are you sure to remove it?"
-               nzPopconfirmPlacement="bottomRight"
-               [nzPopconfirmOverlayStyle]="{minWidth: '240px'}"
-               (nzOnConfirm)="delete(item)" [nzIcon]="iconTplIamUser">
-              <ng-container i18n="@@common.remove">Remove</ng-container>
-            </a>
+            <i class="options" nzPlacement="bottomCenter" nz-icon style="cursor: pointer;font-size: 25px; font-weight: bold;" nzType="ellipsis" nzTheme="outline" nz-dropdown [nzDropdownMenu]="options" [nzClickHide]="false"></i>
           </ng-container>
+          <nz-dropdown-menu #options="nzDropdownMenu">
+            <ul nz-menu nzSelectable style="min-width: 120px;">
+              <li nz-menu-item (click)="creatOrEdit(item)">
+                <ng-container i18n="@@common.edit">Edit</ng-container>
+              </li>
+              <li nz-menu-item (click)="toggleStatus(item)" *ngIf="item.status === AccessTokenStatusInactive">
+                <ng-container i18n="@@common.activate">Activate</ng-container>
+              </li>
+              <li nz-menu-item
+                  nz-popconfirm
+                  i18n-nzPopconfirmTitle="@@integrations.access-tokens.deactivate-access-token-confirm"
+                  nzPopconfirmTitle="Deactivate this access token? You can't use an inactive access token to make API calls but you can activate it again later."
+                  nzPopconfirmPlacement="bottomRight"
+                  [nzPopconfirmOverlayStyle]="{minWidth: '240px'}"
+                  (nzOnConfirm)="toggleStatus(item)"
+                  [nzIcon]="iconTplAccessToken">
+                <ng-container i18n="@@common.Deactivate">Deactivate</ng-container>
+              </li>
+              <li nz-menu-item
+                  *ngIf="item.status === AccessTokenStatusActive"
+                  nz-popconfirm
+                  i18n-nzPopconfirmTitle="@@integrations.access-tokens.deactivate-access-token-confirm"
+                  nzPopconfirmTitle="Deactivate this access token? You can't use an inactive access token to make API calls but you can activate it again later."
+                  nzPopconfirmPlacement="bottomRight"
+                  [nzPopconfirmOverlayStyle]="{minWidth: '240px'}"
+                  (nzOnConfirm)="delete(item)"
+                  [nzIcon]="iconTplAccessToken">
+                <ng-container i18n="@@common.remove">Remove</ng-container>
+              </li>
+            </ul>
+          </nz-dropdown-menu>
         </td>
       </tr>
       </tbody>
     </nz-table>
-    <ng-template #iconTplIamUser>
+    <ng-template #iconTplAccessToken>
       <i nz-icon nzType="question-circle" nzTheme="fill" style="color: #FAAD14;"></i>
     </ng-template>
   </div>
diff --git a/modules/front-end/src/app/features/safe/integrations/access-tokens/index/index.component.ts b/modules/front-end/src/app/features/safe/integrations/access-tokens/index/index.component.ts
index c2fde6ca6..2ee9a321e 100644
--- a/modules/front-end/src/app/features/safe/integrations/access-tokens/index/index.component.ts
+++ b/modules/front-end/src/app/features/safe/integrations/access-tokens/index/index.component.ts
@@ -1,11 +1,8 @@
 import { Component, OnInit } from '@angular/core';
-import { copyToClipboard, encodeURIComponentFfc } from '@utils/index';
 import { BehaviorSubject, Subject } from 'rxjs';
 import { debounceTime } from 'rxjs/operators';
 import { Router } from "@angular/router";
 import { NzMessageService } from "ng-zorro-antd/message";
-import { IPagedPolicy, IPolicy, PolicyFilter, policyRn } from "@features/safe/iam/types/policy";
-import { PolicyService } from "@services/policy.service";
 import {
   AccessTokenFilter, AccessTokenStatusEnum, AccessTokenTypeEnum,
   IAccessToken,
@@ -94,6 +91,7 @@ export class IndexComponent implements OnInit {
     this.accessTokenService.getList(this.filter).subscribe({
       next: (accessTokens) => {
         this.accessTokens = accessTokens;
+
         this.isLoading = false;
       },
       error:() => this.isLoading = false
diff --git a/modules/front-end/src/app/features/safe/integrations/access-tokens/types/access-token.ts b/modules/front-end/src/app/features/safe/integrations/access-tokens/types/access-token.ts
index bf1e89c7a..bcfba7446 100644
--- a/modules/front-end/src/app/features/safe/integrations/access-tokens/types/access-token.ts
+++ b/modules/front-end/src/app/features/safe/integrations/access-tokens/types/access-token.ts
@@ -6,6 +6,7 @@ export interface IAccessToken {
   type: string;
   creator?: IMember;
   status?: string;
+  token?: string;
   name: string;
   policies?: IPolicy[],
   lastUsedAt?: string
diff --git a/modules/front-end/src/app/features/safe/segments/index/index.component.less b/modules/front-end/src/app/features/safe/segments/index/index.component.less
index 9009d83cc..263f71898 100644
--- a/modules/front-end/src/app/features/safe/segments/index/index.component.less
+++ b/modules/front-end/src/app/features/safe/segments/index/index.component.less
@@ -12,14 +12,14 @@ section.body-container {
   padding: 10px;
   border: 1px solid #d2d2d2;
   margin: 15px 0;
-  border-left: 3px solid #ff912b;
+  border-left: 3px solid @yellow5-color;
   border-radius: 10px;
 
   .warning {
     display: flex;
 
     .warning-icon {
-      color: #ff912b;
+      color: @yellow5-color;
     }
 
     .warning-content {
diff --git a/modules/front-end/src/locale/messages.xlf b/modules/front-end/src/locale/messages.xlf
index 034b5b882..a37a40ac2 100644
--- a/modules/front-end/src/locale/messages.xlf
+++ b/modules/front-end/src/locale/messages.xlf
@@ -322,7 +322,7 @@
         </context-group>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/features/safe/feature-flags/details/experimentation/experimentation.component.html</context>
-          <context context-type="linenumber">138</context>
+          <context context-type="linenumber">136</context>
         </context-group>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/features/safe/feature-flags/details/insights/insights.component.html</context>
@@ -353,7 +353,7 @@
         </context-group>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/core/components/access-token-drawer/access-token-drawer.component.ts</context>
-          <context context-type="linenumber">258</context>
+          <context context-type="linenumber">267</context>
         </context-group>
       </trans-unit>
       <trans-unit id="common.save" datatype="html">
@@ -435,11 +435,32 @@
           <context context-type="linenumber">104</context>
         </context-group>
       </trans-unit>
+      <trans-unit id="integrations.access-tokens.access-token-created" datatype="html">
+        <source>Access token created</source>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/core/components/access-token-drawer/access-token-drawer.component.html</context>
+          <context context-type="linenumber">100</context>
+        </context-group>
+      </trans-unit>
+      <trans-unit id="integrations.access-token.copy-token-warning" datatype="html">
+        <source>Copy and save this token now, the token value will be masked once you leave the page.</source>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/core/components/access-token-drawer/access-token-drawer.component.html</context>
+          <context context-type="linenumber">108</context>
+        </context-group>
+      </trans-unit>
+      <trans-unit id="common.ok" datatype="html">
+        <source>OK</source>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/core/components/access-token-drawer/access-token-drawer.component.html</context>
+          <context context-type="linenumber">123</context>
+        </context-group>
+      </trans-unit>
       <trans-unit id="permissions.need-permissions-to-operate" datatype="html">
         <source>You don&apos;t have permissions to take this action, please contact the admin to grant you the necessary permissions</source>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/core/components/access-token-drawer/access-token-drawer.component.ts</context>
-          <context context-type="linenumber">227</context>
+          <context context-type="linenumber">234</context>
         </context-group>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/core/services/permissions.service.ts</context>
@@ -450,11 +471,11 @@
         <source>Operation succeeded</source>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/core/components/access-token-drawer/access-token-drawer.component.ts</context>
-          <context context-type="linenumber">237</context>
+          <context context-type="linenumber">243</context>
         </context-group>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/core/components/access-token-drawer/access-token-drawer.component.ts</context>
-          <context context-type="linenumber">252</context>
+          <context context-type="linenumber">258</context>
         </context-group>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/core/components/expt-rules-drawer/expt-rules-drawer.component.ts</context>
@@ -498,19 +519,19 @@
         </context-group>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/features/safe/feature-flags/components/flag-triggers/flag-triggers.component.ts</context>
-          <context context-type="linenumber">59</context>
+          <context context-type="linenumber">60</context>
         </context-group>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/features/safe/feature-flags/components/flag-triggers/flag-triggers.component.ts</context>
-          <context context-type="linenumber">77</context>
+          <context context-type="linenumber">78</context>
         </context-group>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/features/safe/feature-flags/components/flag-triggers/flag-triggers.component.ts</context>
-          <context context-type="linenumber">86</context>
+          <context context-type="linenumber">87</context>
         </context-group>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/features/safe/feature-flags/components/flag-triggers/flag-triggers.component.ts</context>
-          <context context-type="linenumber">97</context>
+          <context context-type="linenumber">98</context>
         </context-group>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/features/safe/feature-flags/details/setting/setting.component.ts</context>
@@ -634,11 +655,11 @@
         </context-group>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/features/safe/integrations/access-tokens/index/index.component.ts</context>
-          <context context-type="linenumber">145</context>
+          <context context-type="linenumber">143</context>
         </context-group>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/features/safe/integrations/access-tokens/index/index.component.ts</context>
-          <context context-type="linenumber">156</context>
+          <context context-type="linenumber">154</context>
         </context-group>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/features/safe/segments/details/setting/setting.component.ts</context>
@@ -665,7 +686,7 @@
         <source>Operation failed, please try again</source>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/core/components/access-token-drawer/access-token-drawer.component.ts</context>
-          <context context-type="linenumber">240</context>
+          <context context-type="linenumber">246</context>
         </context-group>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/core/components/metric-drawer/metric-drawer.component.ts</context>
@@ -728,6 +749,69 @@
           <context context-type="linenumber">79</context>
         </context-group>
       </trans-unit>
+      <trans-unit id="common.copy-success" datatype="html">
+        <source>Copied</source>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/core/components/access-token-drawer/access-token-drawer.component.ts</context>
+          <context context-type="linenumber">277</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/core/components/header/header.component.ts</context>
+          <context context-type="linenumber">151</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/core/components/user-segments-flags-drawer/user-segments-flags-drawer.component.ts</context>
+          <context context-type="linenumber">60</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/features/safe/feature-flags/components/flag-triggers/flag-triggers.component.ts</context>
+          <context context-type="linenumber">110</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/features/safe/feature-flags/details/setting/setting.component.ts</context>
+          <context context-type="linenumber">42</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/features/safe/feature-flags/index/index.component.ts</context>
+          <context context-type="linenumber">204</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/features/safe/feature-flags/index/index.component.ts</context>
+          <context context-type="linenumber">373</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/features/safe/iam/components/policy-editor/policy-editor.component.ts</context>
+          <context context-type="linenumber">140</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/features/safe/iam/groups/details/setting/setting.component.ts</context>
+          <context context-type="linenumber">80</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/features/safe/iam/groups/index/index.component.ts</context>
+          <context context-type="linenumber">78</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/features/safe/iam/policies/details/setting/setting.component.ts</context>
+          <context context-type="linenumber">80</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/features/safe/iam/policies/index/index.component.ts</context>
+          <context context-type="linenumber">88</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/features/safe/iam/team/details/setting/setting.component.ts</context>
+          <context context-type="linenumber">58</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/features/safe/iam/team/index/index.component.ts</context>
+          <context context-type="linenumber">92</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/features/safe/organizations/project/project.component.ts</context>
+          <context context-type="linenumber">181</context>
+        </context-group>
+      </trans-unit>
       <trans-unit id="auditlogs.operation-create" datatype="html">
         <source>created</source>
         <context-group purpose="location">
@@ -958,7 +1042,7 @@
         </context-group>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/features/safe/feature-flags/details/experimentation/experimentation.component.html</context>
-          <context context-type="linenumber">160</context>
+          <context context-type="linenumber">158</context>
         </context-group>
       </trans-unit>
       <trans-unit id="common.number-of-changes-to-submit" datatype="html">
@@ -1150,23 +1234,23 @@
         </context-group>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/features/safe/feature-flags/components/flag-triggers/flag-triggers.component.ts</context>
-          <context context-type="linenumber">36</context>
+          <context context-type="linenumber">37</context>
         </context-group>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/features/safe/feature-flags/components/flag-triggers/flag-triggers.component.ts</context>
-          <context context-type="linenumber">64</context>
+          <context context-type="linenumber">65</context>
         </context-group>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/features/safe/feature-flags/components/flag-triggers/flag-triggers.component.ts</context>
-          <context context-type="linenumber">79</context>
+          <context context-type="linenumber">80</context>
         </context-group>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/features/safe/feature-flags/components/flag-triggers/flag-triggers.component.ts</context>
-          <context context-type="linenumber">88</context>
+          <context context-type="linenumber">89</context>
         </context-group>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/features/safe/feature-flags/components/flag-triggers/flag-triggers.component.ts</context>
-          <context context-type="linenumber">99</context>
+          <context context-type="linenumber">100</context>
         </context-group>
       </trans-unit>
       <trans-unit id="expt-drawer.configure-data-sent-to-expt" datatype="html">
@@ -1417,11 +1501,11 @@
         </context-group>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/features/safe/integrations/access-tokens/index/index.component.ts</context>
-          <context context-type="linenumber">149</context>
+          <context context-type="linenumber">147</context>
         </context-group>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/features/safe/integrations/access-tokens/index/index.component.ts</context>
-          <context context-type="linenumber">159</context>
+          <context context-type="linenumber">157</context>
         </context-group>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/features/safe/segments/details/targeting/targeting.component.ts</context>
@@ -1950,61 +2034,6 @@
           <context context-type="linenumber">53</context>
         </context-group>
       </trans-unit>
-      <trans-unit id="common.copy-success" datatype="html">
-        <source>Copied</source>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/core/components/header/header.component.ts</context>
-          <context context-type="linenumber">151</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/core/components/user-segments-flags-drawer/user-segments-flags-drawer.component.ts</context>
-          <context context-type="linenumber">60</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/feature-flags/details/setting/setting.component.ts</context>
-          <context context-type="linenumber">42</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/feature-flags/index/index.component.ts</context>
-          <context context-type="linenumber">204</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/feature-flags/index/index.component.ts</context>
-          <context context-type="linenumber">373</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/iam/components/policy-editor/policy-editor.component.ts</context>
-          <context context-type="linenumber">140</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/iam/groups/details/setting/setting.component.ts</context>
-          <context context-type="linenumber">80</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/iam/groups/index/index.component.ts</context>
-          <context context-type="linenumber">78</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/iam/policies/details/setting/setting.component.ts</context>
-          <context context-type="linenumber">80</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/iam/policies/index/index.component.ts</context>
-          <context context-type="linenumber">88</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/iam/team/details/setting/setting.component.ts</context>
-          <context context-type="linenumber">58</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/iam/team/index/index.component.ts</context>
-          <context context-type="linenumber">92</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/organizations/project/project.component.ts</context>
-          <context context-type="linenumber">181</context>
-        </context-group>
-      </trans-unit>
       <trans-unit id="iam.team.member-drawer.title" datatype="html">
         <source>Add team member</source>
         <context-group purpose="location">
@@ -2182,7 +2211,7 @@
         </context-group>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/features/safe/feature-flags/details/experimentation/experimentation.component.html</context>
-          <context context-type="linenumber">153</context>
+          <context context-type="linenumber">151</context>
         </context-group>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/features/safe/feature-flags/details/experimentation/experimentation.component.ts</context>
@@ -2550,7 +2579,7 @@
         </context-group>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/features/safe/integrations/access-tokens/index/index.component.html</context>
-          <context context-type="linenumber">62</context>
+          <context context-type="linenumber">63</context>
         </context-group>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/features/safe/segments/index/index.component.html</context>
@@ -2629,10 +2658,6 @@
           <context context-type="sourcefile">src/app/features/safe/iam/team/index/index.component.html</context>
           <context context-type="linenumber">68</context>
         </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/integrations/access-tokens/index/index.component.html</context>
-          <context context-type="linenumber">100</context>
-        </context-group>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/features/safe/organizations/project/project.component.html</context>
           <context context-type="linenumber">72</context>
@@ -2718,7 +2743,7 @@
         </context-group>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/features/safe/integrations/access-tokens/index/index.component.html</context>
-          <context context-type="linenumber">104</context>
+          <context context-type="linenumber">118</context>
         </context-group>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/features/safe/organizations/project/project.component.html</context>
@@ -2943,7 +2968,7 @@
         </context-group>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/features/safe/feature-flags/details/experimentation/experimentation.component.html</context>
-          <context context-type="linenumber">150</context>
+          <context context-type="linenumber">148</context>
         </context-group>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/features/safe/feature-flags/details/insights/insights.component.html</context>
@@ -3540,7 +3565,7 @@
         </context-group>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/features/safe/integrations/access-tokens/index/index.component.html</context>
-          <context context-type="linenumber">87</context>
+          <context context-type="linenumber">94</context>
         </context-group>
       </trans-unit>
       <trans-unit id="common.loading-failed-try-again" datatype="html">
@@ -3918,91 +3943,91 @@
         <source>Remove data</source>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/features/safe/feature-flags/details/experimentation/experimentation.component.html</context>
-          <context context-type="linenumber">73</context>
+          <context context-type="linenumber">72</context>
         </context-group>
       </trans-unit>
       <trans-unit id="ff.expt.remove-expt-and-data-confirm" datatype="html">
         <source>This would remove the experiment and all data, it cannot be reverted, are you sure to remove it?</source>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/features/safe/feature-flags/details/experimentation/experimentation.component.html</context>
-          <context context-type="linenumber">78</context>
+          <context context-type="linenumber">77</context>
         </context-group>
       </trans-unit>
       <trans-unit id="ff.expt.remove-experiment" datatype="html">
         <source>Remove experiment</source>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/features/safe/feature-flags/details/experimentation/experimentation.component.html</context>
-          <context context-type="linenumber">83</context>
+          <context context-type="linenumber">81</context>
         </context-group>
       </trans-unit>
       <trans-unit id="ff.expt.restart-experiment" datatype="html">
         <source>Restart</source>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/features/safe/feature-flags/details/experimentation/experimentation.component.html</context>
-          <context context-type="linenumber">96</context>
+          <context context-type="linenumber">94</context>
         </context-group>
       </trans-unit>
       <trans-unit id="ff.expt.pause-experiment" datatype="html">
         <source>Pause</source>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/features/safe/feature-flags/details/experimentation/experimentation.component.html</context>
-          <context context-type="linenumber">100</context>
+          <context context-type="linenumber">98</context>
         </context-group>
       </trans-unit>
       <trans-unit id="ff.expt.period" datatype="html">
         <source>Period</source>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/features/safe/feature-flags/details/experimentation/experimentation.component.html</context>
-          <context context-type="linenumber">105</context>
+          <context context-type="linenumber">103</context>
         </context-group>
       </trans-unit>
       <trans-unit id="ff.expt.need-more-data-to-confirm-expt" datatype="html">
         <source>Need more data to confirm the results of the experiment</source>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/features/safe/feature-flags/details/experimentation/experimentation.component.html</context>
-          <context context-type="linenumber">119</context>
+          <context context-type="linenumber">117</context>
         </context-group>
       </trans-unit>
       <trans-unit id="ff.expt.result-not-significant" datatype="html">
         <source>The difference is not significant compared to the baseline</source>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/features/safe/feature-flags/details/experimentation/experimentation.component.html</context>
-          <context context-type="linenumber">123</context>
+          <context context-type="linenumber">121</context>
         </context-group>
       </trans-unit>
       <trans-unit id="ff.expt.winner" datatype="html">
         <source>Winner</source>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/features/safe/feature-flags/details/experimentation/experimentation.component.html</context>
-          <context context-type="linenumber">127</context>
+          <context context-type="linenumber">125</context>
         </context-group>
       </trans-unit>
       <trans-unit id="ff.expt.start" datatype="html">
         <source>Start</source>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/features/safe/feature-flags/details/experimentation/experimentation.component.html</context>
-          <context context-type="linenumber">135</context>
+          <context context-type="linenumber">133</context>
         </context-group>
       </trans-unit>
       <trans-unit id="common.conversion-num-user" datatype="html">
         <source>Conversion / Users</source>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/features/safe/feature-flags/details/experimentation/experimentation.component.html</context>
-          <context context-type="linenumber">152</context>
+          <context context-type="linenumber">150</context>
         </context-group>
       </trans-unit>
       <trans-unit id="common.totoal-events" datatype="html">
         <source>Total events</source>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/features/safe/feature-flags/details/experimentation/experimentation.component.html</context>
-          <context context-type="linenumber">156</context>
+          <context context-type="linenumber">154</context>
         </context-group>
       </trans-unit>
       <trans-unit id="common.average" datatype="html">
         <source>Average</source>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/features/safe/feature-flags/details/experimentation/experimentation.component.html</context>
-          <context context-type="linenumber">157</context>
+          <context context-type="linenumber">155</context>
         </context-group>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/features/safe/feature-flags/details/experimentation/experimentation.component.ts</context>
@@ -4017,67 +4042,67 @@
         <source>Confidence interval</source>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/features/safe/feature-flags/details/experimentation/experimentation.component.html</context>
-          <context context-type="linenumber">159</context>
+          <context context-type="linenumber">157</context>
         </context-group>
       </trans-unit>
       <trans-unit id="ff.expt.p-value" datatype="html">
         <source>P-Value</source>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/features/safe/feature-flags/details/experimentation/experimentation.component.html</context>
-          <context context-type="linenumber">162</context>
+          <context context-type="linenumber">160</context>
         </context-group>
       </trans-unit>
       <trans-unit id="ff.expt.p-significant-if-less-than-alpha" datatype="html">
         <source>The result is significant if P value is less than α(0.05)</source>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/features/safe/feature-flags/details/experimentation/experimentation.component.html</context>
-          <context context-type="linenumber">166</context>
+          <context context-type="linenumber">164</context>
         </context-group>
       </trans-unit>
       <trans-unit id="ff.expt.no-expt-data" datatype="html">
         <source>Data is not available yet</source>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/features/safe/feature-flags/details/experimentation/experimentation.component.html</context>
-          <context context-type="linenumber">179</context>
+          <context context-type="linenumber">177</context>
         </context-group>
       </trans-unit>
       <trans-unit id="common.baseline" datatype="html">
         <source>Baseline</source>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/features/safe/feature-flags/details/experimentation/experimentation.component.html</context>
-          <context context-type="linenumber">187</context>
+          <context context-type="linenumber">185</context>
         </context-group>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/features/safe/feature-flags/details/experimentation/experimentation.component.html</context>
-          <context context-type="linenumber">217</context>
+          <context context-type="linenumber">215</context>
         </context-group>
       </trans-unit>
       <trans-unit id="common.winner" datatype="html">
         <source>Winner</source>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/features/safe/feature-flags/details/experimentation/experimentation.component.html</context>
-          <context context-type="linenumber">195</context>
+          <context context-type="linenumber">193</context>
         </context-group>
       </trans-unit>
       <trans-unit id="ff.expt.not-significant-compared-to-baseline" datatype="html">
         <source>It&apos;s not significant compared to baseline</source>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/features/safe/feature-flags/details/experimentation/experimentation.component.html</context>
-          <context context-type="linenumber">198</context>
+          <context context-type="linenumber">196</context>
         </context-group>
       </trans-unit>
       <trans-unit id="ff.expt.hide-chart" datatype="html">
         <source>Hide chart</source>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/features/safe/feature-flags/details/experimentation/experimentation.component.html</context>
-          <context context-type="linenumber">273</context>
+          <context context-type="linenumber">271</context>
         </context-group>
       </trans-unit>
       <trans-unit id="ff.expt.show-chart" datatype="html">
         <source>Show chart</source>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/features/safe/feature-flags/details/experimentation/experimentation.component.html</context>
-          <context context-type="linenumber">274</context>
+          <context context-type="linenumber">272</context>
         </context-group>
       </trans-unit>
       <trans-unit id="common.time" datatype="html">
@@ -5626,8 +5651,8 @@
           <context context-type="linenumber">31</context>
         </context-group>
       </trans-unit>
-      <trans-unit id="common.creator" datatype="html">
-        <source>Creator</source>
+      <trans-unit id="common.created-by" datatype="html">
+        <source>Created by</source>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/features/safe/integrations/access-tokens/index/index.component.html</context>
           <context context-type="linenumber">59</context>
@@ -5640,18 +5665,36 @@
           <context context-type="linenumber">61</context>
         </context-group>
       </trans-unit>
+      <trans-unit id="common.access-token" datatype="html">
+        <source>Access token</source>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/features/safe/integrations/access-tokens/index/index.component.html</context>
+          <context context-type="linenumber">62</context>
+        </context-group>
+      </trans-unit>
       <trans-unit id="common.activate" datatype="html">
         <source>Activate</source>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/features/safe/integrations/access-tokens/index/index.component.html</context>
-          <context context-type="linenumber">91</context>
+          <context context-type="linenumber">97</context>
+        </context-group>
+      </trans-unit>
+      <trans-unit id="integrations.access-tokens.deactivate-access-token-confirm" datatype="html">
+        <source>Deactivate this access token? You can&apos;t use an inactive access token to make API calls but you can activate it again later.</source>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/features/safe/integrations/access-tokens/index/index.component.html</context>
+          <context context-type="linenumber">102</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/features/safe/integrations/access-tokens/index/index.component.html</context>
+          <context context-type="linenumber">113</context>
         </context-group>
       </trans-unit>
       <trans-unit id="common.Deactivate" datatype="html">
         <source>Deactivate</source>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/features/safe/integrations/access-tokens/index/index.component.html</context>
-          <context context-type="linenumber">96</context>
+          <context context-type="linenumber">107</context>
         </context-group>
       </trans-unit>
       <trans-unit id="integrations.routing.access-tokens" datatype="html">
diff --git a/modules/front-end/src/locale/messages.zh.xlf b/modules/front-end/src/locale/messages.zh.xlf
index 1e04534d9..b1d6263a3 100644
--- a/modules/front-end/src/locale/messages.zh.xlf
+++ b/modules/front-end/src/locale/messages.zh.xlf
@@ -329,7 +329,7 @@
         </context-group>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/features/safe/feature-flags/details/experimentation/experimentation.component.html</context>
-          <context context-type="linenumber">138</context>
+          <context context-type="linenumber">136</context>
         </context-group>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/features/safe/feature-flags/details/insights/insights.component.html</context>
@@ -361,7 +361,7 @@
         </context-group>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/core/components/access-token-drawer/access-token-drawer.component.ts</context>
-          <context context-type="linenumber">258</context>
+          <context context-type="linenumber">267</context>
         </context-group>
         <target>策略不能为空</target>
       </trans-unit>
@@ -445,11 +445,35 @@
         </context-group>
         <target>保存</target>
       </trans-unit>
+      <trans-unit id="integrations.access-tokens.access-token-created" datatype="html">
+        <source>Access token created</source>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/core/components/access-token-drawer/access-token-drawer.component.html</context>
+          <context context-type="linenumber">100</context>
+        </context-group>
+        <target>成功创建访问秘钥</target>
+      </trans-unit>
+      <trans-unit id="integrations.access-token.copy-token-warning" datatype="html">
+        <source>Copy and save this token now, the token value will be masked once you leave the page.</source>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/core/components/access-token-drawer/access-token-drawer.component.html</context>
+          <context context-type="linenumber">108</context>
+        </context-group>
+        <target>请复制并保存 Token，一旦离开该页面后，该 Token 将会被隐藏。</target>
+      </trans-unit>
+      <trans-unit id="common.ok" datatype="html">
+        <source>OK</source>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/core/components/access-token-drawer/access-token-drawer.component.html</context>
+          <context context-type="linenumber">123</context>
+        </context-group>
+        <target>OK</target>
+      </trans-unit>
       <trans-unit id="permissions.need-permissions-to-operate" datatype="html">
         <source>You don&apos;t have permissions to take this action, please contact the admin to grant you the necessary permissions</source>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/core/components/access-token-drawer/access-token-drawer.component.ts</context>
-          <context context-type="linenumber">227</context>
+          <context context-type="linenumber">234</context>
         </context-group>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/core/services/permissions.service.ts</context>
@@ -461,11 +485,11 @@
         <source>Operation succeeded</source>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/core/components/access-token-drawer/access-token-drawer.component.ts</context>
-          <context context-type="linenumber">237</context>
+          <context context-type="linenumber">243</context>
         </context-group>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/core/components/access-token-drawer/access-token-drawer.component.ts</context>
-          <context context-type="linenumber">252</context>
+          <context context-type="linenumber">258</context>
         </context-group>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/core/components/expt-rules-drawer/expt-rules-drawer.component.ts</context>
@@ -509,19 +533,19 @@
         </context-group>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/features/safe/feature-flags/components/flag-triggers/flag-triggers.component.ts</context>
-          <context context-type="linenumber">59</context>
+          <context context-type="linenumber">60</context>
         </context-group>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/features/safe/feature-flags/components/flag-triggers/flag-triggers.component.ts</context>
-          <context context-type="linenumber">77</context>
+          <context context-type="linenumber">78</context>
         </context-group>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/features/safe/feature-flags/components/flag-triggers/flag-triggers.component.ts</context>
-          <context context-type="linenumber">86</context>
+          <context context-type="linenumber">87</context>
         </context-group>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/features/safe/feature-flags/components/flag-triggers/flag-triggers.component.ts</context>
-          <context context-type="linenumber">97</context>
+          <context context-type="linenumber">98</context>
         </context-group>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/features/safe/feature-flags/details/setting/setting.component.ts</context>
@@ -645,11 +669,11 @@
         </context-group>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/features/safe/integrations/access-tokens/index/index.component.ts</context>
-          <context context-type="linenumber">145</context>
+          <context context-type="linenumber">143</context>
         </context-group>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/features/safe/integrations/access-tokens/index/index.component.ts</context>
-          <context context-type="linenumber">156</context>
+          <context context-type="linenumber">154</context>
         </context-group>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/features/safe/segments/details/setting/setting.component.ts</context>
@@ -677,7 +701,7 @@
         <source>Operation failed, please try again</source>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/core/components/access-token-drawer/access-token-drawer.component.ts</context>
-          <context context-type="linenumber">240</context>
+          <context context-type="linenumber">246</context>
         </context-group>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/core/components/metric-drawer/metric-drawer.component.ts</context>
@@ -741,6 +765,70 @@
         </context-group>
         <target>操作失败，请重试</target>
       </trans-unit>
+      <trans-unit id="common.copy-success" datatype="html">
+        <source>Copied</source>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/core/components/access-token-drawer/access-token-drawer.component.ts</context>
+          <context context-type="linenumber">277</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/core/components/header/header.component.ts</context>
+          <context context-type="linenumber">151</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/core/components/user-segments-flags-drawer/user-segments-flags-drawer.component.ts</context>
+          <context context-type="linenumber">60</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/features/safe/feature-flags/components/flag-triggers/flag-triggers.component.ts</context>
+          <context context-type="linenumber">110</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/features/safe/feature-flags/details/setting/setting.component.ts</context>
+          <context context-type="linenumber">42</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/features/safe/feature-flags/index/index.component.ts</context>
+          <context context-type="linenumber">204</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/features/safe/feature-flags/index/index.component.ts</context>
+          <context context-type="linenumber">373</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/features/safe/iam/components/policy-editor/policy-editor.component.ts</context>
+          <context context-type="linenumber">140</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/features/safe/iam/groups/details/setting/setting.component.ts</context>
+          <context context-type="linenumber">80</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/features/safe/iam/groups/index/index.component.ts</context>
+          <context context-type="linenumber">78</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/features/safe/iam/policies/details/setting/setting.component.ts</context>
+          <context context-type="linenumber">80</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/features/safe/iam/policies/index/index.component.ts</context>
+          <context context-type="linenumber">88</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/features/safe/iam/team/details/setting/setting.component.ts</context>
+          <context context-type="linenumber">58</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/features/safe/iam/team/index/index.component.ts</context>
+          <context context-type="linenumber">92</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/features/safe/organizations/project/project.component.ts</context>
+          <context context-type="linenumber">181</context>
+        </context-group>
+        <target>复制成功</target>
+      </trans-unit>
       <trans-unit id="auditlogs.operation-create" datatype="html">
         <source>created</source>
         <context-group purpose="location">
@@ -1001,7 +1089,7 @@
         </context-group>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/features/safe/feature-flags/details/experimentation/experimentation.component.html</context>
-          <context context-type="linenumber">160</context>
+          <context context-type="linenumber">158</context>
         </context-group>
         <target>变化</target>
       </trans-unit>
@@ -1209,23 +1297,23 @@
         </context-group>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/features/safe/feature-flags/components/flag-triggers/flag-triggers.component.ts</context>
-          <context context-type="linenumber">36</context>
+          <context context-type="linenumber">37</context>
         </context-group>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/features/safe/feature-flags/components/flag-triggers/flag-triggers.component.ts</context>
-          <context context-type="linenumber">64</context>
+          <context context-type="linenumber">65</context>
         </context-group>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/features/safe/feature-flags/components/flag-triggers/flag-triggers.component.ts</context>
-          <context context-type="linenumber">79</context>
+          <context context-type="linenumber">80</context>
         </context-group>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/features/safe/feature-flags/components/flag-triggers/flag-triggers.component.ts</context>
-          <context context-type="linenumber">88</context>
+          <context context-type="linenumber">89</context>
         </context-group>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/features/safe/feature-flags/components/flag-triggers/flag-triggers.component.ts</context>
-          <context context-type="linenumber">99</context>
+          <context context-type="linenumber">100</context>
         </context-group>
         <target>发生错误，请重试</target>
       </trans-unit>
@@ -1489,11 +1577,11 @@
         </context-group>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/features/safe/integrations/access-tokens/index/index.component.ts</context>
-          <context context-type="linenumber">149</context>
+          <context context-type="linenumber">147</context>
         </context-group>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/features/safe/integrations/access-tokens/index/index.component.ts</context>
-          <context context-type="linenumber">159</context>
+          <context context-type="linenumber">157</context>
         </context-group>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/features/safe/segments/details/targeting/targeting.component.ts</context>
@@ -2081,62 +2169,6 @@
         </context-group>
         <target>您没有查看项目环境列表的权限， 请联系账户管理员添加相关权限</target>
       </trans-unit>
-      <trans-unit id="common.copy-success" datatype="html">
-        <source>Copied</source>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/core/components/header/header.component.ts</context>
-          <context context-type="linenumber">151</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/core/components/user-segments-flags-drawer/user-segments-flags-drawer.component.ts</context>
-          <context context-type="linenumber">60</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/feature-flags/details/setting/setting.component.ts</context>
-          <context context-type="linenumber">42</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/feature-flags/index/index.component.ts</context>
-          <context context-type="linenumber">204</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/feature-flags/index/index.component.ts</context>
-          <context context-type="linenumber">373</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/iam/components/policy-editor/policy-editor.component.ts</context>
-          <context context-type="linenumber">140</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/iam/groups/details/setting/setting.component.ts</context>
-          <context context-type="linenumber">80</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/iam/groups/index/index.component.ts</context>
-          <context context-type="linenumber">78</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/iam/policies/details/setting/setting.component.ts</context>
-          <context context-type="linenumber">80</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/iam/policies/index/index.component.ts</context>
-          <context context-type="linenumber">88</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/iam/team/details/setting/setting.component.ts</context>
-          <context context-type="linenumber">58</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/iam/team/index/index.component.ts</context>
-          <context context-type="linenumber">92</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/organizations/project/project.component.ts</context>
-          <context context-type="linenumber">181</context>
-        </context-group>
-        <target>复制成功</target>
-      </trans-unit>
       <trans-unit id="iam.team.member-drawer.title" datatype="html">
         <source>Add team member</source>
         <context-group purpose="location">
@@ -2333,7 +2365,7 @@
         </context-group>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/features/safe/feature-flags/details/experimentation/experimentation.component.html</context>
-          <context context-type="linenumber">153</context>
+          <context context-type="linenumber">151</context>
         </context-group>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/features/safe/feature-flags/details/experimentation/experimentation.component.ts</context>
@@ -2729,7 +2761,7 @@
         </context-group>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/features/safe/integrations/access-tokens/index/index.component.html</context>
-          <context context-type="linenumber">62</context>
+          <context context-type="linenumber">63</context>
         </context-group>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/features/safe/segments/index/index.component.html</context>
@@ -2811,10 +2843,6 @@
           <context context-type="sourcefile">src/app/features/safe/iam/team/index/index.component.html</context>
           <context context-type="linenumber">68</context>
         </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/integrations/access-tokens/index/index.component.html</context>
-          <context context-type="linenumber">100</context>
-        </context-group>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/features/safe/organizations/project/project.component.html</context>
           <context context-type="linenumber">72</context>
@@ -2901,7 +2929,7 @@
         </context-group>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/features/safe/integrations/access-tokens/index/index.component.html</context>
-          <context context-type="linenumber">104</context>
+          <context context-type="linenumber">118</context>
         </context-group>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/features/safe/organizations/project/project.component.html</context>
@@ -3152,7 +3180,7 @@
         </context-group>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/features/safe/feature-flags/details/experimentation/experimentation.component.html</context>
-          <context context-type="linenumber">150</context>
+          <context context-type="linenumber">148</context>
         </context-group>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/features/safe/feature-flags/details/insights/insights.component.html</context>
@@ -3812,7 +3840,7 @@
         </context-group>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/features/safe/integrations/access-tokens/index/index.component.html</context>
-          <context context-type="linenumber">87</context>
+          <context context-type="linenumber">94</context>
         </context-group>
         <target>编辑</target>
       </trans-unit>
@@ -4233,7 +4261,7 @@
         <source>Remove data</source>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/features/safe/feature-flags/details/experimentation/experimentation.component.html</context>
-          <context context-type="linenumber">73</context>
+          <context context-type="linenumber">72</context>
         </context-group>
         <target>删除数据</target>
       </trans-unit>
@@ -4241,7 +4269,7 @@
         <source>This would remove the experiment and all data, it cannot be reverted, are you sure to remove it?</source>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/features/safe/feature-flags/details/experimentation/experimentation.component.html</context>
-          <context context-type="linenumber">78</context>
+          <context context-type="linenumber">77</context>
         </context-group>
         <target>确定删除吗? 将会删除该实验及其相关数据，删除后不可恢复。</target>
       </trans-unit>
@@ -4249,7 +4277,7 @@
         <source>Remove experiment</source>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/features/safe/feature-flags/details/experimentation/experimentation.component.html</context>
-          <context context-type="linenumber">83</context>
+          <context context-type="linenumber">81</context>
         </context-group>
         <target>删除实验</target>
       </trans-unit>
@@ -4257,7 +4285,7 @@
         <source>Restart</source>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/features/safe/feature-flags/details/experimentation/experimentation.component.html</context>
-          <context context-type="linenumber">96</context>
+          <context context-type="linenumber">94</context>
         </context-group>
         <target>重新开始</target>
       </trans-unit>
@@ -4265,7 +4293,7 @@
         <source>Pause</source>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/features/safe/feature-flags/details/experimentation/experimentation.component.html</context>
-          <context context-type="linenumber">100</context>
+          <context context-type="linenumber">98</context>
         </context-group>
         <target>暂停</target>
       </trans-unit>
@@ -4273,7 +4301,7 @@
         <source>Period</source>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/features/safe/feature-flags/details/experimentation/experimentation.component.html</context>
-          <context context-type="linenumber">105</context>
+          <context context-type="linenumber">103</context>
         </context-group>
         <target>时间区间</target>
       </trans-unit>
@@ -4281,7 +4309,7 @@
         <source>Need more data to confirm the results of the experiment</source>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/features/safe/feature-flags/details/experimentation/experimentation.component.html</context>
-          <context context-type="linenumber">119</context>
+          <context context-type="linenumber">117</context>
         </context-group>
         <target>需要更多的实验数据才能在统计学上确认表格中的结论</target>
       </trans-unit>
@@ -4289,7 +4317,7 @@
         <source>The difference is not significant compared to the baseline</source>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/features/safe/feature-flags/details/experimentation/experimentation.component.html</context>
-          <context context-type="linenumber">123</context>
+          <context context-type="linenumber">121</context>
         </context-group>
         <target>该特性相对于基准特性，统计学上差异效果不显著</target>
       </trans-unit>
@@ -4297,7 +4325,7 @@
         <source>Winner</source>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/features/safe/feature-flags/details/experimentation/experimentation.component.html</context>
-          <context context-type="linenumber">127</context>
+          <context context-type="linenumber">125</context>
         </context-group>
         <target>胜出</target>
       </trans-unit>
@@ -4305,7 +4333,7 @@
         <source>Start</source>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/features/safe/feature-flags/details/experimentation/experimentation.component.html</context>
-          <context context-type="linenumber">135</context>
+          <context context-type="linenumber">133</context>
         </context-group>
         <target>开始实验</target>
       </trans-unit>
@@ -4313,7 +4341,7 @@
         <source>Conversion / Users</source>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/features/safe/feature-flags/details/experimentation/experimentation.component.html</context>
-          <context context-type="linenumber">152</context>
+          <context context-type="linenumber">150</context>
         </context-group>
         <target>转化数 / 用户数</target>
       </trans-unit>
@@ -4321,7 +4349,7 @@
         <source>Total events</source>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/features/safe/feature-flags/details/experimentation/experimentation.component.html</context>
-          <context context-type="linenumber">156</context>
+          <context context-type="linenumber">154</context>
         </context-group>
         <target>总事件数</target>
       </trans-unit>
@@ -4329,7 +4357,7 @@
         <source>Average</source>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/features/safe/feature-flags/details/experimentation/experimentation.component.html</context>
-          <context context-type="linenumber">157</context>
+          <context context-type="linenumber">155</context>
         </context-group>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/features/safe/feature-flags/details/experimentation/experimentation.component.ts</context>
@@ -4345,7 +4373,7 @@
         <source>Confidence interval</source>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/features/safe/feature-flags/details/experimentation/experimentation.component.html</context>
-          <context context-type="linenumber">159</context>
+          <context context-type="linenumber">157</context>
         </context-group>
         <target>置信区间</target>
       </trans-unit>
@@ -4353,7 +4381,7 @@
         <source>P-Value</source>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/features/safe/feature-flags/details/experimentation/experimentation.component.html</context>
-          <context context-type="linenumber">162</context>
+          <context context-type="linenumber">160</context>
         </context-group>
         <target>P-值</target>
       </trans-unit>
@@ -4361,7 +4389,7 @@
         <source>The result is significant if P value is less than α(0.05)</source>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/features/safe/feature-flags/details/experimentation/experimentation.component.html</context>
-          <context context-type="linenumber">166</context>
+          <context context-type="linenumber">164</context>
         </context-group>
         <target>P值小于α(0.05)表示实验结果显著</target>
       </trans-unit>
@@ -4369,7 +4397,7 @@
         <source>Data is not available yet</source>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/features/safe/feature-flags/details/experimentation/experimentation.component.html</context>
-          <context context-type="linenumber">179</context>
+          <context context-type="linenumber">177</context>
         </context-group>
         <target>暂时没有实验数据</target>
       </trans-unit>
@@ -4377,11 +4405,11 @@
         <source>Baseline</source>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/features/safe/feature-flags/details/experimentation/experimentation.component.html</context>
-          <context context-type="linenumber">187</context>
+          <context context-type="linenumber">185</context>
         </context-group>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/features/safe/feature-flags/details/experimentation/experimentation.component.html</context>
-          <context context-type="linenumber">217</context>
+          <context context-type="linenumber">215</context>
         </context-group>
         <target>基准特性</target>
       </trans-unit>
@@ -4389,7 +4417,7 @@
         <source>Winner</source>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/features/safe/feature-flags/details/experimentation/experimentation.component.html</context>
-          <context context-type="linenumber">195</context>
+          <context context-type="linenumber">193</context>
         </context-group>
         <target>胜出</target>
       </trans-unit>
@@ -4397,7 +4425,7 @@
         <source>It&apos;s not significant compared to baseline</source>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/features/safe/feature-flags/details/experimentation/experimentation.component.html</context>
-          <context context-type="linenumber">198</context>
+          <context context-type="linenumber">196</context>
         </context-group>
         <target>该特性相对于基准特性，统计学上差异效果不显著</target>
       </trans-unit>
@@ -4405,7 +4433,7 @@
         <source>Hide chart</source>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/features/safe/feature-flags/details/experimentation/experimentation.component.html</context>
-          <context context-type="linenumber">273</context>
+          <context context-type="linenumber">271</context>
         </context-group>
         <target>收起图表</target>
       </trans-unit>
@@ -4413,7 +4441,7 @@
         <source>Show chart</source>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/features/safe/feature-flags/details/experimentation/experimentation.component.html</context>
-          <context context-type="linenumber">274</context>
+          <context context-type="linenumber">272</context>
         </context-group>
         <target>查看图表</target>
       </trans-unit>
@@ -6152,8 +6180,8 @@
         </context-group>
         <target>按类型查找</target>
       </trans-unit>
-      <trans-unit id="common.creator" datatype="html">
-        <source>Creator</source>
+      <trans-unit id="common.created-by" datatype="html">
+        <source>Created by</source>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/features/safe/integrations/access-tokens/index/index.component.html</context>
           <context context-type="linenumber">59</context>
@@ -6168,19 +6196,39 @@
         </context-group>
         <target>上一次使用</target>
       </trans-unit>
+      <trans-unit id="common.access-token" datatype="html">
+        <source>Access token</source>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/features/safe/integrations/access-tokens/index/index.component.html</context>
+          <context context-type="linenumber">62</context>
+        </context-group>
+        <target>访问秘钥</target>
+      </trans-unit>
       <trans-unit id="common.activate" datatype="html">
         <source>Activate</source>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/features/safe/integrations/access-tokens/index/index.component.html</context>
-          <context context-type="linenumber">91</context>
+          <context context-type="linenumber">97</context>
         </context-group>
         <target>激活</target>
       </trans-unit>
+      <trans-unit id="integrations.access-tokens.deactivate-access-token-confirm" datatype="html">
+        <source>Deactivate this access token? You can&apos;t use an inactive access token to make API calls but you can activate it again later.</source>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/features/safe/integrations/access-tokens/index/index.component.html</context>
+          <context context-type="linenumber">102</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/features/safe/integrations/access-tokens/index/index.component.html</context>
+          <context context-type="linenumber">113</context>
+        </context-group>
+        <target>停用访问密钥？您不能使用非活动密钥来进行 API 调用，但您可以在以后重新将其激活。</target>
+      </trans-unit>
       <trans-unit id="common.Deactivate" datatype="html">
         <source>Deactivate</source>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/features/safe/integrations/access-tokens/index/index.component.html</context>
-          <context context-type="linenumber">96</context>
+          <context context-type="linenumber">107</context>
         </context-group>
         <target>停用</target>
       </trans-unit>
diff --git a/modules/front-end/src/styles-common.less b/modules/front-end/src/styles-common.less
index ba551c4c2..ce6ed3641 100644
--- a/modules/front-end/src/styles-common.less
+++ b/modules/front-end/src/styles-common.less
@@ -1098,3 +1098,11 @@ app-root {
     border-radius: 30px;
   }
 }
+
+.copy-icon {
+  cursor: pointer;
+  margin: 0 4px;
+  &:hover {
+    color: @green60-color;
+  }
+}
diff --git a/modules/front-end/src/variables.less b/modules/front-end/src/variables.less
index 36529c079..c3057f029 100644
--- a/modules/front-end/src/variables.less
+++ b/modules/front-end/src/variables.less
@@ -31,6 +31,7 @@
 @red50-color: #FF513A;
 @red60-color: #ff4d4f;
 
+@yellow5-color: #ff912b;
 @yellow10-color: #FFF9CF;
 @yellow55-color: #faad14;
 

From ea917971282686eab9c2fc5c8da0d6ffa2635bf8 Mon Sep 17 00:00:00 2001
From: cosmos-explorer <lian.yang.work@gmail.com>
Date: Mon, 13 Mar 2023 11:25:44 +0100
Subject: [PATCH 21/44] refactor

---
 .../docker-entrypoint-initdb.d/init.js        |   8 +-
 .../project-drawer.component.ts               |   2 +-
 .../app/core/services/permissions.service.ts  |   2 +-
 .../src/app/core/services/resource.service.ts |   2 +-
 .../actions-selector.component.ts             |   2 +-
 .../policy-editor/policy-editor.component.ts  |   2 +-
 .../resources-selector.component.ts           |   3 +-
 .../project/project.component.ts              |   2 +-
 .../types.ts => shared/policy.ts}             | 130 +++++++++++++-----
 9 files changed, 106 insertions(+), 47 deletions(-)
 rename modules/front-end/src/app/{features/safe/iam/components/policy-editor/types.ts => shared/policy.ts} (62%)

diff --git a/infra/mongodb/docker-entrypoint-initdb.d/init.js b/infra/mongodb/docker-entrypoint-initdb.d/init.js
index 51008e60a..7cfc935d1 100644
--- a/infra/mongodb/docker-entrypoint-initdb.d/init.js
+++ b/infra/mongodb/docker-entrypoint-initdb.d/init.js
@@ -101,18 +101,12 @@ db.Policies.insertOne(
                 actions: ["CanManageIAM"],
                 resources: ["iam"]
             },
-            {
-                _id: getUUIDString(),
-                resourceType: "general",
-                effect: "allow",
-                actions: ["UpdateOrgName"],
-                resources: ["account"]
-            },
             {
                 _id: getUUIDString(),
                 resourceType: "general",
                 effect: "allow",
                 actions: [
+                    "UpdateOrgName",
                     "CreateServiceAccessTokens",
                     "CreatePersonalAccessTokens",
                     "ListAccessTokens"
diff --git a/modules/front-end/src/app/core/components/project-drawer/project-drawer.component.ts b/modules/front-end/src/app/core/components/project-drawer/project-drawer.component.ts
index b52620841..8ff69d746 100644
--- a/modules/front-end/src/app/core/components/project-drawer/project-drawer.component.ts
+++ b/modules/front-end/src/app/core/components/project-drawer/project-drawer.component.ts
@@ -5,7 +5,7 @@ import {IProject} from '@shared/types';
 import {ProjectService} from '@services/project.service';
 import {PermissionsService} from "@services/permissions.service";
 import {generalResourceRNPattern, permissionActions} from "@shared/permissions";
-import {ResourceTypeEnum} from "@features/safe/iam/components/policy-editor/types";
+import {ResourceTypeEnum} from "@shared/policy";
 
 @Component({
   selector: 'app-project-drawer',
diff --git a/modules/front-end/src/app/core/services/permissions.service.ts b/modules/front-end/src/app/core/services/permissions.service.ts
index 80720cd8e..3bd86ee47 100644
--- a/modules/front-end/src/app/core/services/permissions.service.ts
+++ b/modules/front-end/src/app/core/services/permissions.service.ts
@@ -2,7 +2,7 @@ import {Injectable} from "@angular/core";
 import {lastValueFrom} from "rxjs";
 import {IPolicy, IPolicyStatement} from "@features/safe/iam/types/policy";
 import {MemberService} from "@services/member.service";
-import {EffectEnum, ResourceTypeEnum} from "@features/safe/iam/components/policy-editor/types";
+import {EffectEnum, ResourceTypeEnum} from "@shared/policy";
 
 @Injectable({
   providedIn: 'root'
diff --git a/modules/front-end/src/app/core/services/resource.service.ts b/modules/front-end/src/app/core/services/resource.service.ts
index c3ecf6a5c..d055d81a0 100644
--- a/modules/front-end/src/app/core/services/resource.service.ts
+++ b/modules/front-end/src/app/core/services/resource.service.ts
@@ -1,7 +1,7 @@
 import { HttpClient } from "@angular/common/http";
 import { getCurrentOrganization } from "@utils/project-env";
 import { environment } from "src/environments/environment";
-import { Resource, ResourceTypeEnum } from "@features/safe/iam/components/policy-editor/types";
+import { Resource, ResourceTypeEnum } from "@shared/policy";
 import { Observable } from "rxjs";
 import { Injectable } from "@angular/core";
 
diff --git a/modules/front-end/src/app/features/safe/iam/components/policy-editor/actions-selector/actions-selector.component.ts b/modules/front-end/src/app/features/safe/iam/components/policy-editor/actions-selector/actions-selector.component.ts
index 7e8b1d6c4..023b6433d 100644
--- a/modules/front-end/src/app/features/safe/iam/components/policy-editor/actions-selector/actions-selector.component.ts
+++ b/modules/front-end/src/app/features/safe/iam/components/policy-editor/actions-selector/actions-selector.component.ts
@@ -1,6 +1,6 @@
 import {Component, EventEmitter, Input, Output, ViewChild} from "@angular/core";
 import {NzSelectComponent} from "ng-zorro-antd/select";
-import {IamPolicyAction} from "@features//safe/iam/components/policy-editor/types";
+import {IamPolicyAction} from "@shared/policy";
 
 @Component({
   selector: 'actions-selector',
diff --git a/modules/front-end/src/app/features/safe/iam/components/policy-editor/policy-editor.component.ts b/modules/front-end/src/app/features/safe/iam/components/policy-editor/policy-editor.component.ts
index 90d0dd75e..bbe56e29b 100644
--- a/modules/front-end/src/app/features/safe/iam/components/policy-editor/policy-editor.component.ts
+++ b/modules/front-end/src/app/features/safe/iam/components/policy-editor/policy-editor.component.ts
@@ -7,7 +7,7 @@ import {
   resourcesTypes,
   ResourceType,
   ResourceTypeEnum
-} from "@features/safe/iam/components/policy-editor/types";
+} from "@shared/policy";
 import {deepCopy, encodeURIComponentFfc, uuidv4} from "@utils/index";
 import {IPolicy, IPolicyStatement} from "@features/safe/iam/types/policy";
 import {NzMessageService} from "ng-zorro-antd/message";
diff --git a/modules/front-end/src/app/features/safe/iam/components/policy-editor/resources-selector/resources-selector.component.ts b/modules/front-end/src/app/features/safe/iam/components/policy-editor/resources-selector/resources-selector.component.ts
index aa6f7c70c..04b555af8 100644
--- a/modules/front-end/src/app/features/safe/iam/components/policy-editor/resources-selector/resources-selector.component.ts
+++ b/modules/front-end/src/app/features/safe/iam/components/policy-editor/resources-selector/resources-selector.component.ts
@@ -7,10 +7,9 @@ import {
   ResourceTypeEnum,
   RNViewModel,
   rscParamsDict
-} from "@features/safe/iam/components/policy-editor/types";
+} from "@shared/policy";
 import {ResourceService} from "@services/resource.service";
 import {deepCopy} from "@utils/index";
-
 @Component({
   selector: 'resources-selector',
   templateUrl: './resources-selector.component.html',
diff --git a/modules/front-end/src/app/features/safe/organizations/project/project.component.ts b/modules/front-end/src/app/features/safe/organizations/project/project.component.ts
index a7f228454..437a5afdf 100644
--- a/modules/front-end/src/app/features/safe/organizations/project/project.component.ts
+++ b/modules/front-end/src/app/features/safe/organizations/project/project.component.ts
@@ -6,11 +6,11 @@ import { EnvService } from '@services/env.service';
 import { NzMessageService } from "ng-zorro-antd/message";
 import {PermissionsService} from "@services/permissions.service";
 import {generalResourceRNPattern, permissionActions} from "@shared/permissions";
-import {ResourceTypeEnum} from "@features/safe/iam/components/policy-editor/types";
 import {MessageQueueService} from "@services/message-queue.service";
 import { FormBuilder, FormGroup, Validators } from "@angular/forms";
 import { EnvSecretService } from "@services/env-secret.service";
 import { copyToClipboard } from '@utils/index';
+import { ResourceTypeEnum } from "@shared/policy";
 
 @Component({
   selector: 'app-project',
diff --git a/modules/front-end/src/app/features/safe/iam/components/policy-editor/types.ts b/modules/front-end/src/app/shared/policy.ts
similarity index 62%
rename from modules/front-end/src/app/features/safe/iam/components/policy-editor/types.ts
rename to modules/front-end/src/app/shared/policy.ts
index 74e01065b..e4a7954f6 100644
--- a/modules/front-end/src/app/features/safe/iam/components/policy-editor/types.ts
+++ b/modules/front-end/src/app/shared/policy.ts
@@ -16,6 +16,8 @@ export interface IamPolicyAction {
   id: string;
   name: string;
   displayName: string;
+  description: string;
+  isOpenAPIApplicable: boolean;
 }
 
 export enum ResourceTypeEnum {
@@ -117,172 +119,236 @@ export const resourceActionsDict: {[key: string]: IamPolicyAction[]} = {
     {
       id: uuidv4(),
       name: permissionActions.All,
-      displayName: $localize`:@@iam.action.all:All`
+      displayName: $localize`:@@iam.action.all:All`,
+      description: $localize`:@@iam.action.all:All`,
+      isOpenAPIApplicable: false
     },
   ],
   [`${ResourceTypeEnum.General},account`]: [
     {
       id: uuidv4(),
       name: permissionActions.UpdateOrgName,
-      displayName: $localize`:@@iam.action.update-org-name:Update org name`
+      displayName: $localize`:@@iam.action.update-org-name:Update org name`,
+      description: $localize`:@@iam.action.update-org-name:Update org name`,
+      isOpenAPIApplicable: true
     },
     {
       id: uuidv4(),
       name: permissionActions.ListAccessTokens,
-      displayName: $localize`:@@iam.action.list-access-tokens:List access tokens`
+      displayName: $localize`:@@iam.action.list-access-tokens:List access tokens`,
+      description: $localize`:@@iam.action.list-access-tokens:List access tokens`,
+      isOpenAPIApplicable: true
     },
     {
       id: uuidv4(),
       name: permissionActions.CreateServiceAccessTokens,
-      displayName: $localize`:@@iam.action.create-service-access-tokens:Create service access tokens`
+      displayName: $localize`:@@iam.action.create-service-access-tokens:Create service access tokens`,
+      description: $localize`:@@iam.action.create-service-access-tokens:Create service access tokens`,
+      isOpenAPIApplicable: true
     },
     {
       id: uuidv4(),
       name: permissionActions.CreatePersonalAccessTokens,
-      displayName: $localize`:@@iam.action.create-personal-access-tokens:Create personal access tokens`
+      displayName: $localize`:@@iam.action.create-personal-access-tokens:Create personal access tokens`,
+      description: $localize`:@@iam.action.create-personal-access-tokens:Create personal access tokens`,
+      isOpenAPIApplicable: true
     },
   ],
   [`${ResourceTypeEnum.General},iam`]: [
     {
       id: uuidv4(),
       name: permissionActions.CanManageIAM,
-      displayName: $localize`:@@iam.action.iam:IAM`
+      displayName: $localize`:@@iam.action.iam:IAM`,
+      description: $localize`:@@iam.action.iam:IAM`,
+      isOpenAPIApplicable: true
     },
   ],
   [`${ResourceTypeEnum.General},project`]: [ // for all projects
     {
       id: uuidv4(),
       name: permissionActions.ListProjects,
-      displayName: $localize`:@@iam.action.list-projects:List projects`
+      displayName: $localize`:@@iam.action.list-projects:List projects`,
+      description: $localize`:@@iam.action.list-projects:List projects`,
+      isOpenAPIApplicable: true
     },
     {
       id: uuidv4(),
       name: permissionActions.CreateProject,
-      displayName: $localize`:@@iam.action.create-projects:Create projects`
+      displayName: $localize`:@@iam.action.create-projects:Create projects`,
+      description: $localize`:@@iam.action.create-projects:Create projects`,
+      isOpenAPIApplicable: true
     },
     {
       id: uuidv4(),
       name: permissionActions.DeleteProject,
-      displayName: $localize`:@@iam.action.delete-projects:Delete projects`
+      displayName: $localize`:@@iam.action.delete-projects:Delete projects`,
+      description: $localize`:@@iam.action.delete-projects:Delete projects`,
+      isOpenAPIApplicable: true
     },
     {
       id: uuidv4(),
       name: permissionActions.UpdateProjectSettings,
-      displayName: $localize`:@@iam.action.update-project-settings:Update project settings`
+      displayName: $localize`:@@iam.action.update-project-settings:Update project settings`,
+      description: $localize`:@@iam.action.update-project-settings:Update project settings`,
+      isOpenAPIApplicable: true
     },
     {
       id: uuidv4(),
       name: permissionActions.ListEnvs,
-      displayName: $localize`:@@iam.action.list-envs:List environments`
+      displayName: $localize`:@@iam.action.list-envs:List environments`,
+      description: $localize`:@@iam.action.list-envs:List environments`,
+      isOpenAPIApplicable: true
     },
     {
       id: uuidv4(),
       name: permissionActions.CreateEnv,
-      displayName: $localize`:@@iam.action.create-env:Create environment`
+      displayName: $localize`:@@iam.action.create-env:Create environment`,
+      description: $localize`:@@iam.action.create-env:Create environment`,
+      isOpenAPIApplicable: true
     },
     {
       id: uuidv4(),
       name: permissionActions.AccessEnvs,
-      displayName: $localize`:@@iam.action.access-envs:Access environments`
+      displayName: $localize`:@@iam.action.access-envs:Access environments`,
+      description: $localize`:@@iam.action.access-envs:Access environments`,
+      isOpenAPIApplicable: true
     },
     {
       id: uuidv4(),
       name: permissionActions.DeleteEnv,
-      displayName: $localize`:@@iam.action.delete-envs:Delete environments`
+      displayName: $localize`:@@iam.action.delete-envs:Delete environments`,
+      description: $localize`:@@iam.action.delete-envs:Delete environments`,
+      isOpenAPIApplicable: true
     },
     {
       id: uuidv4(),
       name: permissionActions.UpdateEnvSettings,
-      displayName: $localize`:@@iam.action.update-env-settings:Update environment settings`
+      displayName: $localize`:@@iam.action.update-env-settings:Update environment settings`,
+      description: $localize`:@@iam.action.update-env-settings:Update environment settings`,
+      isOpenAPIApplicable: true
     },
     {
       id: uuidv4(),
       name: permissionActions.DeleteEnvSecret,
-      displayName: $localize`:@@iam.action.delete-env-secret:Delete environment secret`
+      displayName: $localize`:@@iam.action.delete-env-secret:Delete environment secret`,
+      description: $localize`:@@iam.action.delete-env-secret:Delete environment secret`,
+      isOpenAPIApplicable: true
     },
     {
       id: uuidv4(),
       name: permissionActions.CreateEnvSecret,
-      displayName: $localize`:@@iam.action.create-env-secret:Create environment secret`
+      displayName: $localize`:@@iam.action.create-env-secret:Create environment secret`,
+      description: $localize`:@@iam.action.create-env-secret:Create environment secret`,
+      isOpenAPIApplicable: true
     },
     {
       id: uuidv4(),
       name: permissionActions.UpdateEnvSecret,
-      displayName: $localize`:@@iam.action.update-env-secret:Update environment secret`
+      displayName: $localize`:@@iam.action.update-env-secret:Update environment secret`,
+      description: $localize`:@@iam.action.update-env-secret:Update environment secret`,
+      isOpenAPIApplicable: true
     },
   ],
   [ResourceTypeEnum.Project]: [ // for a specific project
     {
       id: uuidv4(),
       name: permissionActions.AccessEnvs,
-      displayName: $localize`:@@iam.action.access-envs:Access environments`
+      displayName: $localize`:@@iam.action.access-envs:Access environments`,
+      description: $localize`:@@iam.action.access-envs:Access environments`,
+      isOpenAPIApplicable: true
     },
     {
       id: uuidv4(),
       name: permissionActions.DeleteProject,
-      displayName: $localize`:@@iam.action.delete-projects:Delete projects`
+      displayName: $localize`:@@iam.action.delete-projects:Delete projects`,
+      description: $localize`:@@iam.action.delete-projects:Delete projects`,
+      isOpenAPIApplicable: true
     },
     {
       id: uuidv4(),
       name: permissionActions.UpdateProjectSettings,
-      displayName: $localize`:@@iam.action.update-project-settings:Update project settings`
+      displayName: $localize`:@@iam.action.update-project-settings:Update project settings`,
+      description: $localize`:@@iam.action.update-project-settings:Update project settings`,
+      isOpenAPIApplicable: true
     },
     {
       id: uuidv4(),
       name: permissionActions.ListEnvs,
-      displayName: $localize`:@@iam.action.list-envs:List environments`
+      displayName: $localize`:@@iam.action.list-envs:List environments`,
+      description: $localize`:@@iam.action.list-envs:List environments`,
+      isOpenAPIApplicable: true
     },
     {
       id: uuidv4(),
       name: permissionActions.CreateEnv,
-      displayName: $localize`:@@iam.action.create-env:Create environment`
+      displayName: $localize`:@@iam.action.create-env:Create environment`,
+      description: $localize`:@@iam.action.create-env:Create environment`,
+      isOpenAPIApplicable: true
     },
     {
       id: uuidv4(),
       name: permissionActions.DeleteEnvSecret,
-      displayName: $localize`:@@iam.action.delete-env-secret:Delete environment secret`
+      displayName: $localize`:@@iam.action.delete-env-secret:Delete environment secret`,
+      description: $localize`:@@iam.action.delete-env-secret:Delete environment secret`,
+      isOpenAPIApplicable: true
     },
     {
       id: uuidv4(),
       name: permissionActions.CreateEnvSecret,
-      displayName: $localize`:@@iam.action.create-env-secret:Create environment secret`
+      displayName: $localize`:@@iam.action.create-env-secret:Create environment secret`,
+      description: $localize`:@@iam.action.create-env-secret:Create environment secret`,
+      isOpenAPIApplicable: true
     },
     {
       id: uuidv4(),
       name: permissionActions.UpdateEnvSecret,
-      displayName: $localize`:@@iam.action.update-env-secret:Update environment secret`
+      displayName: $localize`:@@iam.action.update-env-secret:Update environment secret`,
+      description: $localize`:@@iam.action.update-env-secret:Update environment secret`,
+      isOpenAPIApplicable: true
     },
   ],
   [ResourceTypeEnum.Env]: [ // for a specific environment
     {
       id: uuidv4(),
       name: permissionActions.AccessEnvs,
-      displayName: $localize`:@@iam.action.access-envs:Access environments`
+      displayName: $localize`:@@iam.action.access-envs:Access environments`,
+      description: $localize`:@@iam.action.access-envs:Access environments`,
+      isOpenAPIApplicable: true
     },
     {
       id: uuidv4(),
       name: permissionActions.DeleteEnv,
-      displayName: $localize`:@@iam.action.delete-envs:Delete environments`
+      displayName: $localize`:@@iam.action.delete-envs:Delete environments`,
+      description: $localize`:@@iam.action.delete-envs:Delete environments`,
+      isOpenAPIApplicable: true
     },
     {
       id: uuidv4(),
       name: permissionActions.UpdateEnvSettings,
-      displayName: $localize`:@@iam.action.update-env-settings:Update environment settings`
+      displayName: $localize`:@@iam.action.update-env-settings:Update environment settings`,
+      description: $localize`:@@iam.action.update-env-settings:Update environment settings`,
+      isOpenAPIApplicable: true
     },
     {
       id: uuidv4(),
       name: permissionActions.DeleteEnvSecret,
-      displayName: $localize`:@@iam.action.delete-env-secret:Delete environment secret`
+      displayName: $localize`:@@iam.action.delete-env-secret:Delete environment secret`,
+      description: $localize`:@@iam.action.delete-env-secret:Delete environment secret`,
+      isOpenAPIApplicable: true
     },
     {
       id: uuidv4(),
       name: permissionActions.CreateEnvSecret,
-      displayName: $localize`:@@iam.action.create-env-secret:Create environment secret`
+      displayName: $localize`:@@iam.action.create-env-secret:Create environment secret`,
+      description: $localize`:@@iam.action.create-env-secret:Create environment secret`,
+      isOpenAPIApplicable: true
     },
     {
       id: uuidv4(),
       name: permissionActions.UpdateEnvSecret,
-      displayName: $localize`:@@iam.action.update-env-secret:Update environment secret`
+      displayName: $localize`:@@iam.action.update-env-secret:Update environment secret`,
+      description: $localize`:@@iam.action.update-env-secret:Update environment secret`,
+      isOpenAPIApplicable: true
     },
   ]
 }

From 14dd12a174a932257edb28b96243c3e53bc3e26a Mon Sep 17 00:00:00 2001
From: cosmos-explorer <lian.yang.work@gmail.com>
Date: Mon, 13 Mar 2023 12:13:50 +0100
Subject: [PATCH 22/44] refactor

---
 .../docker-entrypoint-initdb.d/init.js        |   8 +-
 .../permission-check.component.ts             |   3 +-
 .../directives/permission-check.directive.ts  |   3 +-
 .../app/core/services/permissions.service.ts  |  10 +-
 .../actions-selector.component.html           |   2 +-
 .../front-end/src/app/shared/permissions.ts   | 148 ++++-
 modules/front-end/src/app/shared/policy.ts    | 256 ++-------
 modules/front-end/src/locale/messages.xlf     | 472 ++++++++--------
 modules/front-end/src/locale/messages.zh.xlf  | 520 +++++++++---------
 9 files changed, 687 insertions(+), 735 deletions(-)

diff --git a/infra/mongodb/docker-entrypoint-initdb.d/init.js b/infra/mongodb/docker-entrypoint-initdb.d/init.js
index 7cfc935d1..b426b82b8 100644
--- a/infra/mongodb/docker-entrypoint-initdb.d/init.js
+++ b/infra/mongodb/docker-entrypoint-initdb.d/init.js
@@ -107,8 +107,8 @@ db.Policies.insertOne(
                 effect: "allow",
                 actions: [
                     "UpdateOrgName",
-                    "CreateServiceAccessTokens",
-                    "CreatePersonalAccessTokens",
+                    "ManageServiceAccessTokens",
+                    "ManagePersonalAccessTokens",
                     "ListAccessTokens"
                 ],
                 resources: ["account"]
@@ -162,8 +162,8 @@ db.Policies.insertOne(
                 resourceType: "general",
                 effect: "allow",
                 actions: [
-                    "CreateServiceAccessTokens",
-                    "CreatePersonalAccessTokens",
+                    "ManageServiceAccessTokens",
+                    "ManagePersonalAccessTokens",
                     "ListAccessTokens"
                 ],
                 resources: ["account"]
diff --git a/modules/front-end/src/app/core/components/permission-check/permission-check.component.ts b/modules/front-end/src/app/core/components/permission-check/permission-check.component.ts
index dcb87fa8a..66f8c07a6 100644
--- a/modules/front-end/src/app/core/components/permission-check/permission-check.component.ts
+++ b/modules/front-end/src/app/core/components/permission-check/permission-check.component.ts
@@ -1,5 +1,6 @@
 import {Component, Input, OnInit} from "@angular/core";
 import {PermissionsService} from "@services/permissions.service";
+import { IamPolicyAction } from "@shared/policy";
 
 @Component({
   selector: 'permission-check',
@@ -9,7 +10,7 @@ import {PermissionsService} from "@services/permissions.service";
 export class PermissionCheckComponent implements OnInit {
 
   @Input() rn: string;
-  @Input() action: string;
+  @Input() action: IamPolicyAction;
   @Input() messageIfDeny: string = this.permissionsService.genericDenyMessage;
 
   canTakeAction: boolean = false;
diff --git a/modules/front-end/src/app/core/directives/permission-check.directive.ts b/modules/front-end/src/app/core/directives/permission-check.directive.ts
index 1f42ac178..ad7e27ee2 100644
--- a/modules/front-end/src/app/core/directives/permission-check.directive.ts
+++ b/modules/front-end/src/app/core/directives/permission-check.directive.ts
@@ -1,6 +1,7 @@
 import {Directive, EventEmitter, HostListener, Input, Output} from "@angular/core";
 import {NzMessageService} from "ng-zorro-antd/message";
 import {PermissionsService} from "@services/permissions.service";
+import { IamPolicyAction } from "@shared/policy";
 
 @Directive({
   selector: '[permission-check]'
@@ -8,7 +9,7 @@ import {PermissionsService} from "@services/permissions.service";
 export class PermissionCheckDirective  {
 
   @Input() rn: string;
-  @Input() action: string;
+  @Input() action: IamPolicyAction;
   @Input() messageIfDeny: string = this.permissionsService.genericDenyMessage;
 
   @Output() actionIfAllow = new EventEmitter();
diff --git a/modules/front-end/src/app/core/services/permissions.service.ts b/modules/front-end/src/app/core/services/permissions.service.ts
index 3bd86ee47..a72a0f28b 100644
--- a/modules/front-end/src/app/core/services/permissions.service.ts
+++ b/modules/front-end/src/app/core/services/permissions.service.ts
@@ -2,7 +2,7 @@ import {Injectable} from "@angular/core";
 import {lastValueFrom} from "rxjs";
 import {IPolicy, IPolicyStatement} from "@features/safe/iam/types/policy";
 import {MemberService} from "@services/member.service";
-import {EffectEnum, ResourceTypeEnum} from "@shared/policy";
+import { EffectEnum, IamPolicyAction, ResourceTypeEnum } from "@shared/policy";
 
 @Injectable({
   providedIn: 'root'
@@ -63,7 +63,7 @@ export class PermissionsService {
   }
 
   // if return undefined, that means zero permission is defined on that resource
-  canTakeAction(rn: string, action: string): boolean | undefined | any {
+  canTakeAction(rn: string, action: IamPolicyAction): boolean | undefined | any {
     const [resourceType, _] = rn.split('/');
 
     const statements = this.permissions.filter(s => {
@@ -72,7 +72,7 @@ export class PermissionsService {
         }
 
         if (s.resourceType === ResourceTypeEnum.General) {
-          return s.resources.map(r => r.split('/')[0]).includes(resourceType) && s.actions.includes(action);
+          return s.resources.map(r => r.split('/')[0]).includes(resourceType) && s.actions.includes(action.name);
         }
 
         const matchingResource = s.resources.find(rsc => {
@@ -89,13 +89,13 @@ export class PermissionsService {
           });
         });
 
-        return matchingResource !== undefined && s.actions.includes(action)
+        return matchingResource !== undefined && s.actions.includes(action.name)
     });
 
     if (statements.find(s => s.effect === EffectEnum.Deny) !== undefined) {
       return false;
     }
 
-    return statements.find(s => s.effect !== EffectEnum.Deny && (s.actions.find(act => act === '*') || s.actions.includes(action)));
+    return statements.find(s => s.effect !== EffectEnum.Deny && (s.actions.find(act => act === '*') || s.actions.includes(action.name)));
   }
 }
diff --git a/modules/front-end/src/app/features/safe/iam/components/policy-editor/actions-selector/actions-selector.component.html b/modules/front-end/src/app/features/safe/iam/components/policy-editor/actions-selector/actions-selector.component.html
index 6b98472f4..6b5d655bd 100644
--- a/modules/front-end/src/app/features/safe/iam/components/policy-editor/actions-selector/actions-selector.component.html
+++ b/modules/front-end/src/app/features/safe/iam/components/policy-editor/actions-selector/actions-selector.component.html
@@ -7,7 +7,7 @@
   </div>
   <div class="selected-actions" *ngIf="selectedActions.length">
     <div nz-col class="action" *ngFor="let act of selectedActions">
-      <div class="inner-box" nz-tooltip="{{act.displayName}} ({{act.name}})">
+      <div class="inner-box" nz-tooltip="{{act.name}} ({{act.description}})">
         {{act.displayName}} ({{act.name}})
       </div>
       <button nz-button nzType="default" [nzSize]="'large'" (click)="removeAction(act)"><i nz-icon nzType="close"></i></button>
diff --git a/modules/front-end/src/app/shared/permissions.ts b/modules/front-end/src/app/shared/permissions.ts
index 1b8472d63..6aeffe976 100644
--- a/modules/front-end/src/app/shared/permissions.ts
+++ b/modules/front-end/src/app/shared/permissions.ts
@@ -1,3 +1,5 @@
+import { uuidv4 } from "@utils/index";
+import { IamPolicyAction } from "@shared/policy";
 
 export const generalResourceRNPattern = {
   all: '*',
@@ -6,30 +8,138 @@ export const generalResourceRNPattern = {
   project: 'project',
 }
 
-export const permissionActions = {
-  All: '*',
+export const permissionActions: {[key: string]: IamPolicyAction} = {
+  All: {
+    id: uuidv4(),
+    name: '*',
+    displayName: $localize`:@@iam.action.all:All`,
+    description: $localize`:@@iam.action.all:All`,
+    isOpenAPIApplicable: false
+  },
 
-  ListProjects: 'ListProjects',
-  CreateProject: 'CreateProject',
-  DeleteProject: 'DeleteProject',
-  AccessEnvs: 'AccessEnvs',
-  UpdateProjectSettings: 'UpdateProjectSettings',
-  ListEnvs: 'ListEnvs',
-  CreateEnv: 'CreateEnv',
-  DeleteEnv: 'DeleteEnv',
-  UpdateEnvSettings: 'UpdateEnvSettings',
-  DeleteEnvSecret: 'DeleteEnvSecret',
-  CreateEnvSecret: 'CreateEnvSecret',
-  UpdateEnvSecret: 'UpdateEnvSecret',
+  ListProjects: {
+    id: uuidv4(),
+    name: 'ListProjects',
+    displayName: $localize`:@@iam.action.list-projects:List projects`,
+    description: $localize`:@@iam.action.list-projects:List projects`,
+    isOpenAPIApplicable: true
+  },
+  CreateProject: {
+    id: uuidv4(),
+    name: 'CreateProject',
+    displayName: $localize`:@@iam.action.create-projects:Create projects`,
+    description: $localize`:@@iam.action.create-projects:Create projects`,
+    isOpenAPIApplicable: true
+  },
+  DeleteProject: {
+    id: uuidv4(),
+    name: 'DeleteProject',
+    displayName: $localize`:@@iam.action.delete-projects:Delete projects`,
+    description: $localize`:@@iam.action.delete-projects:Delete projects`,
+    isOpenAPIApplicable: true
+  },
+  AccessEnvs: {
+    id: uuidv4(),
+    name: 'AccessEnvs',
+    displayName: $localize`:@@iam.action.access-envs:Access environments`,
+    description: $localize`:@@iam.action.access-envs:Access environments`,
+    isOpenAPIApplicable: true
+  },
+  UpdateProjectSettings: {
+    id: uuidv4(),
+    name: 'UpdateProjectSettings',
+    displayName: $localize`:@@iam.action.update-project-settings:Update project settings`,
+    description: $localize`:@@iam.action.update-project-settings:Update project settings`,
+    isOpenAPIApplicable: true
+  },
+  ListEnvs: {
+    id: uuidv4(),
+    name: 'ListEnvs',
+    displayName: $localize`:@@iam.action.list-envs:List environments`,
+    description: $localize`:@@iam.action.list-envs:List environments`,
+    isOpenAPIApplicable: true
+  },
+  CreateEnv:  {
+    id: uuidv4(),
+    name: 'CreateEnv',
+    displayName: $localize`:@@iam.action.create-env:Create environment`,
+    description: $localize`:@@iam.action.create-env:Create environment`,
+    isOpenAPIApplicable: true
+  },
+  DeleteEnv: {
+    id: uuidv4(),
+    name: 'DeleteEnv',
+    displayName: $localize`:@@iam.action.delete-envs:Delete environments`,
+    description: $localize`:@@iam.action.delete-envs:Delete environments`,
+    isOpenAPIApplicable: true
+  },
+  UpdateEnvSettings: {
+    id: uuidv4(),
+    name: 'UpdateEnvSettings',
+    displayName: $localize`:@@iam.action.update-env-settings:Update environment settings`,
+    description: $localize`:@@iam.action.update-env-settings:Update environment settings`,
+    isOpenAPIApplicable: true
+  },
+  DeleteEnvSecret: {
+    id: uuidv4(),
+    name: 'DeleteEnvSecret',
+    displayName: $localize`:@@iam.action.delete-env-secret:Delete environment secret`,
+    description: $localize`:@@iam.action.delete-env-secret:Delete environment secret`,
+    isOpenAPIApplicable: true
+  },
+  CreateEnvSecret: {
+    id: uuidv4(),
+    name: 'CreateEnvSecret',
+    displayName: $localize`:@@iam.action.create-env-secret:Create environment secret`,
+    description: $localize`:@@iam.action.create-env-secret:Create environment secret`,
+    isOpenAPIApplicable: true
+  },
+  UpdateEnvSecret: {
+    id: uuidv4(),
+    name: 'UpdateEnvSecret',
+    displayName: $localize`:@@iam.action.update-env-secret:Update environment secret`,
+    description: $localize`:@@iam.action.update-env-secret:Update environment secret`,
+    isOpenAPIApplicable: true
+  },
 
   // account
-  UpdateOrgName: 'UpdateOrgName',
+  UpdateOrgName: {
+    id: uuidv4(),
+    name: 'UpdateOrgName',
+    displayName: $localize`:@@iam.action.update-org-name:Update org name`,
+    description: $localize`:@@iam.action.update-org-name:Update org name`,
+    isOpenAPIApplicable: true
+  },
 
   // iam
-  CanManageIAM: 'CanManageIAM',
+  CanManageIAM: {
+    id: uuidv4(),
+    name: 'CanManageIAM',
+    displayName: $localize`:@@iam.action.iam:IAM`,
+    description: $localize`:@@iam.action.iam:IAM`,
+    isOpenAPIApplicable: true
+  },
 
   // access tokens
-  ListAccessTokens: 'ListAccessTokens',
-  CreateServiceAccessTokens: 'CreateServiceAccessTokens',
-  CreatePersonalAccessTokens: 'CreatePersonalAccessTokens',
+  ListAccessTokens: {
+    id: uuidv4(),
+    name: 'ListAccessTokens',
+    displayName: $localize`:@@iam.action.list-access-tokens:List access tokens`,
+    description: $localize`:@@iam.action.list-access-tokens:List access tokens`,
+    isOpenAPIApplicable: true
+  },
+  CreateServiceAccessTokens: {
+    id: uuidv4(),
+    name: 'ManageServiceAccessTokens',
+    displayName: $localize`:@@iam.action.manage-service-access-tokens:Manage service access tokens`,
+    description: $localize`:@@iam.action.manage-service-access-tokens:Manage service access tokens`,
+    isOpenAPIApplicable: true
+  },
+  CreatePersonalAccessTokens: {
+    id: uuidv4(),
+    name: 'ManagePersonalAccessTokens',
+    displayName: $localize`:@@iam.action.manage-personal-access-tokens:Manage personal access tokens`,
+    description: $localize`:@@iam.action.manage-personal-access-tokens:Manage personal access tokens`,
+    isOpenAPIApplicable: true
+  },
 }
diff --git a/modules/front-end/src/app/shared/policy.ts b/modules/front-end/src/app/shared/policy.ts
index e4a7954f6..1f1d5f197 100644
--- a/modules/front-end/src/app/shared/policy.ts
+++ b/modules/front-end/src/app/shared/policy.ts
@@ -116,239 +116,47 @@ export const rscParamsDict: {[key in ResourceTypeEnum]: ResourceParamViewModel[]
 
 export const resourceActionsDict: {[key: string]: IamPolicyAction[]} = {
   [ResourceTypeEnum.All]: [
-    {
-      id: uuidv4(),
-      name: permissionActions.All,
-      displayName: $localize`:@@iam.action.all:All`,
-      description: $localize`:@@iam.action.all:All`,
-      isOpenAPIApplicable: false
-    },
+    permissionActions.All,
   ],
   [`${ResourceTypeEnum.General},account`]: [
-    {
-      id: uuidv4(),
-      name: permissionActions.UpdateOrgName,
-      displayName: $localize`:@@iam.action.update-org-name:Update org name`,
-      description: $localize`:@@iam.action.update-org-name:Update org name`,
-      isOpenAPIApplicable: true
-    },
-    {
-      id: uuidv4(),
-      name: permissionActions.ListAccessTokens,
-      displayName: $localize`:@@iam.action.list-access-tokens:List access tokens`,
-      description: $localize`:@@iam.action.list-access-tokens:List access tokens`,
-      isOpenAPIApplicable: true
-    },
-    {
-      id: uuidv4(),
-      name: permissionActions.CreateServiceAccessTokens,
-      displayName: $localize`:@@iam.action.create-service-access-tokens:Create service access tokens`,
-      description: $localize`:@@iam.action.create-service-access-tokens:Create service access tokens`,
-      isOpenAPIApplicable: true
-    },
-    {
-      id: uuidv4(),
-      name: permissionActions.CreatePersonalAccessTokens,
-      displayName: $localize`:@@iam.action.create-personal-access-tokens:Create personal access tokens`,
-      description: $localize`:@@iam.action.create-personal-access-tokens:Create personal access tokens`,
-      isOpenAPIApplicable: true
-    },
+    permissionActions.UpdateOrgName,
+    permissionActions.ListAccessTokens,
+    permissionActions.CreateServiceAccessTokens,
+    permissionActions.CreatePersonalAccessTokens,
   ],
   [`${ResourceTypeEnum.General},iam`]: [
-    {
-      id: uuidv4(),
-      name: permissionActions.CanManageIAM,
-      displayName: $localize`:@@iam.action.iam:IAM`,
-      description: $localize`:@@iam.action.iam:IAM`,
-      isOpenAPIApplicable: true
-    },
+    permissionActions.CanManageIAM,
   ],
   [`${ResourceTypeEnum.General},project`]: [ // for all projects
-    {
-      id: uuidv4(),
-      name: permissionActions.ListProjects,
-      displayName: $localize`:@@iam.action.list-projects:List projects`,
-      description: $localize`:@@iam.action.list-projects:List projects`,
-      isOpenAPIApplicable: true
-    },
-    {
-      id: uuidv4(),
-      name: permissionActions.CreateProject,
-      displayName: $localize`:@@iam.action.create-projects:Create projects`,
-      description: $localize`:@@iam.action.create-projects:Create projects`,
-      isOpenAPIApplicable: true
-    },
-    {
-      id: uuidv4(),
-      name: permissionActions.DeleteProject,
-      displayName: $localize`:@@iam.action.delete-projects:Delete projects`,
-      description: $localize`:@@iam.action.delete-projects:Delete projects`,
-      isOpenAPIApplicable: true
-    },
-    {
-      id: uuidv4(),
-      name: permissionActions.UpdateProjectSettings,
-      displayName: $localize`:@@iam.action.update-project-settings:Update project settings`,
-      description: $localize`:@@iam.action.update-project-settings:Update project settings`,
-      isOpenAPIApplicable: true
-    },
-    {
-      id: uuidv4(),
-      name: permissionActions.ListEnvs,
-      displayName: $localize`:@@iam.action.list-envs:List environments`,
-      description: $localize`:@@iam.action.list-envs:List environments`,
-      isOpenAPIApplicable: true
-    },
-    {
-      id: uuidv4(),
-      name: permissionActions.CreateEnv,
-      displayName: $localize`:@@iam.action.create-env:Create environment`,
-      description: $localize`:@@iam.action.create-env:Create environment`,
-      isOpenAPIApplicable: true
-    },
-    {
-      id: uuidv4(),
-      name: permissionActions.AccessEnvs,
-      displayName: $localize`:@@iam.action.access-envs:Access environments`,
-      description: $localize`:@@iam.action.access-envs:Access environments`,
-      isOpenAPIApplicable: true
-    },
-    {
-      id: uuidv4(),
-      name: permissionActions.DeleteEnv,
-      displayName: $localize`:@@iam.action.delete-envs:Delete environments`,
-      description: $localize`:@@iam.action.delete-envs:Delete environments`,
-      isOpenAPIApplicable: true
-    },
-    {
-      id: uuidv4(),
-      name: permissionActions.UpdateEnvSettings,
-      displayName: $localize`:@@iam.action.update-env-settings:Update environment settings`,
-      description: $localize`:@@iam.action.update-env-settings:Update environment settings`,
-      isOpenAPIApplicable: true
-    },
-    {
-      id: uuidv4(),
-      name: permissionActions.DeleteEnvSecret,
-      displayName: $localize`:@@iam.action.delete-env-secret:Delete environment secret`,
-      description: $localize`:@@iam.action.delete-env-secret:Delete environment secret`,
-      isOpenAPIApplicable: true
-    },
-    {
-      id: uuidv4(),
-      name: permissionActions.CreateEnvSecret,
-      displayName: $localize`:@@iam.action.create-env-secret:Create environment secret`,
-      description: $localize`:@@iam.action.create-env-secret:Create environment secret`,
-      isOpenAPIApplicable: true
-    },
-    {
-      id: uuidv4(),
-      name: permissionActions.UpdateEnvSecret,
-      displayName: $localize`:@@iam.action.update-env-secret:Update environment secret`,
-      description: $localize`:@@iam.action.update-env-secret:Update environment secret`,
-      isOpenAPIApplicable: true
-    },
+    permissionActions.ListProjects,
+    permissionActions.CreateProject,
+    permissionActions.DeleteProject,
+    permissionActions.UpdateProjectSettings,
+    permissionActions.ListEnvs,
+    permissionActions.CreateEnv,
+    permissionActions.AccessEnvs,
+    permissionActions.DeleteEnv,
+    permissionActions.UpdateEnvSettings,
+    permissionActions.DeleteEnvSecret,
+    permissionActions.CreateEnvSecret,
+    permissionActions.UpdateEnvSecret,
   ],
   [ResourceTypeEnum.Project]: [ // for a specific project
-    {
-      id: uuidv4(),
-      name: permissionActions.AccessEnvs,
-      displayName: $localize`:@@iam.action.access-envs:Access environments`,
-      description: $localize`:@@iam.action.access-envs:Access environments`,
-      isOpenAPIApplicable: true
-    },
-    {
-      id: uuidv4(),
-      name: permissionActions.DeleteProject,
-      displayName: $localize`:@@iam.action.delete-projects:Delete projects`,
-      description: $localize`:@@iam.action.delete-projects:Delete projects`,
-      isOpenAPIApplicable: true
-    },
-    {
-      id: uuidv4(),
-      name: permissionActions.UpdateProjectSettings,
-      displayName: $localize`:@@iam.action.update-project-settings:Update project settings`,
-      description: $localize`:@@iam.action.update-project-settings:Update project settings`,
-      isOpenAPIApplicable: true
-    },
-    {
-      id: uuidv4(),
-      name: permissionActions.ListEnvs,
-      displayName: $localize`:@@iam.action.list-envs:List environments`,
-      description: $localize`:@@iam.action.list-envs:List environments`,
-      isOpenAPIApplicable: true
-    },
-    {
-      id: uuidv4(),
-      name: permissionActions.CreateEnv,
-      displayName: $localize`:@@iam.action.create-env:Create environment`,
-      description: $localize`:@@iam.action.create-env:Create environment`,
-      isOpenAPIApplicable: true
-    },
-    {
-      id: uuidv4(),
-      name: permissionActions.DeleteEnvSecret,
-      displayName: $localize`:@@iam.action.delete-env-secret:Delete environment secret`,
-      description: $localize`:@@iam.action.delete-env-secret:Delete environment secret`,
-      isOpenAPIApplicable: true
-    },
-    {
-      id: uuidv4(),
-      name: permissionActions.CreateEnvSecret,
-      displayName: $localize`:@@iam.action.create-env-secret:Create environment secret`,
-      description: $localize`:@@iam.action.create-env-secret:Create environment secret`,
-      isOpenAPIApplicable: true
-    },
-    {
-      id: uuidv4(),
-      name: permissionActions.UpdateEnvSecret,
-      displayName: $localize`:@@iam.action.update-env-secret:Update environment secret`,
-      description: $localize`:@@iam.action.update-env-secret:Update environment secret`,
-      isOpenAPIApplicable: true
-    },
+    permissionActions.AccessEnvs,
+    permissionActions.DeleteProject,
+    permissionActions.UpdateProjectSettings,
+    permissionActions.ListEnvs,
+    permissionActions.CreateEnv,
+    permissionActions.DeleteEnvSecret,
+    permissionActions.CreateEnvSecret,
+    permissionActions.UpdateEnvSecret,
   ],
   [ResourceTypeEnum.Env]: [ // for a specific environment
-    {
-      id: uuidv4(),
-      name: permissionActions.AccessEnvs,
-      displayName: $localize`:@@iam.action.access-envs:Access environments`,
-      description: $localize`:@@iam.action.access-envs:Access environments`,
-      isOpenAPIApplicable: true
-    },
-    {
-      id: uuidv4(),
-      name: permissionActions.DeleteEnv,
-      displayName: $localize`:@@iam.action.delete-envs:Delete environments`,
-      description: $localize`:@@iam.action.delete-envs:Delete environments`,
-      isOpenAPIApplicable: true
-    },
-    {
-      id: uuidv4(),
-      name: permissionActions.UpdateEnvSettings,
-      displayName: $localize`:@@iam.action.update-env-settings:Update environment settings`,
-      description: $localize`:@@iam.action.update-env-settings:Update environment settings`,
-      isOpenAPIApplicable: true
-    },
-    {
-      id: uuidv4(),
-      name: permissionActions.DeleteEnvSecret,
-      displayName: $localize`:@@iam.action.delete-env-secret:Delete environment secret`,
-      description: $localize`:@@iam.action.delete-env-secret:Delete environment secret`,
-      isOpenAPIApplicable: true
-    },
-    {
-      id: uuidv4(),
-      name: permissionActions.CreateEnvSecret,
-      displayName: $localize`:@@iam.action.create-env-secret:Create environment secret`,
-      description: $localize`:@@iam.action.create-env-secret:Create environment secret`,
-      isOpenAPIApplicable: true
-    },
-    {
-      id: uuidv4(),
-      name: permissionActions.UpdateEnvSecret,
-      displayName: $localize`:@@iam.action.update-env-secret:Update environment secret`,
-      description: $localize`:@@iam.action.update-env-secret:Update environment secret`,
-      isOpenAPIApplicable: true
-    },
+    permissionActions.AccessEnvs,
+    permissionActions.DeleteEnv,
+    permissionActions.UpdateEnvSettings,
+    permissionActions.DeleteEnvSecret,
+    permissionActions.CreateEnvSecret,
+    permissionActions.UpdateEnvSecret,
   ]
 }
diff --git a/modules/front-end/src/locale/messages.xlf b/modules/front-end/src/locale/messages.xlf
index a37a40ac2..09b4d21f4 100644
--- a/modules/front-end/src/locale/messages.xlf
+++ b/modules/front-end/src/locale/messages.xlf
@@ -4989,234 +4989,6 @@
           <context context-type="linenumber">68</context>
         </context-group>
       </trans-unit>
-      <trans-unit id="iam.rsc-type.all" datatype="html">
-        <source>All</source>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/iam/components/policy-editor/types.ts</context>
-          <context context-type="linenumber">49</context>
-        </context-group>
-      </trans-unit>
-      <trans-unit id="iam.rsc-type.general" datatype="html">
-        <source>General</source>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/iam/components/policy-editor/types.ts</context>
-          <context context-type="linenumber">54</context>
-        </context-group>
-      </trans-unit>
-      <trans-unit id="iam.rsc-type.project" datatype="html">
-        <source>Project</source>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/iam/components/policy-editor/types.ts</context>
-          <context context-type="linenumber">59</context>
-        </context-group>
-      </trans-unit>
-      <trans-unit id="iam.rsc-type.env" datatype="html">
-        <source>Environment</source>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/iam/components/policy-editor/types.ts</context>
-          <context context-type="linenumber">64</context>
-        </context-group>
-      </trans-unit>
-      <trans-unit id="iam.policy.project" datatype="html">
-        <source>Project</source>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/iam/components/policy-editor/types.ts</context>
-          <context context-type="linenumber">85</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/iam/components/policy-editor/types.ts</context>
-          <context context-type="linenumber">97</context>
-        </context-group>
-      </trans-unit>
-      <trans-unit id="iam.policy.environment" datatype="html">
-        <source>Environment</source>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/iam/components/policy-editor/types.ts</context>
-          <context context-type="linenumber">107</context>
-        </context-group>
-      </trans-unit>
-      <trans-unit id="iam.action.all" datatype="html">
-        <source>All</source>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/iam/components/policy-editor/types.ts</context>
-          <context context-type="linenumber">120</context>
-        </context-group>
-      </trans-unit>
-      <trans-unit id="iam.action.update-org-name" datatype="html">
-        <source>Update org name</source>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/iam/components/policy-editor/types.ts</context>
-          <context context-type="linenumber">127</context>
-        </context-group>
-      </trans-unit>
-      <trans-unit id="iam.action.list-access-tokens" datatype="html">
-        <source>List access tokens</source>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/iam/components/policy-editor/types.ts</context>
-          <context context-type="linenumber">132</context>
-        </context-group>
-      </trans-unit>
-      <trans-unit id="iam.action.create-service-access-tokens" datatype="html">
-        <source>Create service access tokens</source>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/iam/components/policy-editor/types.ts</context>
-          <context context-type="linenumber">137</context>
-        </context-group>
-      </trans-unit>
-      <trans-unit id="iam.action.create-personal-access-tokens" datatype="html">
-        <source>Create personal access tokens</source>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/iam/components/policy-editor/types.ts</context>
-          <context context-type="linenumber">142</context>
-        </context-group>
-      </trans-unit>
-      <trans-unit id="iam.action.iam" datatype="html">
-        <source>IAM</source>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/iam/components/policy-editor/types.ts</context>
-          <context context-type="linenumber">149</context>
-        </context-group>
-      </trans-unit>
-      <trans-unit id="iam.action.list-projects" datatype="html">
-        <source>List projects</source>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/iam/components/policy-editor/types.ts</context>
-          <context context-type="linenumber">156</context>
-        </context-group>
-      </trans-unit>
-      <trans-unit id="iam.action.create-projects" datatype="html">
-        <source>Create projects</source>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/iam/components/policy-editor/types.ts</context>
-          <context context-type="linenumber">161</context>
-        </context-group>
-      </trans-unit>
-      <trans-unit id="iam.action.delete-projects" datatype="html">
-        <source>Delete projects</source>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/iam/components/policy-editor/types.ts</context>
-          <context context-type="linenumber">166</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/iam/components/policy-editor/types.ts</context>
-          <context context-type="linenumber">223</context>
-        </context-group>
-      </trans-unit>
-      <trans-unit id="iam.action.update-project-settings" datatype="html">
-        <source>Update project settings</source>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/iam/components/policy-editor/types.ts</context>
-          <context context-type="linenumber">171</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/iam/components/policy-editor/types.ts</context>
-          <context context-type="linenumber">228</context>
-        </context-group>
-      </trans-unit>
-      <trans-unit id="iam.action.list-envs" datatype="html">
-        <source>List environments</source>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/iam/components/policy-editor/types.ts</context>
-          <context context-type="linenumber">176</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/iam/components/policy-editor/types.ts</context>
-          <context context-type="linenumber">233</context>
-        </context-group>
-      </trans-unit>
-      <trans-unit id="iam.action.create-env" datatype="html">
-        <source>Create environment</source>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/iam/components/policy-editor/types.ts</context>
-          <context context-type="linenumber">181</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/iam/components/policy-editor/types.ts</context>
-          <context context-type="linenumber">238</context>
-        </context-group>
-      </trans-unit>
-      <trans-unit id="iam.action.access-envs" datatype="html">
-        <source>Access environments</source>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/iam/components/policy-editor/types.ts</context>
-          <context context-type="linenumber">186</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/iam/components/policy-editor/types.ts</context>
-          <context context-type="linenumber">218</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/iam/components/policy-editor/types.ts</context>
-          <context context-type="linenumber">260</context>
-        </context-group>
-      </trans-unit>
-      <trans-unit id="iam.action.delete-envs" datatype="html">
-        <source>Delete environments</source>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/iam/components/policy-editor/types.ts</context>
-          <context context-type="linenumber">191</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/iam/components/policy-editor/types.ts</context>
-          <context context-type="linenumber">265</context>
-        </context-group>
-      </trans-unit>
-      <trans-unit id="iam.action.update-env-settings" datatype="html">
-        <source>Update environment settings</source>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/iam/components/policy-editor/types.ts</context>
-          <context context-type="linenumber">196</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/iam/components/policy-editor/types.ts</context>
-          <context context-type="linenumber">270</context>
-        </context-group>
-      </trans-unit>
-      <trans-unit id="iam.action.delete-env-secret" datatype="html">
-        <source>Delete environment secret</source>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/iam/components/policy-editor/types.ts</context>
-          <context context-type="linenumber">201</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/iam/components/policy-editor/types.ts</context>
-          <context context-type="linenumber">243</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/iam/components/policy-editor/types.ts</context>
-          <context context-type="linenumber">275</context>
-        </context-group>
-      </trans-unit>
-      <trans-unit id="iam.action.create-env-secret" datatype="html">
-        <source>Create environment secret</source>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/iam/components/policy-editor/types.ts</context>
-          <context context-type="linenumber">206</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/iam/components/policy-editor/types.ts</context>
-          <context context-type="linenumber">248</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/iam/components/policy-editor/types.ts</context>
-          <context context-type="linenumber">280</context>
-        </context-group>
-      </trans-unit>
-      <trans-unit id="iam.action.update-env-secret" datatype="html">
-        <source>Update environment secret</source>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/iam/components/policy-editor/types.ts</context>
-          <context context-type="linenumber">211</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/iam/components/policy-editor/types.ts</context>
-          <context context-type="linenumber">253</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/iam/components/policy-editor/types.ts</context>
-          <context context-type="linenumber">285</context>
-        </context-group>
-      </trans-unit>
       <trans-unit id="iam.routing.team" datatype="html">
         <source>Team</source>
         <context-group purpose="location">
@@ -6533,6 +6305,250 @@
           <context context-type="linenumber">76</context>
         </context-group>
       </trans-unit>
+      <trans-unit id="iam.action.all" datatype="html">
+        <source>All</source>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/shared/permissions.ts</context>
+          <context context-type="linenumber">15</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/shared/permissions.ts</context>
+          <context context-type="linenumber">16</context>
+        </context-group>
+      </trans-unit>
+      <trans-unit id="iam.action.list-projects" datatype="html">
+        <source>List projects</source>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/shared/permissions.ts</context>
+          <context context-type="linenumber">23</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/shared/permissions.ts</context>
+          <context context-type="linenumber">24</context>
+        </context-group>
+      </trans-unit>
+      <trans-unit id="iam.action.create-projects" datatype="html">
+        <source>Create projects</source>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/shared/permissions.ts</context>
+          <context context-type="linenumber">30</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/shared/permissions.ts</context>
+          <context context-type="linenumber">31</context>
+        </context-group>
+      </trans-unit>
+      <trans-unit id="iam.action.delete-projects" datatype="html">
+        <source>Delete projects</source>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/shared/permissions.ts</context>
+          <context context-type="linenumber">37</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/shared/permissions.ts</context>
+          <context context-type="linenumber">38</context>
+        </context-group>
+      </trans-unit>
+      <trans-unit id="iam.action.access-envs" datatype="html">
+        <source>Access environments</source>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/shared/permissions.ts</context>
+          <context context-type="linenumber">44</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/shared/permissions.ts</context>
+          <context context-type="linenumber">45</context>
+        </context-group>
+      </trans-unit>
+      <trans-unit id="iam.action.update-project-settings" datatype="html">
+        <source>Update project settings</source>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/shared/permissions.ts</context>
+          <context context-type="linenumber">51</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/shared/permissions.ts</context>
+          <context context-type="linenumber">52</context>
+        </context-group>
+      </trans-unit>
+      <trans-unit id="iam.action.list-envs" datatype="html">
+        <source>List environments</source>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/shared/permissions.ts</context>
+          <context context-type="linenumber">58</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/shared/permissions.ts</context>
+          <context context-type="linenumber">59</context>
+        </context-group>
+      </trans-unit>
+      <trans-unit id="iam.action.create-env" datatype="html">
+        <source>Create environment</source>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/shared/permissions.ts</context>
+          <context context-type="linenumber">65</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/shared/permissions.ts</context>
+          <context context-type="linenumber">66</context>
+        </context-group>
+      </trans-unit>
+      <trans-unit id="iam.action.delete-envs" datatype="html">
+        <source>Delete environments</source>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/shared/permissions.ts</context>
+          <context context-type="linenumber">72</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/shared/permissions.ts</context>
+          <context context-type="linenumber">73</context>
+        </context-group>
+      </trans-unit>
+      <trans-unit id="iam.action.update-env-settings" datatype="html">
+        <source>Update environment settings</source>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/shared/permissions.ts</context>
+          <context context-type="linenumber">79</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/shared/permissions.ts</context>
+          <context context-type="linenumber">80</context>
+        </context-group>
+      </trans-unit>
+      <trans-unit id="iam.action.delete-env-secret" datatype="html">
+        <source>Delete environment secret</source>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/shared/permissions.ts</context>
+          <context context-type="linenumber">86</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/shared/permissions.ts</context>
+          <context context-type="linenumber">87</context>
+        </context-group>
+      </trans-unit>
+      <trans-unit id="iam.action.create-env-secret" datatype="html">
+        <source>Create environment secret</source>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/shared/permissions.ts</context>
+          <context context-type="linenumber">93</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/shared/permissions.ts</context>
+          <context context-type="linenumber">94</context>
+        </context-group>
+      </trans-unit>
+      <trans-unit id="iam.action.update-env-secret" datatype="html">
+        <source>Update environment secret</source>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/shared/permissions.ts</context>
+          <context context-type="linenumber">100</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/shared/permissions.ts</context>
+          <context context-type="linenumber">101</context>
+        </context-group>
+      </trans-unit>
+      <trans-unit id="iam.action.update-org-name" datatype="html">
+        <source>Update org name</source>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/shared/permissions.ts</context>
+          <context context-type="linenumber">109</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/shared/permissions.ts</context>
+          <context context-type="linenumber">110</context>
+        </context-group>
+      </trans-unit>
+      <trans-unit id="iam.action.iam" datatype="html">
+        <source>IAM</source>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/shared/permissions.ts</context>
+          <context context-type="linenumber">118</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/shared/permissions.ts</context>
+          <context context-type="linenumber">119</context>
+        </context-group>
+      </trans-unit>
+      <trans-unit id="iam.action.list-access-tokens" datatype="html">
+        <source>List access tokens</source>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/shared/permissions.ts</context>
+          <context context-type="linenumber">127</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/shared/permissions.ts</context>
+          <context context-type="linenumber">128</context>
+        </context-group>
+      </trans-unit>
+      <trans-unit id="iam.action.manage-service-access-tokens" datatype="html">
+        <source>Manage service access tokens</source>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/shared/permissions.ts</context>
+          <context context-type="linenumber">134</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/shared/permissions.ts</context>
+          <context context-type="linenumber">135</context>
+        </context-group>
+      </trans-unit>
+      <trans-unit id="iam.action.manage-personal-access-tokens" datatype="html">
+        <source>Manage personal access tokens</source>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/shared/permissions.ts</context>
+          <context context-type="linenumber">141</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/shared/permissions.ts</context>
+          <context context-type="linenumber">142</context>
+        </context-group>
+      </trans-unit>
+      <trans-unit id="iam.rsc-type.all" datatype="html">
+        <source>All</source>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/shared/policy.ts</context>
+          <context context-type="linenumber">51</context>
+        </context-group>
+      </trans-unit>
+      <trans-unit id="iam.rsc-type.general" datatype="html">
+        <source>General</source>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/shared/policy.ts</context>
+          <context context-type="linenumber">56</context>
+        </context-group>
+      </trans-unit>
+      <trans-unit id="iam.rsc-type.project" datatype="html">
+        <source>Project</source>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/shared/policy.ts</context>
+          <context context-type="linenumber">61</context>
+        </context-group>
+      </trans-unit>
+      <trans-unit id="iam.rsc-type.env" datatype="html">
+        <source>Environment</source>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/shared/policy.ts</context>
+          <context context-type="linenumber">66</context>
+        </context-group>
+      </trans-unit>
+      <trans-unit id="iam.policy.project" datatype="html">
+        <source>Project</source>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/shared/policy.ts</context>
+          <context context-type="linenumber">87</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/shared/policy.ts</context>
+          <context context-type="linenumber">99</context>
+        </context-group>
+      </trans-unit>
+      <trans-unit id="iam.policy.environment" datatype="html">
+        <source>Environment</source>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/shared/policy.ts</context>
+          <context context-type="linenumber">109</context>
+        </context-group>
+      </trans-unit>
     </body>
   </file>
 </xliff>
diff --git a/modules/front-end/src/locale/messages.zh.xlf b/modules/front-end/src/locale/messages.zh.xlf
index b1d6263a3..fe66adbc7 100644
--- a/modules/front-end/src/locale/messages.zh.xlf
+++ b/modules/front-end/src/locale/messages.zh.xlf
@@ -5440,258 +5440,6 @@
         </context-group>
         <target>任意</target>
       </trans-unit>
-      <trans-unit id="iam.rsc-type.all" datatype="html">
-        <source>All</source>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/iam/components/policy-editor/types.ts</context>
-          <context context-type="linenumber">49</context>
-        </context-group>
-        <target>全部</target>
-      </trans-unit>
-      <trans-unit id="iam.rsc-type.general" datatype="html">
-        <source>General</source>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/iam/components/policy-editor/types.ts</context>
-          <context context-type="linenumber">54</context>
-        </context-group>
-        <target>通用</target>
-      </trans-unit>
-      <trans-unit id="iam.rsc-type.project" datatype="html">
-        <source>Project</source>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/iam/components/policy-editor/types.ts</context>
-          <context context-type="linenumber">59</context>
-        </context-group>
-        <target>项目</target>
-      </trans-unit>
-      <trans-unit id="iam.rsc-type.env" datatype="html">
-        <source>Environment</source>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/iam/components/policy-editor/types.ts</context>
-          <context context-type="linenumber">64</context>
-        </context-group>
-        <target>环境</target>
-      </trans-unit>
-      <trans-unit id="iam.policy.project" datatype="html">
-        <source>Project</source>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/iam/components/policy-editor/types.ts</context>
-          <context context-type="linenumber">85</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/iam/components/policy-editor/types.ts</context>
-          <context context-type="linenumber">97</context>
-        </context-group>
-        <target>项目</target>
-      </trans-unit>
-      <trans-unit id="iam.policy.environment" datatype="html">
-        <source>Environment</source>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/iam/components/policy-editor/types.ts</context>
-          <context context-type="linenumber">107</context>
-        </context-group>
-        <target>环境</target>
-      </trans-unit>
-      <trans-unit id="iam.action.all" datatype="html">
-        <source>All</source>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/iam/components/policy-editor/types.ts</context>
-          <context context-type="linenumber">120</context>
-        </context-group>
-        <target>全部操作</target>
-      </trans-unit>
-      <trans-unit id="iam.action.update-org-name" datatype="html">
-        <source>Update org name</source>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/iam/components/policy-editor/types.ts</context>
-          <context context-type="linenumber">127</context>
-        </context-group>
-        <target>修改机构名称</target>
-      </trans-unit>
-      <trans-unit id="iam.action.list-access-tokens" datatype="html">
-        <source>List access tokens</source>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/iam/components/policy-editor/types.ts</context>
-          <context context-type="linenumber">132</context>
-        </context-group>
-        <target>查看访问策略列表</target>
-      </trans-unit>
-      <trans-unit id="iam.action.create-service-access-tokens" datatype="html">
-        <source>Create service access tokens</source>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/iam/components/policy-editor/types.ts</context>
-          <context context-type="linenumber">137</context>
-        </context-group>
-        <target>创建 Service 访问策略</target>
-      </trans-unit>
-      <trans-unit id="iam.action.create-personal-access-tokens" datatype="html">
-        <source>Create personal access tokens</source>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/iam/components/policy-editor/types.ts</context>
-          <context context-type="linenumber">142</context>
-        </context-group>
-        <target>创建 Personal 访问策略</target>
-      </trans-unit>
-      <trans-unit id="iam.action.iam" datatype="html">
-        <source>IAM</source>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/iam/components/policy-editor/types.ts</context>
-          <context context-type="linenumber">149</context>
-        </context-group>
-        <target>权限管理</target>
-      </trans-unit>
-      <trans-unit id="iam.action.list-projects" datatype="html">
-        <source>List projects</source>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/iam/components/policy-editor/types.ts</context>
-          <context context-type="linenumber">156</context>
-        </context-group>
-        <target>查看项目列表</target>
-      </trans-unit>
-      <trans-unit id="iam.action.create-projects" datatype="html">
-        <source>Create projects</source>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/iam/components/policy-editor/types.ts</context>
-          <context context-type="linenumber">161</context>
-        </context-group>
-        <target>创建项目</target>
-      </trans-unit>
-      <trans-unit id="iam.action.delete-projects" datatype="html">
-        <source>Delete projects</source>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/iam/components/policy-editor/types.ts</context>
-          <context context-type="linenumber">166</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/iam/components/policy-editor/types.ts</context>
-          <context context-type="linenumber">223</context>
-        </context-group>
-        <target>删除项目</target>
-      </trans-unit>
-      <trans-unit id="iam.action.update-project-settings" datatype="html">
-        <source>Update project settings</source>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/iam/components/policy-editor/types.ts</context>
-          <context context-type="linenumber">171</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/iam/components/policy-editor/types.ts</context>
-          <context context-type="linenumber">228</context>
-        </context-group>
-        <target>修改项目设置</target>
-      </trans-unit>
-      <trans-unit id="iam.action.list-envs" datatype="html">
-        <source>List environments</source>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/iam/components/policy-editor/types.ts</context>
-          <context context-type="linenumber">176</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/iam/components/policy-editor/types.ts</context>
-          <context context-type="linenumber">233</context>
-        </context-group>
-        <target>查看环境列表</target>
-      </trans-unit>
-      <trans-unit id="iam.action.create-env" datatype="html">
-        <source>Create environment</source>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/iam/components/policy-editor/types.ts</context>
-          <context context-type="linenumber">181</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/iam/components/policy-editor/types.ts</context>
-          <context context-type="linenumber">238</context>
-        </context-group>
-        <target>创建环境</target>
-      </trans-unit>
-      <trans-unit id="iam.action.access-envs" datatype="html">
-        <source>Access environments</source>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/iam/components/policy-editor/types.ts</context>
-          <context context-type="linenumber">186</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/iam/components/policy-editor/types.ts</context>
-          <context context-type="linenumber">218</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/iam/components/policy-editor/types.ts</context>
-          <context context-type="linenumber">260</context>
-        </context-group>
-        <target>进入环境</target>
-      </trans-unit>
-      <trans-unit id="iam.action.delete-envs" datatype="html">
-        <source>Delete environments</source>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/iam/components/policy-editor/types.ts</context>
-          <context context-type="linenumber">191</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/iam/components/policy-editor/types.ts</context>
-          <context context-type="linenumber">265</context>
-        </context-group>
-        <target>删除环境</target>
-      </trans-unit>
-      <trans-unit id="iam.action.update-env-settings" datatype="html">
-        <source>Update environment settings</source>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/iam/components/policy-editor/types.ts</context>
-          <context context-type="linenumber">196</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/iam/components/policy-editor/types.ts</context>
-          <context context-type="linenumber">270</context>
-        </context-group>
-        <target>修改环境设置</target>
-      </trans-unit>
-      <trans-unit id="iam.action.delete-env-secret" datatype="html">
-        <source>Delete environment secret</source>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/iam/components/policy-editor/types.ts</context>
-          <context context-type="linenumber">201</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/iam/components/policy-editor/types.ts</context>
-          <context context-type="linenumber">243</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/iam/components/policy-editor/types.ts</context>
-          <context context-type="linenumber">275</context>
-        </context-group>
-        <target>删除环境秘钥</target>
-      </trans-unit>
-      <trans-unit id="iam.action.create-env-secret" datatype="html">
-        <source>Create environment secret</source>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/iam/components/policy-editor/types.ts</context>
-          <context context-type="linenumber">206</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/iam/components/policy-editor/types.ts</context>
-          <context context-type="linenumber">248</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/iam/components/policy-editor/types.ts</context>
-          <context context-type="linenumber">280</context>
-        </context-group>
-        <target>创建环境秘钥</target>
-      </trans-unit>
-      <trans-unit id="iam.action.update-env-secret" datatype="html">
-        <source>Update environment secret</source>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/iam/components/policy-editor/types.ts</context>
-          <context context-type="linenumber">211</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/iam/components/policy-editor/types.ts</context>
-          <context context-type="linenumber">253</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/iam/components/policy-editor/types.ts</context>
-          <context context-type="linenumber">285</context>
-        </context-group>
-        <target>修改环境秘钥</target>
-      </trans-unit>
       <trans-unit id="iam.routing.team" datatype="html">
         <source>Team</source>
         <context-group purpose="location">
@@ -7181,6 +6929,274 @@
         </context-group>
         <target>不包含用户</target>
       </trans-unit>
+      <trans-unit id="iam.action.all" datatype="html">
+        <source>All</source>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/shared/permissions.ts</context>
+          <context context-type="linenumber">15</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/shared/permissions.ts</context>
+          <context context-type="linenumber">16</context>
+        </context-group>
+        <target>全部操作</target>
+      </trans-unit>
+      <trans-unit id="iam.action.list-projects" datatype="html">
+        <source>List projects</source>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/shared/permissions.ts</context>
+          <context context-type="linenumber">23</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/shared/permissions.ts</context>
+          <context context-type="linenumber">24</context>
+        </context-group>
+        <target>查看项目列表</target>
+      </trans-unit>
+      <trans-unit id="iam.action.create-projects" datatype="html">
+        <source>Create projects</source>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/shared/permissions.ts</context>
+          <context context-type="linenumber">30</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/shared/permissions.ts</context>
+          <context context-type="linenumber">31</context>
+        </context-group>
+        <target>创建项目</target>
+      </trans-unit>
+      <trans-unit id="iam.action.delete-projects" datatype="html">
+        <source>Delete projects</source>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/shared/permissions.ts</context>
+          <context context-type="linenumber">37</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/shared/permissions.ts</context>
+          <context context-type="linenumber">38</context>
+        </context-group>
+        <target>删除项目</target>
+      </trans-unit>
+      <trans-unit id="iam.action.access-envs" datatype="html">
+        <source>Access environments</source>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/shared/permissions.ts</context>
+          <context context-type="linenumber">44</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/shared/permissions.ts</context>
+          <context context-type="linenumber">45</context>
+        </context-group>
+        <target>进入环境</target>
+      </trans-unit>
+      <trans-unit id="iam.action.update-project-settings" datatype="html">
+        <source>Update project settings</source>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/shared/permissions.ts</context>
+          <context context-type="linenumber">51</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/shared/permissions.ts</context>
+          <context context-type="linenumber">52</context>
+        </context-group>
+        <target>修改项目设置</target>
+      </trans-unit>
+      <trans-unit id="iam.action.list-envs" datatype="html">
+        <source>List environments</source>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/shared/permissions.ts</context>
+          <context context-type="linenumber">58</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/shared/permissions.ts</context>
+          <context context-type="linenumber">59</context>
+        </context-group>
+        <target>查看环境列表</target>
+      </trans-unit>
+      <trans-unit id="iam.action.create-env" datatype="html">
+        <source>Create environment</source>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/shared/permissions.ts</context>
+          <context context-type="linenumber">65</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/shared/permissions.ts</context>
+          <context context-type="linenumber">66</context>
+        </context-group>
+        <target>创建环境</target>
+      </trans-unit>
+      <trans-unit id="iam.action.delete-envs" datatype="html">
+        <source>Delete environments</source>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/shared/permissions.ts</context>
+          <context context-type="linenumber">72</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/shared/permissions.ts</context>
+          <context context-type="linenumber">73</context>
+        </context-group>
+        <target>删除环境</target>
+      </trans-unit>
+      <trans-unit id="iam.action.update-env-settings" datatype="html">
+        <source>Update environment settings</source>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/shared/permissions.ts</context>
+          <context context-type="linenumber">79</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/shared/permissions.ts</context>
+          <context context-type="linenumber">80</context>
+        </context-group>
+        <target>修改环境设置</target>
+      </trans-unit>
+      <trans-unit id="iam.action.delete-env-secret" datatype="html">
+        <source>Delete environment secret</source>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/shared/permissions.ts</context>
+          <context context-type="linenumber">86</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/shared/permissions.ts</context>
+          <context context-type="linenumber">87</context>
+        </context-group>
+        <target>删除环境秘钥</target>
+      </trans-unit>
+      <trans-unit id="iam.action.create-env-secret" datatype="html">
+        <source>Create environment secret</source>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/shared/permissions.ts</context>
+          <context context-type="linenumber">93</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/shared/permissions.ts</context>
+          <context context-type="linenumber">94</context>
+        </context-group>
+        <target>创建环境秘钥</target>
+      </trans-unit>
+      <trans-unit id="iam.action.update-env-secret" datatype="html">
+        <source>Update environment secret</source>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/shared/permissions.ts</context>
+          <context context-type="linenumber">100</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/shared/permissions.ts</context>
+          <context context-type="linenumber">101</context>
+        </context-group>
+        <target>修改环境秘钥</target>
+      </trans-unit>
+      <trans-unit id="iam.action.update-org-name" datatype="html">
+        <source>Update org name</source>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/shared/permissions.ts</context>
+          <context context-type="linenumber">109</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/shared/permissions.ts</context>
+          <context context-type="linenumber">110</context>
+        </context-group>
+        <target>修改机构名称</target>
+      </trans-unit>
+      <trans-unit id="iam.action.iam" datatype="html">
+        <source>IAM</source>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/shared/permissions.ts</context>
+          <context context-type="linenumber">118</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/shared/permissions.ts</context>
+          <context context-type="linenumber">119</context>
+        </context-group>
+        <target>权限管理</target>
+      </trans-unit>
+      <trans-unit id="iam.action.list-access-tokens" datatype="html">
+        <source>List access tokens</source>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/shared/permissions.ts</context>
+          <context context-type="linenumber">127</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/shared/permissions.ts</context>
+          <context context-type="linenumber">128</context>
+        </context-group>
+        <target>查看访问策略列表</target>
+      </trans-unit>
+      <trans-unit id="iam.action.manage-service-access-tokens" datatype="html">
+        <source>Manage service access tokens</source>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/shared/permissions.ts</context>
+          <context context-type="linenumber">134</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/shared/permissions.ts</context>
+          <context context-type="linenumber">135</context>
+        </context-group>
+        <target>管理 Service 访问策略</target>
+      </trans-unit>
+      <trans-unit id="iam.action.manage-personal-access-tokens" datatype="html">
+        <source>Manage personal access tokens</source>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/shared/permissions.ts</context>
+          <context context-type="linenumber">141</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/shared/permissions.ts</context>
+          <context context-type="linenumber">142</context>
+        </context-group>
+        <target>管理 Personal 访问策略</target>
+      </trans-unit>
+      <trans-unit id="iam.rsc-type.all" datatype="html">
+        <source>All</source>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/shared/policy.ts</context>
+          <context context-type="linenumber">51</context>
+        </context-group>
+        <target>全部</target>
+      </trans-unit>
+      <trans-unit id="iam.rsc-type.general" datatype="html">
+        <source>General</source>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/shared/policy.ts</context>
+          <context context-type="linenumber">56</context>
+        </context-group>
+        <target>通用</target>
+      </trans-unit>
+      <trans-unit id="iam.rsc-type.project" datatype="html">
+        <source>Project</source>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/shared/policy.ts</context>
+          <context context-type="linenumber">61</context>
+        </context-group>
+        <target>项目</target>
+      </trans-unit>
+      <trans-unit id="iam.rsc-type.env" datatype="html">
+        <source>Environment</source>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/shared/policy.ts</context>
+          <context context-type="linenumber">66</context>
+        </context-group>
+        <target>环境</target>
+      </trans-unit>
+      <trans-unit id="iam.policy.project" datatype="html">
+        <source>Project</source>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/shared/policy.ts</context>
+          <context context-type="linenumber">87</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/shared/policy.ts</context>
+          <context context-type="linenumber">99</context>
+        </context-group>
+        <target>项目</target>
+      </trans-unit>
+      <trans-unit id="iam.policy.environment" datatype="html">
+        <source>Environment</source>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/shared/policy.ts</context>
+          <context context-type="linenumber">109</context>
+        </context-group>
+        <target>环境</target>
+      </trans-unit>
     </body>
   </file>
 </xliff>

From 61418098f7efbaad495ae5786f2c3f2e5598ce52 Mon Sep 17 00:00:00 2001
From: cosmos-explorer <lian.yang.work@gmail.com>
Date: Mon, 13 Mar 2023 16:06:37 +0100
Subject: [PATCH 23/44] fixed error

---
 .../access-token-drawer/access-token-drawer.component.html       | 1 +
 1 file changed, 1 insertion(+)

diff --git a/modules/front-end/src/app/core/components/access-token-drawer/access-token-drawer.component.html b/modules/front-end/src/app/core/components/access-token-drawer/access-token-drawer.component.html
index 2a2403bdc..f8535ac65 100644
--- a/modules/front-end/src/app/core/components/access-token-drawer/access-token-drawer.component.html
+++ b/modules/front-end/src/app/core/components/access-token-drawer/access-token-drawer.component.html
@@ -98,6 +98,7 @@
   [(nzVisible)]="isCreationConfirmModalVisible"
   i18n-nzTitle="@@integrations.access-tokens.access-token-created"
   nzTitle="Access token created"
+  (nzOnCancel)="isCreationConfirmModalVisible = false"
   [nzFooter]="confirmFooter"
   (nzOnOk)="isCreationConfirmModalVisible = false">
   <ng-container *nzModalContent>

From 5bdec8e532e15b1c76353d2907b42d89afc5cb69 Mon Sep 17 00:00:00 2001
From: cosmos-explorer <lian.yang.work@gmail.com>
Date: Mon, 13 Mar 2023 16:08:26 +0100
Subject: [PATCH 24/44] fixed bug

---
 .../integrations/access-tokens/index/index.component.html     | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/modules/front-end/src/app/features/safe/integrations/access-tokens/index/index.component.html b/modules/front-end/src/app/features/safe/integrations/access-tokens/index/index.component.html
index ba877cbee..cd5851c50 100644
--- a/modules/front-end/src/app/features/safe/integrations/access-tokens/index/index.component.html
+++ b/modules/front-end/src/app/features/safe/integrations/access-tokens/index/index.component.html
@@ -96,7 +96,8 @@
               <li nz-menu-item (click)="toggleStatus(item)" *ngIf="item.status === AccessTokenStatusInactive">
                 <ng-container i18n="@@common.activate">Activate</ng-container>
               </li>
-              <li nz-menu-item
+              <li *ngIf="item.status === AccessTokenStatusActive"
+                  nz-menu-item
                   nz-popconfirm
                   i18n-nzPopconfirmTitle="@@integrations.access-tokens.deactivate-access-token-confirm"
                   nzPopconfirmTitle="Deactivate this access token? You can't use an inactive access token to make API calls but you can activate it again later."
@@ -107,7 +108,6 @@
                 <ng-container i18n="@@common.Deactivate">Deactivate</ng-container>
               </li>
               <li nz-menu-item
-                  *ngIf="item.status === AccessTokenStatusActive"
                   nz-popconfirm
                   i18n-nzPopconfirmTitle="@@integrations.access-tokens.deactivate-access-token-confirm"
                   nzPopconfirmTitle="Deactivate this access token? You can't use an inactive access token to make API calls but you can activate it again later."

From 4af48b744519d4ee0017d440ecba64fa2621f03a Mon Sep 17 00:00:00 2001
From: cosmos-explorer <lian.yang.work@gmail.com>
Date: Mon, 13 Mar 2023 16:23:05 +0100
Subject: [PATCH 25/44] in progress

---
 .../src/app/core/services/permissions.service.ts         | 6 +++---
 .../front-end/src/app/core/services/policy.service.ts    | 2 +-
 .../components/policy-editor/policy-editor.component.ts  | 4 ++--
 .../policies/details/permission/permission.component.ts  | 3 ++-
 modules/front-end/src/app/shared/policy.ts               | 9 ++++++++-
 5 files changed, 16 insertions(+), 8 deletions(-)

diff --git a/modules/front-end/src/app/core/services/permissions.service.ts b/modules/front-end/src/app/core/services/permissions.service.ts
index a72a0f28b..9cc4e4076 100644
--- a/modules/front-end/src/app/core/services/permissions.service.ts
+++ b/modules/front-end/src/app/core/services/permissions.service.ts
@@ -1,15 +1,15 @@
 import {Injectable} from "@angular/core";
 import {lastValueFrom} from "rxjs";
-import {IPolicy, IPolicyStatement} from "@features/safe/iam/types/policy";
+import {IPolicy} from "@features/safe/iam/types/policy";
 import {MemberService} from "@services/member.service";
-import { EffectEnum, IamPolicyAction, ResourceTypeEnum } from "@shared/policy";
+import { EffectEnum, IamPolicyAction, IPolicyStatement, ResourceTypeEnum } from "@shared/policy";
 
 @Injectable({
   providedIn: 'root'
 })
 export class PermissionsService {
   policies: IPolicy[];
-  private permissions: IPolicyStatement[];
+  permissions: IPolicyStatement[];
 
   genericDenyMessage: string = $localize `:@@permissions.need-permissions-to-operate:You don't have permissions to take this action, please contact the admin to grant you the necessary permissions`;
 
diff --git a/modules/front-end/src/app/core/services/policy.service.ts b/modules/front-end/src/app/core/services/policy.service.ts
index 8fbf5cf39..d3b9d2f3f 100644
--- a/modules/front-end/src/app/core/services/policy.service.ts
+++ b/modules/front-end/src/app/core/services/policy.service.ts
@@ -8,12 +8,12 @@ import {
   IPagedPolicyGroup,
   IPagedPolicyMember,
   IPolicy,
-  IPolicyStatement,
   PolicyFilter,
   PolicyGroupFilter,
   PolicyMemberFilter
 } from "@features/safe/iam/types/policy";
 import { catchError } from "rxjs/operators";
+import { IPolicyStatement } from "@shared/policy";
 
 @Injectable({
   providedIn: 'root'
diff --git a/modules/front-end/src/app/features/safe/iam/components/policy-editor/policy-editor.component.ts b/modules/front-end/src/app/features/safe/iam/components/policy-editor/policy-editor.component.ts
index bbe56e29b..2951538fa 100644
--- a/modules/front-end/src/app/features/safe/iam/components/policy-editor/policy-editor.component.ts
+++ b/modules/front-end/src/app/features/safe/iam/components/policy-editor/policy-editor.component.ts
@@ -1,7 +1,7 @@
 import {Component, EventEmitter, Input, Output} from '@angular/core';
 import {
   EffectEnum,
-  IamPolicyAction,
+  IamPolicyAction, IPolicyStatement,
   Resource,
   resourceActionsDict,
   resourcesTypes,
@@ -9,7 +9,7 @@ import {
   ResourceTypeEnum
 } from "@shared/policy";
 import {deepCopy, encodeURIComponentFfc, uuidv4} from "@utils/index";
-import {IPolicy, IPolicyStatement} from "@features/safe/iam/types/policy";
+import {IPolicy} from "@features/safe/iam/types/policy";
 import {NzMessageService} from "ng-zorro-antd/message";
 import {PolicyService} from "@services/policy.service";
 import {Router} from "@angular/router";
diff --git a/modules/front-end/src/app/features/safe/iam/policies/details/permission/permission.component.ts b/modules/front-end/src/app/features/safe/iam/policies/details/permission/permission.component.ts
index 35e30a40e..55724f5a4 100644
--- a/modules/front-end/src/app/features/safe/iam/policies/details/permission/permission.component.ts
+++ b/modules/front-end/src/app/features/safe/iam/policies/details/permission/permission.component.ts
@@ -1,8 +1,9 @@
 import { Component, OnInit } from '@angular/core';
 import { ActivatedRoute, Router } from '@angular/router';
-import { IPolicy, IPolicyStatement } from "@features/safe/iam/types/policy";
+import { IPolicy } from "@features/safe/iam/types/policy";
 import { PolicyService } from "@services/policy.service";
 import { NzMessageService } from "ng-zorro-antd/message";
+import { IPolicyStatement } from "@shared/policy";
 
 @Component({
   selector: 'permission',
diff --git a/modules/front-end/src/app/shared/policy.ts b/modules/front-end/src/app/shared/policy.ts
index 1f1d5f197..ea308475b 100644
--- a/modules/front-end/src/app/shared/policy.ts
+++ b/modules/front-end/src/app/shared/policy.ts
@@ -1,5 +1,12 @@
 import {generalResourceRNPattern, permissionActions} from "@shared/permissions";
-import {uuidv4} from "@utils/index";
+
+export interface IPolicyStatement {
+  id: string;
+  resourceType: string;
+  effect: string;
+  actions: string[];
+  resources: string[];
+}
 
 export interface Resource {
   id: string;

From 74190945142f081f4682fb86f89c3248d4baa424 Mon Sep 17 00:00:00 2001
From: cosmos-explorer <88151306+cosmos-explorer@users.noreply.github.com>
Date: Tue, 14 Mar 2023 15:51:30 +0100
Subject: [PATCH 26/44] =?UTF-8?q?=F0=9F=A7=B9refactor=20iam=20(#269)?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

* fixed error

* fixed bug

* in progress

* refactor iam

* translations

* PR fix
---
 .../docker-entrypoint-initdb.d/init.js        |  56 +++++---
 .../src/Application/Resources/ResourceVm.cs   |   2 +
 .../back-end/src/Domain/Resources/Resource.cs |   2 +
 .../src/Domain/Resources/ResourceType.cs      |   6 +-
 .../Resources/ResourceService.cs              |  66 +++++++--
 .../access-token-drawer.component.html        |   1 +
 .../app/core/services/permissions.service.ts  |  12 +-
 .../src/app/core/services/policy.service.ts   |   2 +-
 .../policy-editor/policy-editor.component.ts  |  34 ++---
 .../resources-selector.component.ts           |  23 ++--
 .../permission/permission.component.ts        |   3 +-
 .../access-tokens/index/index.component.html  |   4 +-
 .../project/project.component.ts              |   2 +-
 .../front-end/src/app/shared/permissions.ts   |  63 ++++++---
 modules/front-end/src/app/shared/policy.ts    |  86 ++++++++----
 modules/front-end/src/locale/messages.xlf     | 126 +++++++++--------
 modules/front-end/src/locale/messages.zh.xlf  | 130 ++++++++++--------
 17 files changed, 375 insertions(+), 243 deletions(-)

diff --git a/infra/mongodb/docker-entrypoint-initdb.d/init.js b/infra/mongodb/docker-entrypoint-initdb.d/init.js
index b426b82b8..00a7199df 100644
--- a/infra/mongodb/docker-entrypoint-initdb.d/init.js
+++ b/infra/mongodb/docker-entrypoint-initdb.d/init.js
@@ -96,42 +96,56 @@ db.Policies.insertOne(
         statements: [
             {
                 _id: getUUIDString(),
-                resourceType: "general",
+                resourceType: "account",
+                effect: "allow",
+                actions: ["UpdateOrgName"],
+                resources: ["account/*"]
+            },
+            {
+                _id: getUUIDString(),
+                resourceType: "iam",
                 effect: "allow",
                 actions: ["CanManageIAM"],
-                resources: ["iam"]
+                resources: ["iam/*"]
             },
             {
                 _id: getUUIDString(),
-                resourceType: "general",
+                resourceType: "access-token",
                 effect: "allow",
                 actions: [
-                    "UpdateOrgName",
                     "ManageServiceAccessTokens",
                     "ManagePersonalAccessTokens",
                     "ListAccessTokens"
                 ],
-                resources: ["account"]
+                resources: ["access-token/*"]
             },
             {
                 _id: getUUIDString(),
-                resourceType: "general",
+                resourceType: "project",
                 effect: "allow",
                 actions: [
                     "ListProjects",
                     "CreateProject",
                     "DeleteProject",
-                    "AccessEnvs",
                     "UpdateProjectSettings",
                     "ListEnvs",
-                    "CreateEnv",
+                    "CreateEnv"
+                ],
+                resources: ["project/*"]
+            },
+            {
+                _id: getUUIDString(),
+                resourceType: "env",
+                effect: "allow",
+                actions: [
+                    "AccessEnvs",
                     "DeleteEnv",
                     "UpdateEnvSettings",
                     "CreateEnvSecret",
                     "DeleteEnvSecret",
                     "UpdateEnvSecret"
                 ],
-                resources: ["project"]
+                resources: ["project/*:env/*"]
             }
         ],
         createdAt: new Date(),
@@ -148,25 +162,33 @@ db.Policies.insertOne(
         statements: [
             {
                 _id: getUUIDString(),
-                resourceType: "general",
+                resourceType: "access-token",
+                effect: "allow",
+                actions: [
+                    "ManageServiceAccessTokens",
+                    "ManagePersonalAccessTokens",
+                    "ListAccessTokens"
+                ],
+                resources: ["access-token/*"]
+            },
+            {
+                _id: getUUIDString(),
+                resourceType: "project",
                 effect: "allow",
                 actions: [
-                    "AccessEnvs",
                     "ListProjects",
                     "ListEnvs"
                 ],
-                resources: ["project"]
+                resources: ["project/*"]
             },
             {
                 _id: getUUIDString(),
-                resourceType: "general",
+                resourceType: "env",
                 effect: "allow",
                 actions: [
-                    "ManageServiceAccessTokens",
-                    "ManagePersonalAccessTokens",
-                    "ListAccessTokens"
+                    "AccessEnvs"
                 ],
-                resources: ["account"]
+                resources: ["project/*:env/*"]
             }
         ],
         createdAt: new Date(),
diff --git a/modules/back-end/src/Application/Resources/ResourceVm.cs b/modules/back-end/src/Application/Resources/ResourceVm.cs
index 918a5a63f..10b0ccb56 100644
--- a/modules/back-end/src/Application/Resources/ResourceVm.cs
+++ b/modules/back-end/src/Application/Resources/ResourceVm.cs
@@ -7,4 +7,6 @@ public class ResourceVm
     public string Name { get; set; }
 
     public string Rn { get; set; }
+    
+    public string Type { get; set; }
 }
\ No newline at end of file
diff --git a/modules/back-end/src/Domain/Resources/Resource.cs b/modules/back-end/src/Domain/Resources/Resource.cs
index 5609ea06d..926de1d1d 100644
--- a/modules/back-end/src/Domain/Resources/Resource.cs
+++ b/modules/back-end/src/Domain/Resources/Resource.cs
@@ -7,4 +7,6 @@ public class Resource
     public string Name { get; set; }
 
     public string Rn { get; set; }
+
+    public string Type { get; set; }
 }
\ No newline at end of file
diff --git a/modules/back-end/src/Domain/Resources/ResourceType.cs b/modules/back-end/src/Domain/Resources/ResourceType.cs
index e1bdf237c..51af785e7 100644
--- a/modules/back-end/src/Domain/Resources/ResourceType.cs
+++ b/modules/back-end/src/Domain/Resources/ResourceType.cs
@@ -4,7 +4,11 @@ public class ResourceType
 {
     public const string All = "*";
 
-    public const string General = "general";
+    public const string Account = "account";
+    
+    public const string IAM = "iam";
+    
+    public const string AccessToken = "access-token";
 
     public const string Project = "project";
 
diff --git a/modules/back-end/src/Infrastructure/Resources/ResourceService.cs b/modules/back-end/src/Infrastructure/Resources/ResourceService.cs
index 6934caa33..d0cc83a53 100644
--- a/modules/back-end/src/Infrastructure/Resources/ResourceService.cs
+++ b/modules/back-end/src/Infrastructure/Resources/ResourceService.cs
@@ -25,7 +25,9 @@ public async Task<IEnumerable<Resource>> GetResourcesAsync(Guid organizationId,
         return filter.Type switch
         {
             ResourceType.All => GetAll(name),
-            ResourceType.General => GetGeneral(name),
+            ResourceType.Account => GetGeneral(ResourceType.Account, name),
+            ResourceType.IAM => GetGeneral(ResourceType.IAM, name),
+            ResourceType.AccessToken => GetGeneral(ResourceType.AccessToken, name),
             ResourceType.Env => await GetEnvsAsync(organizationId, name),
             ResourceType.Project => await GetProjectsAsync(organizationId, name),
             _ => Array.Empty<Resource>()
@@ -40,7 +42,8 @@ private IEnumerable<Resource> GetAll(string name)
             {
                 Id = new Guid("2bdcb290-2e1b-40d7-bdd1-697fb2193292"),
                 Name = "All",
-                Rn = "*"
+                Rn = "*",
+                Type = ResourceType.All
             }
         };
 
@@ -52,36 +55,48 @@ private IEnumerable<Resource> GetAll(string name)
         return resources;
     }
 
-    private IEnumerable<Resource> GetGeneral(string name)
+    private IEnumerable<Resource> GetGeneral(string resourceType, string name)
     {
-        var resources = new List<Resource>
+        
+        var resource = resourceType switch
         {
-            new()
+           
+            ResourceType.Account => new Resource
             {
                 Id = new Guid("e394832e-bd98-43de-b174-e0c98e03d19d"),
                 Name = "Account",
-                Rn = "account"
+                Rn = "account/*",
+                Type = ResourceType.Account
             },
-            new()
+            ResourceType.IAM => new Resource
             {
                 Id = new Guid("d8791bd2-ca85-4629-a439-1dce20764211"),
                 Name = "IAM",
-                Rn = "iam"
+                Rn = "iam/*",
+                Type = ResourceType.IAM
             },
-            new()
+            ResourceType.AccessToken => new Resource
             {
                 Id = new Guid("150083da-e20f-4670-948c-b842cf8a91a4"),
-                Name = "Project",
-                Rn = "project"
-            }
+                Name = "Access token",
+                Rn = "access-token/*",
+                Type = ResourceType.AccessToken
+            },
+            _ => null
         };
 
+        if (resource == null)
+        {
+            return new List<Resource>();
+        }
+
+        var resources =  new List<Resource> { resource };
         if (!string.IsNullOrWhiteSpace(name))
         {
             resources = resources.Where(x => x.Name.Contains(name, StringComparison.OrdinalIgnoreCase)).ToList();
         }
 
-        return resources;
+        return resources.ToList();
     }
 
     public async Task<IEnumerable<Resource>> GetProjectsAsync(Guid organizationId, string name)
@@ -105,8 +120,18 @@ public async Task<IEnumerable<Resource>> GetProjectsAsync(Guid organizationId, s
         {
             Id = x.Id,
             Name = x.Name,
-            Rn = x.Rn
+            Rn = x.Rn,
+            Type = ResourceType.Project
+        }).ToList();
+        
+        resources.Insert(0, new Resource
+        {
+            Id = new Guid("e77679a2-e79b-43e5-aa9f-fd6c980239be"),
+            Name = "project",
+            Rn = "project/*",
+            Type = ResourceType.Project
         });
+
         return resources;
     }
 
@@ -139,8 +164,19 @@ join organization in organizations on project.OrganizationId equals organization
         {
             Id = x.Id,
             Name = x.Name,
-            Rn = x.Rn
+            Rn = x.Rn,
+            Type = ResourceType.Env
+        }).ToList();
+        
+        resources.Insert(0, new Resource
+        {
+            Id = new Guid("c62ed37a-74a9-4987-8ef4-b5a16127f307"),
+            Name = "env",
+            Rn = "project/*:env/*",
+            Type = ResourceType.Env
         });
+        
+        
         return resources;
     }
 }
\ No newline at end of file
diff --git a/modules/front-end/src/app/core/components/access-token-drawer/access-token-drawer.component.html b/modules/front-end/src/app/core/components/access-token-drawer/access-token-drawer.component.html
index 2a2403bdc..f8535ac65 100644
--- a/modules/front-end/src/app/core/components/access-token-drawer/access-token-drawer.component.html
+++ b/modules/front-end/src/app/core/components/access-token-drawer/access-token-drawer.component.html
@@ -98,6 +98,7 @@
   [(nzVisible)]="isCreationConfirmModalVisible"
   i18n-nzTitle="@@integrations.access-tokens.access-token-created"
   nzTitle="Access token created"
+  (nzOnCancel)="isCreationConfirmModalVisible = false"
   [nzFooter]="confirmFooter"
   (nzOnOk)="isCreationConfirmModalVisible = false">
   <ng-container *nzModalContent>
diff --git a/modules/front-end/src/app/core/services/permissions.service.ts b/modules/front-end/src/app/core/services/permissions.service.ts
index a72a0f28b..58a7b52bb 100644
--- a/modules/front-end/src/app/core/services/permissions.service.ts
+++ b/modules/front-end/src/app/core/services/permissions.service.ts
@@ -1,15 +1,15 @@
 import {Injectable} from "@angular/core";
 import {lastValueFrom} from "rxjs";
-import {IPolicy, IPolicyStatement} from "@features/safe/iam/types/policy";
+import {IPolicy} from "@features/safe/iam/types/policy";
 import {MemberService} from "@services/member.service";
-import { EffectEnum, IamPolicyAction, ResourceTypeEnum } from "@shared/policy";
+import { EffectEnum, IamPolicyAction, IPolicyStatement, ResourceTypeEnum } from "@shared/policy";
 
 @Injectable({
   providedIn: 'root'
 })
 export class PermissionsService {
   policies: IPolicy[];
-  private permissions: IPolicyStatement[];
+  permissions: IPolicyStatement[];
 
   genericDenyMessage: string = $localize `:@@permissions.need-permissions-to-operate:You don't have permissions to take this action, please contact the admin to grant you the necessary permissions`;
 
@@ -64,17 +64,11 @@ export class PermissionsService {
 
   // if return undefined, that means zero permission is defined on that resource
   canTakeAction(rn: string, action: IamPolicyAction): boolean | undefined | any {
-    const [resourceType, _] = rn.split('/');
-
     const statements = this.permissions.filter(s => {
         if (s.resourceType === ResourceTypeEnum.All) {
           return s.effect === EffectEnum.Allow;
         }
 
-        if (s.resourceType === ResourceTypeEnum.General) {
-          return s.resources.map(r => r.split('/')[0]).includes(resourceType) && s.actions.includes(action.name);
-        }
-
         const matchingResource = s.resources.find(rsc => {
           // check exact match
           if (this.matchRule(rn, rsc)){
diff --git a/modules/front-end/src/app/core/services/policy.service.ts b/modules/front-end/src/app/core/services/policy.service.ts
index 8fbf5cf39..d3b9d2f3f 100644
--- a/modules/front-end/src/app/core/services/policy.service.ts
+++ b/modules/front-end/src/app/core/services/policy.service.ts
@@ -8,12 +8,12 @@ import {
   IPagedPolicyGroup,
   IPagedPolicyMember,
   IPolicy,
-  IPolicyStatement,
   PolicyFilter,
   PolicyGroupFilter,
   PolicyMemberFilter
 } from "@features/safe/iam/types/policy";
 import { catchError } from "rxjs/operators";
+import { IPolicyStatement } from "@shared/policy";
 
 @Injectable({
   providedIn: 'root'
diff --git a/modules/front-end/src/app/features/safe/iam/components/policy-editor/policy-editor.component.ts b/modules/front-end/src/app/features/safe/iam/components/policy-editor/policy-editor.component.ts
index bbe56e29b..34709a8f7 100644
--- a/modules/front-end/src/app/features/safe/iam/components/policy-editor/policy-editor.component.ts
+++ b/modules/front-end/src/app/features/safe/iam/components/policy-editor/policy-editor.component.ts
@@ -1,7 +1,7 @@
 import {Component, EventEmitter, Input, Output} from '@angular/core';
 import {
   EffectEnum,
-  IamPolicyAction,
+  IamPolicyAction, IPolicyStatement, isResourceGeneral,
   Resource,
   resourceActionsDict,
   resourcesTypes,
@@ -9,7 +9,7 @@ import {
   ResourceTypeEnum
 } from "@shared/policy";
 import {deepCopy, encodeURIComponentFfc, uuidv4} from "@utils/index";
-import {IPolicy, IPolicyStatement} from "@features/safe/iam/types/policy";
+import {IPolicy} from "@features/safe/iam/types/policy";
 import {NzMessageService} from "ng-zorro-antd/message";
 import {PolicyService} from "@services/policy.service";
 import {Router} from "@angular/router";
@@ -37,30 +37,24 @@ class PolicyStatementViewModel {
         return find || act as unknown as IamPolicyAction;
       });
 
-      this.selectedResources = statement.resources.map(rsc => ({id: uuidv4(), name: rsc, rn: rsc}));
+      this.selectedResources = statement.resources.map(rsc => ({id: uuidv4(), name: rsc, rn: rsc, type: this.resourceType.type}));
+
+      // All the resources here are the same type, and if it's general type, resources only contains one element
+      const isGeneralResource = isResourceGeneral(this.resourceType?.type, statement.resources[0]);
+      this.availableActions = resourceActionsDict[this.resourceType?.type].filter((rs) => isGeneralResource || rs.isSpecificApplicable);
     } else {
       this.id = uuidv4();
       this.effect = EffectEnum.Allow;
       this.selectedActions = [];
       this.selectedResources = [];
+      this.availableActions =[];
     }
-
-    const actionKey = this.resourceType?.type === ResourceTypeEnum.General ?
-      `${ResourceTypeEnum.General},${this.selectedResources[0]?.rn}` :
-      this.resourceType?.type;
-
-    this.availableActions = resourceActionsDict[actionKey];
   }
 
   onResourceTypeChange(){
     this.selectedActions = [];
     this.selectedResources = [];
-
-    const actionKey = this.resourceType?.type === ResourceTypeEnum.General ?
-      `${ResourceTypeEnum.General},${this.selectedResources[0]?.rn}` :
-      this.resourceType?.type;
-
-    this.availableActions = resourceActionsDict[actionKey];
+    this.availableActions = [];
   }
 
   selectedActions: IamPolicyAction[] = [];
@@ -71,14 +65,10 @@ class PolicyStatementViewModel {
   selectedResources: Resource[] = [];
   onSelectedResourcesChange(resources: Resource[]) {
     this.selectedResources = [...resources];
+    // All the resources here are the same type, and if it's general type, resources only contains one element
+    const isGeneralResource = isResourceGeneral(resources[0].type, resources[0].rn);
 
-    let actionKey: string = this.resourceType?.type;
-    if (this.resourceType?.type === ResourceTypeEnum.General) {
-      this.selectedActions = [];
-      actionKey = `${ResourceTypeEnum.General},${this.selectedResources[0]?.rn}`;
-    }
-
-    this.availableActions = resourceActionsDict[actionKey];
+    this.availableActions = resourceActionsDict[this.resourceType?.type].filter((rs) => isGeneralResource || rs.isSpecificApplicable);
   }
 
   getOutput(): IPolicyStatement {
diff --git a/modules/front-end/src/app/features/safe/iam/components/policy-editor/resources-selector/resources-selector.component.ts b/modules/front-end/src/app/features/safe/iam/components/policy-editor/resources-selector/resources-selector.component.ts
index 04b555af8..dc3b1e141 100644
--- a/modules/front-end/src/app/features/safe/iam/components/policy-editor/resources-selector/resources-selector.component.ts
+++ b/modules/front-end/src/app/features/safe/iam/components/policy-editor/resources-selector/resources-selector.component.ts
@@ -1,15 +1,16 @@
-import {Component, EventEmitter, Input, Output, ViewChild} from "@angular/core";
-import {NzSelectComponent} from "ng-zorro-antd/select";
+import { Component, EventEmitter, Input, Output, ViewChild } from "@angular/core";
+import { NzSelectComponent } from "ng-zorro-antd/select";
 import {
+  isResourceGeneral,
   Resource,
   ResourceParamViewModel,
   ResourceType,
-  ResourceTypeEnum,
   RNViewModel,
   rscParamsDict
 } from "@shared/policy";
-import {ResourceService} from "@services/resource.service";
-import {deepCopy} from "@utils/index";
+import { ResourceService } from "@services/resource.service";
+import { deepCopy } from "@utils/index";
+
 @Component({
   selector: 'resources-selector',
   templateUrl: './resources-selector.component.html',
@@ -43,8 +44,10 @@ export class ResourcesSelectorComponent {
   @Input() selectedResources: Resource[] = [];
 
   onResourceChange() {
-    if (this.resourceType.type === ResourceTypeEnum.General) {
+    if (isResourceGeneral(this.resourceSelectModel.type, this.resourceSelectModel.rn)) {
       this.selectedResources = [];
+    } else {
+      this.selectedResources = this.selectedResources.filter((r) => !isResourceGeneral(r.type, r.rn))
     }
     this.selectedResources = [...this.selectedResources, {...this.resourceSelectModel}];
     this.onSelectedResourcesChange.next(this.selectedResources);
@@ -87,14 +90,14 @@ export class ResourcesSelectorComponent {
     const paramValues = rsc.rn.split(':')
       .map(r => {
         const part = r.split('/');
-        return {type: part[0], val: part[1]}})
-      .reduce((acc, cur) => {
-        acc[cur.type] = cur.val;
+        return {type: part[0], val: part[1], isAnyChecked: part[1] === '*' }})
+      .reduce((acc, { type, val, isAnyChecked}) => {
+        acc[type] = { val: val, isAnyChecked };
         return acc;
       }, {});
 
     if (paramValues) {
-      this.rscParams = this.rscParams.map(p => ({...p, val: paramValues[p.resourceType]}));
+      this.rscParams = this.rscParams.map(p => ({...p, val: paramValues[p.resourceType].val, isAnyChecked: paramValues[p.resourceType].isAnyChecked}));
     }
   }
 
diff --git a/modules/front-end/src/app/features/safe/iam/policies/details/permission/permission.component.ts b/modules/front-end/src/app/features/safe/iam/policies/details/permission/permission.component.ts
index 35e30a40e..55724f5a4 100644
--- a/modules/front-end/src/app/features/safe/iam/policies/details/permission/permission.component.ts
+++ b/modules/front-end/src/app/features/safe/iam/policies/details/permission/permission.component.ts
@@ -1,8 +1,9 @@
 import { Component, OnInit } from '@angular/core';
 import { ActivatedRoute, Router } from '@angular/router';
-import { IPolicy, IPolicyStatement } from "@features/safe/iam/types/policy";
+import { IPolicy } from "@features/safe/iam/types/policy";
 import { PolicyService } from "@services/policy.service";
 import { NzMessageService } from "ng-zorro-antd/message";
+import { IPolicyStatement } from "@shared/policy";
 
 @Component({
   selector: 'permission',
diff --git a/modules/front-end/src/app/features/safe/integrations/access-tokens/index/index.component.html b/modules/front-end/src/app/features/safe/integrations/access-tokens/index/index.component.html
index ba877cbee..cd5851c50 100644
--- a/modules/front-end/src/app/features/safe/integrations/access-tokens/index/index.component.html
+++ b/modules/front-end/src/app/features/safe/integrations/access-tokens/index/index.component.html
@@ -96,7 +96,8 @@
               <li nz-menu-item (click)="toggleStatus(item)" *ngIf="item.status === AccessTokenStatusInactive">
                 <ng-container i18n="@@common.activate">Activate</ng-container>
               </li>
-              <li nz-menu-item
+              <li *ngIf="item.status === AccessTokenStatusActive"
+                  nz-menu-item
                   nz-popconfirm
                   i18n-nzPopconfirmTitle="@@integrations.access-tokens.deactivate-access-token-confirm"
                   nzPopconfirmTitle="Deactivate this access token? You can't use an inactive access token to make API calls but you can activate it again later."
@@ -107,7 +108,6 @@
                 <ng-container i18n="@@common.Deactivate">Deactivate</ng-container>
               </li>
               <li nz-menu-item
-                  *ngIf="item.status === AccessTokenStatusActive"
                   nz-popconfirm
                   i18n-nzPopconfirmTitle="@@integrations.access-tokens.deactivate-access-token-confirm"
                   nzPopconfirmTitle="Deactivate this access token? You can't use an inactive access token to make API calls but you can activate it again later."
diff --git a/modules/front-end/src/app/features/safe/organizations/project/project.component.ts b/modules/front-end/src/app/features/safe/organizations/project/project.component.ts
index 437a5afdf..3348aabab 100644
--- a/modules/front-end/src/app/features/safe/organizations/project/project.component.ts
+++ b/modules/front-end/src/app/features/safe/organizations/project/project.component.ts
@@ -80,7 +80,7 @@ export class ProjectComponent implements OnInit {
     this.creatEditProjectFormVisible = true;
   }
 
-  getEnvRN(project: IProject, env: IEnvironment): string {
+  getEnvRN(project: IProject, env: Partial<IEnvironment>): string {
     if (!project || !env) {
       return '';
     }
diff --git a/modules/front-end/src/app/shared/permissions.ts b/modules/front-end/src/app/shared/permissions.ts
index 6aeffe976..b166598cf 100644
--- a/modules/front-end/src/app/shared/permissions.ts
+++ b/modules/front-end/src/app/shared/permissions.ts
@@ -3,9 +3,11 @@ import { IamPolicyAction } from "@shared/policy";
 
 export const generalResourceRNPattern = {
   all: '*',
-  account: 'account',
-  iam: 'iam',
-  project: 'project',
+  account: 'account/*',
+  iam: 'iam/*',
+  accessToken: 'access-token/*',
+  project: 'project/*',
+  env: 'project/*:env/*'
 }
 
 export const permissionActions: {[key: string]: IamPolicyAction} = {
@@ -14,92 +16,104 @@ export const permissionActions: {[key: string]: IamPolicyAction} = {
     name: '*',
     displayName: $localize`:@@iam.action.all:All`,
     description: $localize`:@@iam.action.all:All`,
-    isOpenAPIApplicable: false
+    isOpenAPIApplicable: false,
+    isSpecificApplicable: false
   },
-
   ListProjects: {
     id: uuidv4(),
     name: 'ListProjects',
     displayName: $localize`:@@iam.action.list-projects:List projects`,
     description: $localize`:@@iam.action.list-projects:List projects`,
-    isOpenAPIApplicable: true
+    isOpenAPIApplicable: true,
+    isSpecificApplicable: false
   },
   CreateProject: {
     id: uuidv4(),
     name: 'CreateProject',
     displayName: $localize`:@@iam.action.create-projects:Create projects`,
     description: $localize`:@@iam.action.create-projects:Create projects`,
-    isOpenAPIApplicable: true
+    isOpenAPIApplicable: true,
+    isSpecificApplicable: false
   },
   DeleteProject: {
     id: uuidv4(),
     name: 'DeleteProject',
     displayName: $localize`:@@iam.action.delete-projects:Delete projects`,
     description: $localize`:@@iam.action.delete-projects:Delete projects`,
-    isOpenAPIApplicable: true
+    isOpenAPIApplicable: true,
+    isSpecificApplicable: true
   },
   AccessEnvs: {
     id: uuidv4(),
     name: 'AccessEnvs',
     displayName: $localize`:@@iam.action.access-envs:Access environments`,
     description: $localize`:@@iam.action.access-envs:Access environments`,
-    isOpenAPIApplicable: true
+    isOpenAPIApplicable: true,
+    isSpecificApplicable: true
   },
   UpdateProjectSettings: {
     id: uuidv4(),
     name: 'UpdateProjectSettings',
     displayName: $localize`:@@iam.action.update-project-settings:Update project settings`,
     description: $localize`:@@iam.action.update-project-settings:Update project settings`,
-    isOpenAPIApplicable: true
+    isOpenAPIApplicable: true,
+    isSpecificApplicable: true
   },
   ListEnvs: {
     id: uuidv4(),
     name: 'ListEnvs',
     displayName: $localize`:@@iam.action.list-envs:List environments`,
     description: $localize`:@@iam.action.list-envs:List environments`,
-    isOpenAPIApplicable: true
+    isOpenAPIApplicable: true,
+    isSpecificApplicable: true
   },
   CreateEnv:  {
     id: uuidv4(),
     name: 'CreateEnv',
     displayName: $localize`:@@iam.action.create-env:Create environment`,
     description: $localize`:@@iam.action.create-env:Create environment`,
-    isOpenAPIApplicable: true
+    isOpenAPIApplicable: true,
+    isSpecificApplicable: true
   },
   DeleteEnv: {
     id: uuidv4(),
     name: 'DeleteEnv',
     displayName: $localize`:@@iam.action.delete-envs:Delete environments`,
     description: $localize`:@@iam.action.delete-envs:Delete environments`,
-    isOpenAPIApplicable: true
+    isOpenAPIApplicable: true,
+    isSpecificApplicable: true
   },
   UpdateEnvSettings: {
     id: uuidv4(),
     name: 'UpdateEnvSettings',
     displayName: $localize`:@@iam.action.update-env-settings:Update environment settings`,
     description: $localize`:@@iam.action.update-env-settings:Update environment settings`,
-    isOpenAPIApplicable: true
+    isOpenAPIApplicable: true,
+    isSpecificApplicable: true
   },
   DeleteEnvSecret: {
     id: uuidv4(),
     name: 'DeleteEnvSecret',
     displayName: $localize`:@@iam.action.delete-env-secret:Delete environment secret`,
     description: $localize`:@@iam.action.delete-env-secret:Delete environment secret`,
-    isOpenAPIApplicable: true
+    isOpenAPIApplicable: true,
+    isSpecificApplicable: true
   },
   CreateEnvSecret: {
     id: uuidv4(),
     name: 'CreateEnvSecret',
     displayName: $localize`:@@iam.action.create-env-secret:Create environment secret`,
     description: $localize`:@@iam.action.create-env-secret:Create environment secret`,
-    isOpenAPIApplicable: true
+    isOpenAPIApplicable: true,
+    isSpecificApplicable: true
   },
   UpdateEnvSecret: {
     id: uuidv4(),
     name: 'UpdateEnvSecret',
     displayName: $localize`:@@iam.action.update-env-secret:Update environment secret`,
     description: $localize`:@@iam.action.update-env-secret:Update environment secret`,
-    isOpenAPIApplicable: true
+    isOpenAPIApplicable: true,
+    isSpecificApplicable: true
   },
 
   // account
@@ -108,7 +122,8 @@ export const permissionActions: {[key: string]: IamPolicyAction} = {
     name: 'UpdateOrgName',
     displayName: $localize`:@@iam.action.update-org-name:Update org name`,
     description: $localize`:@@iam.action.update-org-name:Update org name`,
-    isOpenAPIApplicable: true
+    isOpenAPIApplicable: true,
+    isSpecificApplicable: false
   },
 
   // iam
@@ -117,7 +132,8 @@ export const permissionActions: {[key: string]: IamPolicyAction} = {
     name: 'CanManageIAM',
     displayName: $localize`:@@iam.action.iam:IAM`,
     description: $localize`:@@iam.action.iam:IAM`,
-    isOpenAPIApplicable: true
+    isOpenAPIApplicable: true,
+    isSpecificApplicable: false
   },
 
   // access tokens
@@ -126,20 +142,23 @@ export const permissionActions: {[key: string]: IamPolicyAction} = {
     name: 'ListAccessTokens',
     displayName: $localize`:@@iam.action.list-access-tokens:List access tokens`,
     description: $localize`:@@iam.action.list-access-tokens:List access tokens`,
-    isOpenAPIApplicable: true
+    isOpenAPIApplicable: true,
+    isSpecificApplicable: false
   },
   CreateServiceAccessTokens: {
     id: uuidv4(),
     name: 'ManageServiceAccessTokens',
     displayName: $localize`:@@iam.action.manage-service-access-tokens:Manage service access tokens`,
     description: $localize`:@@iam.action.manage-service-access-tokens:Manage service access tokens`,
-    isOpenAPIApplicable: true
+    isOpenAPIApplicable: true,
+    isSpecificApplicable: false
   },
   CreatePersonalAccessTokens: {
     id: uuidv4(),
     name: 'ManagePersonalAccessTokens',
     displayName: $localize`:@@iam.action.manage-personal-access-tokens:Manage personal access tokens`,
     description: $localize`:@@iam.action.manage-personal-access-tokens:Manage personal access tokens`,
-    isOpenAPIApplicable: true
+    isOpenAPIApplicable: true,
+    isSpecificApplicable: false
   },
 }
diff --git a/modules/front-end/src/app/shared/policy.ts b/modules/front-end/src/app/shared/policy.ts
index 1f1d5f197..32030d5bd 100644
--- a/modules/front-end/src/app/shared/policy.ts
+++ b/modules/front-end/src/app/shared/policy.ts
@@ -1,10 +1,18 @@
 import {generalResourceRNPattern, permissionActions} from "@shared/permissions";
-import {uuidv4} from "@utils/index";
+
+export interface IPolicyStatement {
+  id: string;
+  resourceType: string;
+  effect: string;
+  actions: string[];
+  resources: string[];
+}
 
 export interface Resource {
   id: string;
   name: string;
   rn: string;
+  type: ResourceTypeEnum;
 }
 
 export interface ValPlaceholder {
@@ -18,11 +26,14 @@ export interface IamPolicyAction {
   displayName: string;
   description: string;
   isOpenAPIApplicable: boolean;
+  isSpecificApplicable: boolean; // can it be applied to a specific resource, ex: an environment with name "abc"
 }
 
 export enum ResourceTypeEnum {
   All = '*',
-  General = 'general',
+  Account = 'account',
+  IAM = 'iam',
+  AccessToken = 'access-token',
   Project = 'project',
   Env = 'env',
 }
@@ -51,9 +62,19 @@ export const resourcesTypes: ResourceType[] = [
     displayName: $localize`:@@iam.rsc-type.all:All`
   },
   {
-    type: ResourceTypeEnum.General,
-    pattern: generalResourceRNPattern.project,
-    displayName: $localize`:@@iam.rsc-type.general:General`
+    type: ResourceTypeEnum.Account,
+    pattern: generalResourceRNPattern.account,
+    displayName: $localize`:@@iam.rsc-type.account:Account`
+  },
+  {
+    type: ResourceTypeEnum.IAM,
+    pattern: generalResourceRNPattern.iam,
+    displayName: $localize`:@@iam.rsc-type.iam:IAM`
+  },
+  {
+    type: ResourceTypeEnum.AccessToken,
+    pattern: generalResourceRNPattern.accessToken,
+    displayName: $localize`:@@iam.rsc-type.access-token:Access token`
   },
   {
     type: ResourceTypeEnum.Project,
@@ -77,7 +98,9 @@ export interface ResourceParamViewModel {
 
 export const rscParamsDict: {[key in ResourceTypeEnum]: ResourceParamViewModel[]} = {
   [ResourceTypeEnum.All]: [],
-  [ResourceTypeEnum.General]: [],
+  [ResourceTypeEnum.Account]: [],
+  [ResourceTypeEnum.IAM]: [],
+  [ResourceTypeEnum.AccessToken]: [],
   [ResourceTypeEnum.Project]: [
     {
       val: '',
@@ -118,40 +141,26 @@ export const resourceActionsDict: {[key: string]: IamPolicyAction[]} = {
   [ResourceTypeEnum.All]: [
     permissionActions.All,
   ],
-  [`${ResourceTypeEnum.General},account`]: [
-    permissionActions.UpdateOrgName,
+  [ResourceTypeEnum.Account]: [
+    permissionActions.UpdateOrgName
+  ],
+  [ResourceTypeEnum.IAM]: [
+    permissionActions.CanManageIAM,
+  ],
+  [ResourceTypeEnum.AccessToken]: [
     permissionActions.ListAccessTokens,
     permissionActions.CreateServiceAccessTokens,
     permissionActions.CreatePersonalAccessTokens,
   ],
-  [`${ResourceTypeEnum.General},iam`]: [
-    permissionActions.CanManageIAM,
-  ],
-  [`${ResourceTypeEnum.General},project`]: [ // for all projects
+  [ResourceTypeEnum.Project]: [
     permissionActions.ListProjects,
     permissionActions.CreateProject,
     permissionActions.DeleteProject,
     permissionActions.UpdateProjectSettings,
     permissionActions.ListEnvs,
     permissionActions.CreateEnv,
-    permissionActions.AccessEnvs,
-    permissionActions.DeleteEnv,
-    permissionActions.UpdateEnvSettings,
-    permissionActions.DeleteEnvSecret,
-    permissionActions.CreateEnvSecret,
-    permissionActions.UpdateEnvSecret,
-  ],
-  [ResourceTypeEnum.Project]: [ // for a specific project
-    permissionActions.AccessEnvs,
-    permissionActions.DeleteProject,
-    permissionActions.UpdateProjectSettings,
-    permissionActions.ListEnvs,
-    permissionActions.CreateEnv,
-    permissionActions.DeleteEnvSecret,
-    permissionActions.CreateEnvSecret,
-    permissionActions.UpdateEnvSecret,
   ],
-  [ResourceTypeEnum.Env]: [ // for a specific environment
+  [ResourceTypeEnum.Env]: [
     permissionActions.AccessEnvs,
     permissionActions.DeleteEnv,
     permissionActions.UpdateEnvSettings,
@@ -160,3 +169,22 @@ export const resourceActionsDict: {[key: string]: IamPolicyAction[]} = {
     permissionActions.UpdateEnvSecret,
   ]
 }
+
+// check if the resource is a general resource
+// if returns false, that means the actions which cannot be applied to a specific resource should be hidden
+// ex: ListProjects should not be avaible for a specific project: project/abc
+export function isResourceGeneral(type: ResourceTypeEnum, rn: string): boolean {
+  const generalResourceTypes = [ResourceTypeEnum.All, ResourceTypeEnum.Account, ResourceTypeEnum.IAM, ResourceTypeEnum.AccessToken];
+  if (generalResourceTypes.includes(type)) {
+    return true;
+  }
+
+  switch (type) {
+    case ResourceTypeEnum.Project:
+      return rn === generalResourceRNPattern.project;
+    case ResourceTypeEnum.Env:
+      return rn === generalResourceRNPattern.env;
+  }
+
+  return false;
+}
diff --git a/modules/front-end/src/locale/messages.xlf b/modules/front-end/src/locale/messages.xlf
index 09b4d21f4..70d514f75 100644
--- a/modules/front-end/src/locale/messages.xlf
+++ b/modules/front-end/src/locale/messages.xlf
@@ -446,14 +446,14 @@
         <source>Copy and save this token now, the token value will be masked once you leave the page.</source>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/core/components/access-token-drawer/access-token-drawer.component.html</context>
-          <context context-type="linenumber">108</context>
+          <context context-type="linenumber">109</context>
         </context-group>
       </trans-unit>
       <trans-unit id="common.ok" datatype="html">
         <source>OK</source>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/core/components/access-token-drawer/access-token-drawer.component.html</context>
-          <context context-type="linenumber">123</context>
+          <context context-type="linenumber">124</context>
         </context-group>
       </trans-unit>
       <trans-unit id="permissions.need-permissions-to-operate" datatype="html">
@@ -607,7 +607,7 @@
         </context-group>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/features/safe/iam/policies/details/permission/permission.component.ts</context>
-          <context context-type="linenumber">40</context>
+          <context context-type="linenumber">41</context>
         </context-group>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/features/safe/iam/policies/details/setting/setting.component.ts</context>
@@ -781,7 +781,7 @@
         </context-group>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/features/safe/iam/components/policy-editor/policy-editor.component.ts</context>
-          <context context-type="linenumber">140</context>
+          <context context-type="linenumber">130</context>
         </context-group>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/features/safe/iam/groups/details/setting/setting.component.ts</context>
@@ -1413,11 +1413,11 @@
         </context-group>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/features/safe/iam/components/policy-editor/policy-editor.component.ts</context>
-          <context context-type="linenumber">142</context>
+          <context context-type="linenumber">132</context>
         </context-group>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/features/safe/iam/components/policy-editor/policy-editor.component.ts</context>
-          <context context-type="linenumber">145</context>
+          <context context-type="linenumber">135</context>
         </context-group>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/features/safe/iam/groups/details/policies/policies.component.ts</context>
@@ -1453,7 +1453,7 @@
         </context-group>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/features/safe/iam/policies/details/permission/permission.component.ts</context>
-          <context context-type="linenumber">41</context>
+          <context context-type="linenumber">42</context>
         </context-group>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/features/safe/iam/policies/details/setting/setting.component.ts</context>
@@ -4880,7 +4880,7 @@
         </context-group>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/features/safe/iam/components/policy-editor/policy-editor.component.ts</context>
-          <context context-type="linenumber">152</context>
+          <context context-type="linenumber">142</context>
         </context-group>
       </trans-unit>
       <trans-unit id="common.copy" datatype="html">
@@ -4923,7 +4923,7 @@
         <source>Make sure resource and operation are set for all permissions</source>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/features/safe/iam/components/policy-editor/policy-editor.component.ts</context>
-          <context context-type="linenumber">158</context>
+          <context context-type="linenumber">148</context>
         </context-group>
       </trans-unit>
       <trans-unit id="iam.policies.details.resource" datatype="html">
@@ -5455,7 +5455,7 @@
         <source>Deactivate this access token? You can&apos;t use an inactive access token to make API calls but you can activate it again later.</source>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/features/safe/integrations/access-tokens/index/index.component.html</context>
-          <context context-type="linenumber">102</context>
+          <context context-type="linenumber">103</context>
         </context-group>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/features/safe/integrations/access-tokens/index/index.component.html</context>
@@ -5466,7 +5466,7 @@
         <source>Deactivate</source>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/features/safe/integrations/access-tokens/index/index.component.html</context>
-          <context context-type="linenumber">107</context>
+          <context context-type="linenumber">108</context>
         </context-group>
       </trans-unit>
       <trans-unit id="integrations.routing.access-tokens" datatype="html">
@@ -6309,244 +6309,258 @@
         <source>All</source>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/shared/permissions.ts</context>
-          <context context-type="linenumber">15</context>
+          <context context-type="linenumber">17</context>
         </context-group>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/shared/permissions.ts</context>
-          <context context-type="linenumber">16</context>
+          <context context-type="linenumber">18</context>
         </context-group>
       </trans-unit>
       <trans-unit id="iam.action.list-projects" datatype="html">
         <source>List projects</source>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/shared/permissions.ts</context>
-          <context context-type="linenumber">23</context>
+          <context context-type="linenumber">25</context>
         </context-group>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/shared/permissions.ts</context>
-          <context context-type="linenumber">24</context>
+          <context context-type="linenumber">26</context>
         </context-group>
       </trans-unit>
       <trans-unit id="iam.action.create-projects" datatype="html">
         <source>Create projects</source>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/shared/permissions.ts</context>
-          <context context-type="linenumber">30</context>
+          <context context-type="linenumber">33</context>
         </context-group>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/shared/permissions.ts</context>
-          <context context-type="linenumber">31</context>
+          <context context-type="linenumber">34</context>
         </context-group>
       </trans-unit>
       <trans-unit id="iam.action.delete-projects" datatype="html">
         <source>Delete projects</source>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/shared/permissions.ts</context>
-          <context context-type="linenumber">37</context>
+          <context context-type="linenumber">41</context>
         </context-group>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/shared/permissions.ts</context>
-          <context context-type="linenumber">38</context>
+          <context context-type="linenumber">42</context>
         </context-group>
       </trans-unit>
       <trans-unit id="iam.action.access-envs" datatype="html">
         <source>Access environments</source>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/shared/permissions.ts</context>
-          <context context-type="linenumber">44</context>
+          <context context-type="linenumber">49</context>
         </context-group>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/shared/permissions.ts</context>
-          <context context-type="linenumber">45</context>
+          <context context-type="linenumber">50</context>
         </context-group>
       </trans-unit>
       <trans-unit id="iam.action.update-project-settings" datatype="html">
         <source>Update project settings</source>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/shared/permissions.ts</context>
-          <context context-type="linenumber">51</context>
+          <context context-type="linenumber">57</context>
         </context-group>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/shared/permissions.ts</context>
-          <context context-type="linenumber">52</context>
+          <context context-type="linenumber">58</context>
         </context-group>
       </trans-unit>
       <trans-unit id="iam.action.list-envs" datatype="html">
         <source>List environments</source>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/shared/permissions.ts</context>
-          <context context-type="linenumber">58</context>
+          <context context-type="linenumber">65</context>
         </context-group>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/shared/permissions.ts</context>
-          <context context-type="linenumber">59</context>
+          <context context-type="linenumber">66</context>
         </context-group>
       </trans-unit>
       <trans-unit id="iam.action.create-env" datatype="html">
         <source>Create environment</source>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/shared/permissions.ts</context>
-          <context context-type="linenumber">65</context>
+          <context context-type="linenumber">73</context>
         </context-group>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/shared/permissions.ts</context>
-          <context context-type="linenumber">66</context>
+          <context context-type="linenumber">74</context>
         </context-group>
       </trans-unit>
       <trans-unit id="iam.action.delete-envs" datatype="html">
         <source>Delete environments</source>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/shared/permissions.ts</context>
-          <context context-type="linenumber">72</context>
+          <context context-type="linenumber">81</context>
         </context-group>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/shared/permissions.ts</context>
-          <context context-type="linenumber">73</context>
+          <context context-type="linenumber">82</context>
         </context-group>
       </trans-unit>
       <trans-unit id="iam.action.update-env-settings" datatype="html">
         <source>Update environment settings</source>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/shared/permissions.ts</context>
-          <context context-type="linenumber">79</context>
+          <context context-type="linenumber">89</context>
         </context-group>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/shared/permissions.ts</context>
-          <context context-type="linenumber">80</context>
+          <context context-type="linenumber">90</context>
         </context-group>
       </trans-unit>
       <trans-unit id="iam.action.delete-env-secret" datatype="html">
         <source>Delete environment secret</source>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/shared/permissions.ts</context>
-          <context context-type="linenumber">86</context>
+          <context context-type="linenumber">97</context>
         </context-group>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/shared/permissions.ts</context>
-          <context context-type="linenumber">87</context>
+          <context context-type="linenumber">98</context>
         </context-group>
       </trans-unit>
       <trans-unit id="iam.action.create-env-secret" datatype="html">
         <source>Create environment secret</source>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/shared/permissions.ts</context>
-          <context context-type="linenumber">93</context>
+          <context context-type="linenumber">105</context>
         </context-group>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/shared/permissions.ts</context>
-          <context context-type="linenumber">94</context>
+          <context context-type="linenumber">106</context>
         </context-group>
       </trans-unit>
       <trans-unit id="iam.action.update-env-secret" datatype="html">
         <source>Update environment secret</source>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/shared/permissions.ts</context>
-          <context context-type="linenumber">100</context>
+          <context context-type="linenumber">113</context>
         </context-group>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/shared/permissions.ts</context>
-          <context context-type="linenumber">101</context>
+          <context context-type="linenumber">114</context>
         </context-group>
       </trans-unit>
       <trans-unit id="iam.action.update-org-name" datatype="html">
         <source>Update org name</source>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/shared/permissions.ts</context>
-          <context context-type="linenumber">109</context>
+          <context context-type="linenumber">123</context>
         </context-group>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/shared/permissions.ts</context>
-          <context context-type="linenumber">110</context>
+          <context context-type="linenumber">124</context>
         </context-group>
       </trans-unit>
       <trans-unit id="iam.action.iam" datatype="html">
         <source>IAM</source>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/shared/permissions.ts</context>
-          <context context-type="linenumber">118</context>
+          <context context-type="linenumber">133</context>
         </context-group>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/shared/permissions.ts</context>
-          <context context-type="linenumber">119</context>
+          <context context-type="linenumber">134</context>
         </context-group>
       </trans-unit>
       <trans-unit id="iam.action.list-access-tokens" datatype="html">
         <source>List access tokens</source>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/shared/permissions.ts</context>
-          <context context-type="linenumber">127</context>
+          <context context-type="linenumber">143</context>
         </context-group>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/shared/permissions.ts</context>
-          <context context-type="linenumber">128</context>
+          <context context-type="linenumber">144</context>
         </context-group>
       </trans-unit>
       <trans-unit id="iam.action.manage-service-access-tokens" datatype="html">
         <source>Manage service access tokens</source>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/shared/permissions.ts</context>
-          <context context-type="linenumber">134</context>
+          <context context-type="linenumber">151</context>
         </context-group>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/shared/permissions.ts</context>
-          <context context-type="linenumber">135</context>
+          <context context-type="linenumber">152</context>
         </context-group>
       </trans-unit>
       <trans-unit id="iam.action.manage-personal-access-tokens" datatype="html">
         <source>Manage personal access tokens</source>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/shared/permissions.ts</context>
-          <context context-type="linenumber">141</context>
+          <context context-type="linenumber">159</context>
         </context-group>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/shared/permissions.ts</context>
-          <context context-type="linenumber">142</context>
+          <context context-type="linenumber">160</context>
         </context-group>
       </trans-unit>
       <trans-unit id="iam.rsc-type.all" datatype="html">
         <source>All</source>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/shared/policy.ts</context>
-          <context context-type="linenumber">51</context>
+          <context context-type="linenumber">62</context>
         </context-group>
       </trans-unit>
-      <trans-unit id="iam.rsc-type.general" datatype="html">
-        <source>General</source>
+      <trans-unit id="iam.rsc-type.account" datatype="html">
+        <source>Account</source>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/shared/policy.ts</context>
-          <context context-type="linenumber">56</context>
+          <context context-type="linenumber">67</context>
+        </context-group>
+      </trans-unit>
+      <trans-unit id="iam.rsc-type.iam" datatype="html">
+        <source>IAM</source>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/shared/policy.ts</context>
+          <context context-type="linenumber">72</context>
+        </context-group>
+      </trans-unit>
+      <trans-unit id="iam.rsc-type.access-token" datatype="html">
+        <source>Access token</source>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/shared/policy.ts</context>
+          <context context-type="linenumber">77</context>
         </context-group>
       </trans-unit>
       <trans-unit id="iam.rsc-type.project" datatype="html">
         <source>Project</source>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/shared/policy.ts</context>
-          <context context-type="linenumber">61</context>
+          <context context-type="linenumber">82</context>
         </context-group>
       </trans-unit>
       <trans-unit id="iam.rsc-type.env" datatype="html">
         <source>Environment</source>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/shared/policy.ts</context>
-          <context context-type="linenumber">66</context>
+          <context context-type="linenumber">87</context>
         </context-group>
       </trans-unit>
       <trans-unit id="iam.policy.project" datatype="html">
         <source>Project</source>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/shared/policy.ts</context>
-          <context context-type="linenumber">87</context>
+          <context context-type="linenumber">110</context>
         </context-group>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/shared/policy.ts</context>
-          <context context-type="linenumber">99</context>
+          <context context-type="linenumber">122</context>
         </context-group>
       </trans-unit>
       <trans-unit id="iam.policy.environment" datatype="html">
         <source>Environment</source>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/shared/policy.ts</context>
-          <context context-type="linenumber">109</context>
+          <context context-type="linenumber">132</context>
         </context-group>
       </trans-unit>
     </body>
diff --git a/modules/front-end/src/locale/messages.zh.xlf b/modules/front-end/src/locale/messages.zh.xlf
index fe66adbc7..33347a956 100644
--- a/modules/front-end/src/locale/messages.zh.xlf
+++ b/modules/front-end/src/locale/messages.zh.xlf
@@ -457,7 +457,7 @@
         <source>Copy and save this token now, the token value will be masked once you leave the page.</source>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/core/components/access-token-drawer/access-token-drawer.component.html</context>
-          <context context-type="linenumber">108</context>
+          <context context-type="linenumber">109</context>
         </context-group>
         <target>请复制并保存 Token，一旦离开该页面后，该 Token 将会被隐藏。</target>
       </trans-unit>
@@ -465,7 +465,7 @@
         <source>OK</source>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/core/components/access-token-drawer/access-token-drawer.component.html</context>
-          <context context-type="linenumber">123</context>
+          <context context-type="linenumber">124</context>
         </context-group>
         <target>OK</target>
       </trans-unit>
@@ -621,7 +621,7 @@
         </context-group>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/features/safe/iam/policies/details/permission/permission.component.ts</context>
-          <context context-type="linenumber">40</context>
+          <context context-type="linenumber">41</context>
         </context-group>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/features/safe/iam/policies/details/setting/setting.component.ts</context>
@@ -797,7 +797,7 @@
         </context-group>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/features/safe/iam/components/policy-editor/policy-editor.component.ts</context>
-          <context context-type="linenumber">140</context>
+          <context context-type="linenumber">130</context>
         </context-group>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/features/safe/iam/groups/details/setting/setting.component.ts</context>
@@ -1489,11 +1489,11 @@
         </context-group>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/features/safe/iam/components/policy-editor/policy-editor.component.ts</context>
-          <context context-type="linenumber">142</context>
+          <context context-type="linenumber">132</context>
         </context-group>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/features/safe/iam/components/policy-editor/policy-editor.component.ts</context>
-          <context context-type="linenumber">145</context>
+          <context context-type="linenumber">135</context>
         </context-group>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/features/safe/iam/groups/details/policies/policies.component.ts</context>
@@ -1529,7 +1529,7 @@
         </context-group>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/features/safe/iam/policies/details/permission/permission.component.ts</context>
-          <context context-type="linenumber">41</context>
+          <context context-type="linenumber">42</context>
         </context-group>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/features/safe/iam/policies/details/setting/setting.component.ts</context>
@@ -5316,7 +5316,7 @@
         </context-group>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/features/safe/iam/components/policy-editor/policy-editor.component.ts</context>
-          <context context-type="linenumber">152</context>
+          <context context-type="linenumber">142</context>
         </context-group>
         <target>系统托管策略不允许被修改。 如确有需要，可以复制以后再根据需求进行修改。</target>
       </trans-unit>
@@ -5364,7 +5364,7 @@
         <source>Make sure resource and operation are set for all permissions</source>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/features/safe/iam/components/policy-editor/policy-editor.component.ts</context>
-          <context context-type="linenumber">158</context>
+          <context context-type="linenumber">148</context>
         </context-group>
         <target>请确保已设置所有权限的资源和操作</target>
       </trans-unit>
@@ -5964,7 +5964,7 @@
         <source>Deactivate this access token? You can&apos;t use an inactive access token to make API calls but you can activate it again later.</source>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/features/safe/integrations/access-tokens/index/index.component.html</context>
-          <context context-type="linenumber">102</context>
+          <context context-type="linenumber">103</context>
         </context-group>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/features/safe/integrations/access-tokens/index/index.component.html</context>
@@ -5976,7 +5976,7 @@
         <source>Deactivate</source>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/features/safe/integrations/access-tokens/index/index.component.html</context>
-          <context context-type="linenumber">107</context>
+          <context context-type="linenumber">108</context>
         </context-group>
         <target>停用</target>
       </trans-unit>
@@ -6933,11 +6933,11 @@
         <source>All</source>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/shared/permissions.ts</context>
-          <context context-type="linenumber">15</context>
+          <context context-type="linenumber">17</context>
         </context-group>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/shared/permissions.ts</context>
-          <context context-type="linenumber">16</context>
+          <context context-type="linenumber">18</context>
         </context-group>
         <target>全部操作</target>
       </trans-unit>
@@ -6945,11 +6945,11 @@
         <source>List projects</source>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/shared/permissions.ts</context>
-          <context context-type="linenumber">23</context>
+          <context context-type="linenumber">25</context>
         </context-group>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/shared/permissions.ts</context>
-          <context context-type="linenumber">24</context>
+          <context context-type="linenumber">26</context>
         </context-group>
         <target>查看项目列表</target>
       </trans-unit>
@@ -6957,11 +6957,11 @@
         <source>Create projects</source>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/shared/permissions.ts</context>
-          <context context-type="linenumber">30</context>
+          <context context-type="linenumber">33</context>
         </context-group>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/shared/permissions.ts</context>
-          <context context-type="linenumber">31</context>
+          <context context-type="linenumber">34</context>
         </context-group>
         <target>创建项目</target>
       </trans-unit>
@@ -6969,11 +6969,11 @@
         <source>Delete projects</source>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/shared/permissions.ts</context>
-          <context context-type="linenumber">37</context>
+          <context context-type="linenumber">41</context>
         </context-group>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/shared/permissions.ts</context>
-          <context context-type="linenumber">38</context>
+          <context context-type="linenumber">42</context>
         </context-group>
         <target>删除项目</target>
       </trans-unit>
@@ -6981,11 +6981,11 @@
         <source>Access environments</source>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/shared/permissions.ts</context>
-          <context context-type="linenumber">44</context>
+          <context context-type="linenumber">49</context>
         </context-group>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/shared/permissions.ts</context>
-          <context context-type="linenumber">45</context>
+          <context context-type="linenumber">50</context>
         </context-group>
         <target>进入环境</target>
       </trans-unit>
@@ -6993,11 +6993,11 @@
         <source>Update project settings</source>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/shared/permissions.ts</context>
-          <context context-type="linenumber">51</context>
+          <context context-type="linenumber">57</context>
         </context-group>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/shared/permissions.ts</context>
-          <context context-type="linenumber">52</context>
+          <context context-type="linenumber">58</context>
         </context-group>
         <target>修改项目设置</target>
       </trans-unit>
@@ -7005,11 +7005,11 @@
         <source>List environments</source>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/shared/permissions.ts</context>
-          <context context-type="linenumber">58</context>
+          <context context-type="linenumber">65</context>
         </context-group>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/shared/permissions.ts</context>
-          <context context-type="linenumber">59</context>
+          <context context-type="linenumber">66</context>
         </context-group>
         <target>查看环境列表</target>
       </trans-unit>
@@ -7017,11 +7017,11 @@
         <source>Create environment</source>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/shared/permissions.ts</context>
-          <context context-type="linenumber">65</context>
+          <context context-type="linenumber">73</context>
         </context-group>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/shared/permissions.ts</context>
-          <context context-type="linenumber">66</context>
+          <context context-type="linenumber">74</context>
         </context-group>
         <target>创建环境</target>
       </trans-unit>
@@ -7029,11 +7029,11 @@
         <source>Delete environments</source>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/shared/permissions.ts</context>
-          <context context-type="linenumber">72</context>
+          <context context-type="linenumber">81</context>
         </context-group>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/shared/permissions.ts</context>
-          <context context-type="linenumber">73</context>
+          <context context-type="linenumber">82</context>
         </context-group>
         <target>删除环境</target>
       </trans-unit>
@@ -7041,11 +7041,11 @@
         <source>Update environment settings</source>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/shared/permissions.ts</context>
-          <context context-type="linenumber">79</context>
+          <context context-type="linenumber">89</context>
         </context-group>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/shared/permissions.ts</context>
-          <context context-type="linenumber">80</context>
+          <context context-type="linenumber">90</context>
         </context-group>
         <target>修改环境设置</target>
       </trans-unit>
@@ -7053,11 +7053,11 @@
         <source>Delete environment secret</source>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/shared/permissions.ts</context>
-          <context context-type="linenumber">86</context>
+          <context context-type="linenumber">97</context>
         </context-group>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/shared/permissions.ts</context>
-          <context context-type="linenumber">87</context>
+          <context context-type="linenumber">98</context>
         </context-group>
         <target>删除环境秘钥</target>
       </trans-unit>
@@ -7065,11 +7065,11 @@
         <source>Create environment secret</source>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/shared/permissions.ts</context>
-          <context context-type="linenumber">93</context>
+          <context context-type="linenumber">105</context>
         </context-group>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/shared/permissions.ts</context>
-          <context context-type="linenumber">94</context>
+          <context context-type="linenumber">106</context>
         </context-group>
         <target>创建环境秘钥</target>
       </trans-unit>
@@ -7077,11 +7077,11 @@
         <source>Update environment secret</source>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/shared/permissions.ts</context>
-          <context context-type="linenumber">100</context>
+          <context context-type="linenumber">113</context>
         </context-group>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/shared/permissions.ts</context>
-          <context context-type="linenumber">101</context>
+          <context context-type="linenumber">114</context>
         </context-group>
         <target>修改环境秘钥</target>
       </trans-unit>
@@ -7089,11 +7089,11 @@
         <source>Update org name</source>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/shared/permissions.ts</context>
-          <context context-type="linenumber">109</context>
+          <context context-type="linenumber">123</context>
         </context-group>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/shared/permissions.ts</context>
-          <context context-type="linenumber">110</context>
+          <context context-type="linenumber">124</context>
         </context-group>
         <target>修改机构名称</target>
       </trans-unit>
@@ -7101,11 +7101,11 @@
         <source>IAM</source>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/shared/permissions.ts</context>
-          <context context-type="linenumber">118</context>
+          <context context-type="linenumber">133</context>
         </context-group>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/shared/permissions.ts</context>
-          <context context-type="linenumber">119</context>
+          <context context-type="linenumber">134</context>
         </context-group>
         <target>权限管理</target>
       </trans-unit>
@@ -7113,11 +7113,11 @@
         <source>List access tokens</source>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/shared/permissions.ts</context>
-          <context context-type="linenumber">127</context>
+          <context context-type="linenumber">143</context>
         </context-group>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/shared/permissions.ts</context>
-          <context context-type="linenumber">128</context>
+          <context context-type="linenumber">144</context>
         </context-group>
         <target>查看访问策略列表</target>
       </trans-unit>
@@ -7125,11 +7125,11 @@
         <source>Manage service access tokens</source>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/shared/permissions.ts</context>
-          <context context-type="linenumber">134</context>
+          <context context-type="linenumber">151</context>
         </context-group>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/shared/permissions.ts</context>
-          <context context-type="linenumber">135</context>
+          <context context-type="linenumber">152</context>
         </context-group>
         <target>管理 Service 访问策略</target>
       </trans-unit>
@@ -7137,11 +7137,11 @@
         <source>Manage personal access tokens</source>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/shared/permissions.ts</context>
-          <context context-type="linenumber">141</context>
+          <context context-type="linenumber">159</context>
         </context-group>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/shared/permissions.ts</context>
-          <context context-type="linenumber">142</context>
+          <context context-type="linenumber">160</context>
         </context-group>
         <target>管理 Personal 访问策略</target>
       </trans-unit>
@@ -7149,23 +7149,39 @@
         <source>All</source>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/shared/policy.ts</context>
-          <context context-type="linenumber">51</context>
+          <context context-type="linenumber">62</context>
         </context-group>
         <target>全部</target>
       </trans-unit>
-      <trans-unit id="iam.rsc-type.general" datatype="html">
-        <source>General</source>
+      <trans-unit id="iam.rsc-type.account" datatype="html">
+        <source>Account</source>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/shared/policy.ts</context>
-          <context context-type="linenumber">56</context>
+          <context context-type="linenumber">67</context>
+        </context-group>
+        <target>账户管理</target>
+      </trans-unit>
+      <trans-unit id="iam.rsc-type.iam" datatype="html">
+        <source>IAM</source>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/shared/policy.ts</context>
+          <context context-type="linenumber">72</context>
+        </context-group>
+        <target>权限管理</target>
+      </trans-unit>
+      <trans-unit id="iam.rsc-type.access-token" datatype="html">
+        <source>Access token</source>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/shared/policy.ts</context>
+          <context context-type="linenumber">77</context>
         </context-group>
-        <target>通用</target>
+        <target>访问策略</target>
       </trans-unit>
       <trans-unit id="iam.rsc-type.project" datatype="html">
         <source>Project</source>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/shared/policy.ts</context>
-          <context context-type="linenumber">61</context>
+          <context context-type="linenumber">82</context>
         </context-group>
         <target>项目</target>
       </trans-unit>
@@ -7173,7 +7189,7 @@
         <source>Environment</source>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/shared/policy.ts</context>
-          <context context-type="linenumber">66</context>
+          <context context-type="linenumber">87</context>
         </context-group>
         <target>环境</target>
       </trans-unit>
@@ -7181,11 +7197,11 @@
         <source>Project</source>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/shared/policy.ts</context>
-          <context context-type="linenumber">87</context>
+          <context context-type="linenumber">110</context>
         </context-group>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/shared/policy.ts</context>
-          <context context-type="linenumber">99</context>
+          <context context-type="linenumber">122</context>
         </context-group>
         <target>项目</target>
       </trans-unit>
@@ -7193,7 +7209,7 @@
         <source>Environment</source>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/shared/policy.ts</context>
-          <context context-type="linenumber">109</context>
+          <context context-type="linenumber">132</context>
         </context-group>
         <target>环境</target>
       </trans-unit>

From 7c2709211e76c52e489dedcafac6d4c16dc5e963 Mon Sep 17 00:00:00 2001
From: cosmos-explorer <lian.yang.work@gmail.com>
Date: Wed, 15 Mar 2023 07:52:04 +0100
Subject: [PATCH 27/44] translation fix

---
 modules/front-end/src/locale/messages.xlf    | 2281 ++++++++++--------
 modules/front-end/src/locale/messages.zh.xlf |  486 +---
 2 files changed, 1319 insertions(+), 1448 deletions(-)

diff --git a/modules/front-end/src/locale/messages.xlf b/modules/front-end/src/locale/messages.xlf
index 87af57093..d6d7e7ca2 100644
--- a/modules/front-end/src/locale/messages.xlf
+++ b/modules/front-end/src/locale/messages.xlf
@@ -2,373 +2,366 @@
 <xliff version="1.2" xmlns="urn:oasis:names:tc:xliff:document:1.2">
   <file source-language="en" datatype="plaintext" original="ng2.template">
     <body>
-      <trans-unit id="auditlogs.operation-create" datatype="html">
-        <source>created</source>
+      <trans-unit id="integrations.access-token.access-token-drawer.title" datatype="html">
+        <source>Add access token</source>
         <context-group purpose="location">
-          <context context-type="sourcefile">src/app/core/components/audit-log/audit-log.component.ts</context>
-          <context context-type="linenumber">92</context>
+          <context context-type="sourcefile">src/app/core/components/access-token-drawer/access-token-drawer.component.html</context>
+          <context context-type="linenumber">7</context>
         </context-group>
       </trans-unit>
-      <trans-unit id="auditlogs.operation-update" datatype="html">
-        <source>updated</source>
+      <trans-unit id="common.name" datatype="html">
+        <source>Name</source>
         <context-group purpose="location">
-          <context context-type="sourcefile">src/app/core/components/audit-log/audit-log.component.ts</context>
-          <context context-type="linenumber">95</context>
+          <context context-type="sourcefile">src/app/core/components/access-token-drawer/access-token-drawer.component.html</context>
+          <context context-type="linenumber">15</context>
         </context-group>
-      </trans-unit>
-      <trans-unit id="auditlogs.operation-archive" datatype="html">
-        <source>archived</source>
         <context-group purpose="location">
-          <context context-type="sourcefile">src/app/core/components/audit-log/audit-log.component.ts</context>
-          <context context-type="linenumber">98</context>
+          <context context-type="sourcefile">src/app/core/components/access-token-drawer/access-token-drawer.component.html</context>
+          <context context-type="linenumber">17</context>
         </context-group>
-      </trans-unit>
-      <trans-unit id="auditlogs.operation-restore" datatype="html">
-        <source>restored</source>
         <context-group purpose="location">
-          <context context-type="sourcefile">src/app/core/components/audit-log/audit-log.component.ts</context>
-          <context context-type="linenumber">101</context>
+          <context context-type="sourcefile">src/app/core/components/env-drawer/env-drawer.component.html</context>
+          <context context-type="linenumber">22</context>
         </context-group>
-      </trans-unit>
-      <trans-unit id="auditlogs.operation-remove" datatype="html">
-        <source>removed</source>
         <context-group purpose="location">
-          <context context-type="sourcefile">src/app/core/components/audit-log/audit-log.component.ts</context>
-          <context context-type="linenumber">104</context>
+          <context context-type="sourcefile">src/app/core/components/env-drawer/env-drawer.component.html</context>
+          <context context-type="linenumber">24</context>
         </context-group>
-      </trans-unit>
-      <trans-unit id="auditlogs.reftype-flag" datatype="html">
-        <source>flag</source>
         <context-group purpose="location">
-          <context context-type="sourcefile">src/app/core/components/audit-log/audit-log.component.ts</context>
-          <context context-type="linenumber">112</context>
+          <context context-type="sourcefile">src/app/core/components/group-drawer/group-drawer.component.html</context>
+          <context context-type="linenumber">14</context>
         </context-group>
-      </trans-unit>
-      <trans-unit id="auditlogs.reftype-segment" datatype="html">
-        <source>segment</source>
         <context-group purpose="location">
-          <context context-type="sourcefile">src/app/core/components/audit-log/audit-log.component.ts</context>
-          <context context-type="linenumber">115</context>
+          <context context-type="sourcefile">src/app/core/components/group-drawer/group-drawer.component.html</context>
+          <context context-type="linenumber">16</context>
         </context-group>
-      </trans-unit>
-      <trans-unit id="ff.history.filter-by" datatype="html">
-        <source>Filter by name, comment</source>
         <context-group purpose="location">
-          <context context-type="sourcefile">src/app/core/components/audit-logs/audit-logs.component.html</context>
-          <context context-type="linenumber">6</context>
+          <context context-type="sourcefile">src/app/core/components/metric-drawer/metric-drawer.component.html</context>
+          <context context-type="linenumber">12</context>
         </context-group>
-      </trans-unit>
-      <trans-unit id="auditlogs.idx.filter-by-team-member" datatype="html">
-        <source>Filter by team member</source>
         <context-group purpose="location">
-          <context context-type="sourcefile">src/app/core/components/audit-logs/audit-logs.component.html</context>
-          <context context-type="linenumber">20</context>
+          <context context-type="sourcefile">src/app/core/components/metric-drawer/metric-drawer.component.html</context>
+          <context context-type="linenumber">14</context>
         </context-group>
-      </trans-unit>
-      <trans-unit id="common.loading" datatype="html">
-        <source>Loading...</source>
         <context-group purpose="location">
-          <context context-type="sourcefile">src/app/core/components/audit-logs/audit-logs.component.html</context>
-          <context context-type="linenumber">26</context>
+          <context context-type="sourcefile">src/app/core/components/organization-drawer/organization-drawer.component.html</context>
+          <context context-type="linenumber">13</context>
         </context-group>
         <context-group purpose="location">
-          <context context-type="sourcefile">src/app/core/components/experiment-drawer/experiment-drawer.component.html</context>
-          <context context-type="linenumber">36</context>
+          <context context-type="sourcefile">src/app/core/components/organization-drawer/organization-drawer.component.html</context>
+          <context context-type="linenumber">15</context>
         </context-group>
         <context-group purpose="location">
-          <context context-type="sourcefile">src/app/core/components/experiment-drawer/experiment-drawer.component.html</context>
-          <context context-type="linenumber">66</context>
+          <context context-type="sourcefile">src/app/core/components/policy-drawer/policy-drawer.component.html</context>
+          <context context-type="linenumber">14</context>
         </context-group>
         <context-group purpose="location">
-          <context context-type="sourcefile">src/app/core/components/member-drawer/member-drawer.component.html</context>
-          <context context-type="linenumber">38</context>
+          <context context-type="sourcefile">src/app/core/components/policy-drawer/policy-drawer.component.html</context>
+          <context context-type="linenumber">16</context>
         </context-group>
         <context-group purpose="location">
-          <context context-type="sourcefile">src/app/core/components/member-drawer/member-drawer.component.html</context>
-          <context context-type="linenumber">55</context>
+          <context context-type="sourcefile">src/app/core/components/project-drawer/project-drawer.component.html</context>
+          <context context-type="linenumber">23</context>
         </context-group>
         <context-group purpose="location">
-          <context context-type="sourcefile">src/app/core/components/metric-drawer/metric-drawer.component.html</context>
-          <context context-type="linenumber">43</context>
+          <context context-type="sourcefile">src/app/core/components/project-drawer/project-drawer.component.html</context>
+          <context context-type="linenumber">25</context>
         </context-group>
         <context-group purpose="location">
-          <context context-type="sourcefile">src/app/core/components/target-user/target-user.component.html</context>
-          <context context-type="linenumber">44</context>
+          <context context-type="sourcefile">src/app/core/components/props-drawer/props-drawer.component.html</context>
+          <context context-type="linenumber">39</context>
         </context-group>
         <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/end-users/index/index.component.html</context>
-          <context context-type="linenumber">25</context>
+          <context context-type="sourcefile">src/app/core/components/props-drawer/props-drawer.component.html</context>
+          <context context-type="linenumber">74</context>
         </context-group>
         <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/end-users/index/index.component.html</context>
-          <context context-type="linenumber">60</context>
+          <context context-type="sourcefile">src/app/core/components/user-segments-flags-drawer/user-segments-flags-drawer.component.html</context>
+          <context context-type="linenumber">37,38</context>
         </context-group>
         <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/feature-flags/details/experimentation/experimentation.component.html</context>
-          <context context-type="linenumber">138</context>
+          <context context-type="sourcefile">src/app/core/components/user-segments-flags-drawer/user-segments-flags-drawer.component.html</context>
+          <context context-type="linenumber">85,86</context>
         </context-group>
         <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/feature-flags/details/insights/insights.component.html</context>
-          <context context-type="linenumber">18</context>
+          <context context-type="sourcefile">src/app/features/safe/data-sync/remote-sync/remote-sync.component.html</context>
+          <context context-type="linenumber">25</context>
         </context-group>
         <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/feature-flags/details/setting/setting.component.html</context>
-          <context context-type="linenumber">146,147</context>
+          <context context-type="sourcefile">src/app/features/safe/end-users/details/details.component.html</context>
+          <context context-type="linenumber">16</context>
         </context-group>
         <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/feature-flags/index/index.component.html</context>
-          <context context-type="linenumber">26</context>
+          <context context-type="sourcefile">src/app/features/safe/feature-flags/details/insights/insights.component.html</context>
+          <context context-type="linenumber">56</context>
         </context-group>
         <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/iam/components/policy-editor/resources-selector/resources-selector.component.html</context>
-          <context context-type="linenumber">38</context>
+          <context context-type="sourcefile">src/app/features/safe/feature-flags/details/setting/setting.component.html</context>
+          <context context-type="linenumber">31</context>
         </context-group>
-      </trans-unit>
-      <trans-unit id="ff.idx.filter-by-type" datatype="html">
-        <source>Filter by type</source>
         <context-group purpose="location">
-          <context context-type="sourcefile">src/app/core/components/audit-logs/audit-logs.component.html</context>
-          <context context-type="linenumber">35</context>
+          <context context-type="sourcefile">src/app/features/safe/feature-flags/index/index.component.html</context>
+          <context context-type="linenumber">70</context>
         </context-group>
-      </trans-unit>
-      <trans-unit id="auditlogs.idx.ref-type-flag" datatype="html">
-        <source>Feature flag</source>
         <context-group purpose="location">
-          <context context-type="sourcefile">src/app/core/components/audit-logs/audit-logs.component.html</context>
-          <context context-type="linenumber">36</context>
+          <context context-type="sourcefile">src/app/features/safe/feature-flags/index/index.component.html</context>
+          <context context-type="linenumber">185</context>
         </context-group>
-      </trans-unit>
-      <trans-unit id="auditlogs.idx.ref-type-segment" datatype="html">
-        <source>Segment</source>
         <context-group purpose="location">
-          <context context-type="sourcefile">src/app/core/components/audit-logs/audit-logs.component.html</context>
-          <context context-type="linenumber">37</context>
+          <context context-type="sourcefile">src/app/features/safe/iam/groups/details/setting/setting.component.html</context>
+          <context context-type="linenumber">10</context>
         </context-group>
-      </trans-unit>
-      <trans-unit id="common.no-data" datatype="html">
-        <source>No data</source>
         <context-group purpose="location">
-          <context context-type="sourcefile">src/app/core/components/audit-logs/audit-logs.component.html</context>
-          <context context-type="linenumber">44</context>
+          <context context-type="sourcefile">src/app/features/safe/iam/groups/details/setting/setting.component.html</context>
+          <context context-type="linenumber">17</context>
         </context-group>
-      </trans-unit>
-      <trans-unit id="common.more" datatype="html">
-        <source>More</source>
         <context-group purpose="location">
-          <context context-type="sourcefile">src/app/core/components/audit-logs/audit-logs.component.html</context>
-          <context context-type="linenumber">60</context>
+          <context context-type="sourcefile">src/app/features/safe/iam/groups/details/team/team.component.html</context>
+          <context context-type="linenumber">27</context>
         </context-group>
-      </trans-unit>
-      <trans-unit id="auditlogs.idx.failed-to-load-members" datatype="html">
-        <source>Failed to load team members</source>
         <context-group purpose="location">
-          <context context-type="sourcefile">src/app/core/components/audit-logs/audit-logs.component.ts</context>
-          <context context-type="linenumber">106</context>
+          <context context-type="sourcefile">src/app/features/safe/iam/groups/index/index.component.html</context>
+          <context context-type="linenumber">29</context>
         </context-group>
-      </trans-unit>
-      <trans-unit id="differ.enabled" datatype="html">
-        <source>Enabled </source>
         <context-group purpose="location">
-          <context context-type="sourcefile">src/app/core/components/change-list/change-list.component.html</context>
-          <context context-type="linenumber">8</context>
+          <context context-type="sourcefile">src/app/features/safe/iam/policies/details/groups/groups.component.html</context>
+          <context context-type="linenumber">27</context>
         </context-group>
-      </trans-unit>
-      <trans-unit id="differ.disabled" datatype="html">
-        <source>Disabled </source>
         <context-group purpose="location">
-          <context context-type="sourcefile">src/app/core/components/change-list/change-list.component.html</context>
-          <context context-type="linenumber">12</context>
+          <context context-type="sourcefile">src/app/features/safe/iam/policies/details/setting/setting.component.html</context>
+          <context context-type="linenumber">10</context>
         </context-group>
-      </trans-unit>
-      <trans-unit id="differ.archived" datatype="html">
-        <source>Archived</source>
         <context-group purpose="location">
-          <context context-type="sourcefile">src/app/core/components/change-list/change-list.component.html</context>
-          <context context-type="linenumber">16</context>
+          <context context-type="sourcefile">src/app/features/safe/iam/policies/details/setting/setting.component.html</context>
+          <context context-type="linenumber">17</context>
         </context-group>
-      </trans-unit>
-      <trans-unit id="differ.unarchived" datatype="html">
-        <source>Unarchived </source>
         <context-group purpose="location">
-          <context context-type="sourcefile">src/app/core/components/change-list/change-list.component.html</context>
-          <context context-type="linenumber">20</context>
+          <context context-type="sourcefile">src/app/features/safe/iam/policies/details/team/team.component.html</context>
+          <context context-type="linenumber">28</context>
         </context-group>
-      </trans-unit>
-      <trans-unit id="differ.set" datatype="html">
-        <source>Set </source>
         <context-group purpose="location">
-          <context context-type="sourcefile">src/app/core/components/change-list/change-list.component.html</context>
-          <context context-type="linenumber">24</context>
+          <context context-type="sourcefile">src/app/features/safe/iam/policies/index/index.component.html</context>
+          <context context-type="linenumber">29</context>
         </context-group>
-      </trans-unit>
-      <trans-unit id="differ.from" datatype="html">
-        <source> from </source>
         <context-group purpose="location">
-          <context context-type="sourcefile">src/app/core/components/change-list/change-list.component.html</context>
-          <context context-type="linenumber">27</context>
+          <context context-type="sourcefile">src/app/features/safe/iam/team/details/direct-policies/direct-policies.component.html</context>
+          <context context-type="linenumber">30</context>
         </context-group>
-      </trans-unit>
-      <trans-unit id="differ.to" datatype="html">
-        <source> to </source>
         <context-group purpose="location">
-          <context context-type="sourcefile">src/app/core/components/change-list/change-list.component.html</context>
-          <context context-type="linenumber">34</context>
+          <context context-type="sourcefile">src/app/features/safe/iam/team/details/groups/groups.component.html</context>
+          <context context-type="linenumber">27</context>
         </context-group>
-      </trans-unit>
-      <trans-unit id="differ.added" datatype="html">
-        <source>Added </source>
         <context-group purpose="location">
-          <context context-type="sourcefile">src/app/core/components/change-list/change-list.component.html</context>
-          <context context-type="linenumber">42</context>
+          <context context-type="sourcefile">src/app/features/safe/iam/team/details/inherited-policies/inherited-policies.component.html</context>
+          <context context-type="linenumber">23</context>
         </context-group>
-      </trans-unit>
-      <trans-unit id="differ.add-to" datatype="html">
-        <source> to </source>
         <context-group purpose="location">
-          <context context-type="sourcefile">src/app/core/components/change-list/change-list.component.html</context>
-          <context context-type="linenumber">48</context>
+          <context context-type="sourcefile">src/app/features/safe/iam/team/details/setting/setting.component.html</context>
+          <context context-type="linenumber">10</context>
         </context-group>
-      </trans-unit>
-      <trans-unit id="differ.add-from" datatype="html">
-        <source>From </source>
         <context-group purpose="location">
-          <context context-type="sourcefile">src/app/core/components/change-list/change-list.component.html</context>
-          <context context-type="linenumber">54</context>
+          <context context-type="sourcefile">src/app/features/safe/iam/team/index/index.component.html</context>
+          <context context-type="linenumber">29</context>
         </context-group>
-      </trans-unit>
-      <trans-unit id="differ.add-removed" datatype="html">
-        <source> removed </source>
         <context-group purpose="location">
-          <context context-type="sourcefile">src/app/core/components/change-list/change-list.component.html</context>
+          <context context-type="sourcefile">src/app/features/safe/integrations/access-tokens/index/index.component.html</context>
           <context context-type="linenumber">57</context>
         </context-group>
-      </trans-unit>
-      <trans-unit id="differ.serve" datatype="html">
-        <source>Serve</source>
         <context-group purpose="location">
-          <context context-type="sourcefile">src/app/core/components/change-list/change-list.component.html</context>
-          <context context-type="linenumber">79</context>
+          <context context-type="sourcefile">src/app/features/safe/organizations/profile/profile.component.html</context>
+          <context context-type="linenumber">4</context>
         </context-group>
-      </trans-unit>
-      <trans-unit id="differ.dispatch-by" datatype="html">
-        <source>Dispatch by</source>
         <context-group purpose="location">
-          <context context-type="sourcefile">src/app/core/components/change-list/change-list.component.html</context>
-          <context context-type="linenumber">85</context>
+          <context context-type="sourcefile">src/app/features/safe/organizations/profile/profile.component.html</context>
+          <context context-type="linenumber">7</context>
         </context-group>
         <context-group purpose="location">
-          <context context-type="sourcefile">src/app/shared/diff/feature-flag.differ.ts</context>
-          <context context-type="linenumber">293</context>
+          <context context-type="sourcefile">src/app/features/safe/organizations/project/project.component.html</context>
+          <context context-type="linenumber">120</context>
         </context-group>
-      </trans-unit>
-      <trans-unit id="common.review-and-save" datatype="html">
-        <source>Review and save</source>
         <context-group purpose="location">
-          <context context-type="sourcefile">src/app/core/components/change-review/change-review.component.html</context>
-          <context context-type="linenumber">3</context>
+          <context context-type="sourcefile">src/app/features/safe/segments/details/setting/setting.component.html</context>
+          <context context-type="linenumber">15</context>
         </context-group>
         <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/feature-flags/details/targeting/targeting.component.html</context>
-          <context context-type="linenumber">17,19</context>
+          <context context-type="sourcefile">src/app/features/safe/segments/index/index.component.html</context>
+          <context context-type="linenumber">35</context>
         </context-group>
         <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/segments/details/targeting/targeting.component.html</context>
-          <context context-type="linenumber">22,24</context>
+          <context context-type="sourcefile">src/app/features/safe/segments/index/index.component.html</context>
+          <context context-type="linenumber">82</context>
         </context-group>
       </trans-unit>
-      <trans-unit id="ff.targeting.the-following-changes-may-affect-insights" datatype="html">
-        <source>The following changes may affects the insights data</source>
+      <trans-unit id="common.validating" datatype="html">
+        <source>Validating...</source>
         <context-group purpose="location">
-          <context context-type="sourcefile">src/app/core/components/change-review/change-review.component.html</context>
+          <context context-type="sourcefile">src/app/core/components/access-token-drawer/access-token-drawer.component.html</context>
+          <context context-type="linenumber">16</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/core/components/group-drawer/group-drawer.component.html</context>
           <context context-type="linenumber">15</context>
         </context-group>
-      </trans-unit>
-      <trans-unit id="common.changes" datatype="html">
-        <source>Changes</source>
         <context-group purpose="location">
-          <context context-type="sourcefile">src/app/core/components/change-review/change-review.component.html</context>
-          <context context-type="linenumber">19</context>
+          <context context-type="sourcefile">src/app/core/components/policy-drawer/policy-drawer.component.html</context>
+          <context context-type="linenumber">15</context>
         </context-group>
         <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/feature-flags/details/experimentation/experimentation.component.html</context>
-          <context context-type="linenumber">160</context>
+          <context context-type="sourcefile">src/app/features/safe/feature-flags/index/index.component.html</context>
+          <context context-type="linenumber">203</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/features/safe/segments/index/index.component.html</context>
+          <context context-type="linenumber">83</context>
         </context-group>
       </trans-unit>
-      <trans-unit id="common.number-of-changes-to-submit" datatype="html">
-        <source>changes to submit</source>
+      <trans-unit id="integrations.access-token.access-token-drawer.name-cannot-be-empty" datatype="html">
+        <source>Access token name cannot be empty</source>
         <context-group purpose="location">
-          <context context-type="sourcefile">src/app/core/components/change-review/change-review.component.html</context>
-          <context context-type="linenumber">23</context>
+          <context context-type="sourcefile">src/app/core/components/access-token-drawer/access-token-drawer.component.html</context>
+          <context context-type="linenumber">20</context>
         </context-group>
       </trans-unit>
-      <trans-unit id="common.comment" datatype="html">
-        <source>Comment</source>
+      <trans-unit id="integrations.access-token.access-token-drawer.name-unavailable" datatype="html">
+        <source>This access token name is not available</source>
         <context-group purpose="location">
-          <context context-type="sourcefile">src/app/core/components/change-review/change-review.component.html</context>
-          <context context-type="linenumber">31</context>
+          <context context-type="sourcefile">src/app/core/components/access-token-drawer/access-token-drawer.component.html</context>
+          <context context-type="linenumber">21</context>
+        </context-group>
+      </trans-unit>
+      <trans-unit id="common.type" datatype="html">
+        <source>Type</source>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/core/components/access-token-drawer/access-token-drawer.component.html</context>
+          <context context-type="linenumber">27</context>
         </context-group>
         <context-group purpose="location">
-          <context context-type="sourcefile">src/app/core/components/change-review/change-review.component.html</context>
+          <context context-type="sourcefile">src/app/features/safe/data-sync/remote-sync/remote-sync.component.html</context>
+          <context context-type="linenumber">26</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/features/safe/iam/policies/details/setting/setting.component.html</context>
           <context context-type="linenumber">33</context>
         </context-group>
         <context-group purpose="location">
-          <context context-type="sourcefile">src/app/core/components/props-drawer/props-drawer.component.html</context>
-          <context context-type="linenumber">44</context>
+          <context context-type="sourcefile">src/app/features/safe/iam/policies/index/index.component.html</context>
+          <context context-type="linenumber">30</context>
         </context-group>
         <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/data-sync/remote-sync/remote-sync.component.html</context>
-          <context context-type="linenumber">29</context>
+          <context context-type="sourcefile">src/app/features/safe/iam/team/details/direct-policies/direct-policies.component.html</context>
+          <context context-type="linenumber">31</context>
         </context-group>
         <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/end-users/details/details.component.html</context>
-          <context context-type="linenumber">18</context>
+          <context context-type="sourcefile">src/app/features/safe/iam/team/details/inherited-policies/inherited-policies.component.html</context>
+          <context context-type="linenumber">25</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/features/safe/integrations/access-tokens/index/index.component.html</context>
+          <context context-type="linenumber">58</context>
         </context-group>
       </trans-unit>
-      <trans-unit id="common.cancel" datatype="html">
-        <source>Cancel</source>
+      <trans-unit id="common.policies" datatype="html">
+        <source>Policies</source>
         <context-group purpose="location">
-          <context context-type="sourcefile">src/app/core/components/change-review/change-review.component.html</context>
-          <context context-type="linenumber">41</context>
+          <context context-type="sourcefile">src/app/core/components/access-token-drawer/access-token-drawer.component.html</context>
+          <context context-type="linenumber">45</context>
         </context-group>
         <context-group purpose="location">
-          <context context-type="sourcefile">src/app/core/components/header/header.component.html</context>
-          <context context-type="linenumber">79,80</context>
+          <context context-type="sourcefile">src/app/features/safe/iam/groups/details/details.component.html</context>
+          <context context-type="linenumber">13</context>
         </context-group>
+      </trans-unit>
+      <trans-unit id="integrations.access-token.select-policies" datatype="html">
+        <source>Select policies</source>
         <context-group purpose="location">
-          <context context-type="sourcefile">src/app/core/components/header/header.component.html</context>
-          <context context-type="linenumber">110,111</context>
+          <context context-type="sourcefile">src/app/core/components/access-token-drawer/access-token-drawer.component.html</context>
+          <context context-type="linenumber">50</context>
         </context-group>
+      </trans-unit>
+      <trans-unit id="common.loading" datatype="html">
+        <source>Loading...</source>
         <context-group purpose="location">
-          <context context-type="sourcefile">src/app/core/components/props-drawer/props-drawer.component.html</context>
-          <context context-type="linenumber">103</context>
+          <context context-type="sourcefile">src/app/core/components/access-token-drawer/access-token-drawer.component.html</context>
+          <context context-type="linenumber">68</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/core/components/audit-logs/audit-logs.component.html</context>
+          <context context-type="linenumber">26</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/core/components/experiment-drawer/experiment-drawer.component.html</context>
+          <context context-type="linenumber">36</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/core/components/experiment-drawer/experiment-drawer.component.html</context>
+          <context context-type="linenumber">66</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/core/components/member-drawer/member-drawer.component.html</context>
+          <context context-type="linenumber">38</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/core/components/member-drawer/member-drawer.component.html</context>
+          <context context-type="linenumber">55</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/core/components/metric-drawer/metric-drawer.component.html</context>
+          <context context-type="linenumber">43</context>
         </context-group>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/core/components/target-user/target-user.component.html</context>
-          <context context-type="linenumber">68</context>
+          <context context-type="linenumber">44</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/features/safe/end-users/index/index.component.html</context>
+          <context context-type="linenumber">25</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/features/safe/end-users/index/index.component.html</context>
+          <context context-type="linenumber">60</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/features/safe/feature-flags/details/experimentation/experimentation.component.html</context>
+          <context context-type="linenumber">136</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/features/safe/feature-flags/details/insights/insights.component.html</context>
+          <context context-type="linenumber">18</context>
         </context-group>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/features/safe/feature-flags/details/setting/setting.component.html</context>
-          <context context-type="linenumber">172,173</context>
+          <context context-type="linenumber">146,147</context>
         </context-group>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/features/safe/feature-flags/index/index.component.html</context>
-          <context context-type="linenumber">223</context>
+          <context context-type="linenumber">26</context>
         </context-group>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/features/safe/iam/components/policy-editor/resources-selector/resources-selector.component.html</context>
-          <context context-type="linenumber">75</context>
+          <context context-type="linenumber">38</context>
         </context-group>
         <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/segments/index/index.component.html</context>
-          <context context-type="linenumber">102</context>
+          <context context-type="sourcefile">src/app/features/safe/integrations/access-tokens/index/index.component.html</context>
+          <context context-type="linenumber">28</context>
         </context-group>
+      </trans-unit>
+      <trans-unit id="integrations.access-token.service-access-token-must-define-policies" datatype="html">
+        <source>Policies are mandatory for service type access tokens</source>
         <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/segments/index/index.component.html</context>
-          <context context-type="linenumber">141</context>
+          <context context-type="sourcefile">src/app/core/components/access-token-drawer/access-token-drawer.component.html</context>
+          <context context-type="linenumber">82</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/core/components/access-token-drawer/access-token-drawer.component.ts</context>
+          <context context-type="linenumber">267</context>
         </context-group>
       </trans-unit>
       <trans-unit id="common.save" datatype="html">
         <source>Save</source>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/core/components/access-token-drawer/access-token-drawer.component.html</context>
+          <context context-type="linenumber">92</context>
+        </context-group>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/core/components/change-review/change-review.component.html</context>
           <context context-type="linenumber">43</context>
@@ -442,186 +435,698 @@
           <context context-type="linenumber">104</context>
         </context-group>
       </trans-unit>
-      <trans-unit id="org.project.permission-will-become-invalid-if-change-name" datatype="html">
-        <source>Permission will become invalid if you change the name</source>
+      <trans-unit id="integrations.access-tokens.access-token-created" datatype="html">
+        <source>Access token created</source>
         <context-group purpose="location">
-          <context context-type="sourcefile">src/app/core/components/env-drawer/env-drawer.component.html</context>
-          <context context-type="linenumber">15</context>
+          <context context-type="sourcefile">src/app/core/components/access-token-drawer/access-token-drawer.component.html</context>
+          <context context-type="linenumber">100</context>
         </context-group>
+      </trans-unit>
+      <trans-unit id="integrations.access-token.copy-token-warning" datatype="html">
+        <source>Copy and save this token now, the token value will be masked once you leave the page.</source>
         <context-group purpose="location">
-          <context context-type="sourcefile">src/app/core/components/project-drawer/project-drawer.component.html</context>
-          <context context-type="linenumber">16</context>
+          <context context-type="sourcefile">src/app/core/components/access-token-drawer/access-token-drawer.component.html</context>
+          <context context-type="linenumber">109</context>
         </context-group>
       </trans-unit>
-      <trans-unit id="common.name" datatype="html">
-        <source>Name</source>
+      <trans-unit id="common.ok" datatype="html">
+        <source>OK</source>
         <context-group purpose="location">
-          <context context-type="sourcefile">src/app/core/components/env-drawer/env-drawer.component.html</context>
-          <context context-type="linenumber">22</context>
+          <context context-type="sourcefile">src/app/core/components/access-token-drawer/access-token-drawer.component.html</context>
+          <context context-type="linenumber">124</context>
         </context-group>
+      </trans-unit>
+      <trans-unit id="permissions.need-permissions-to-operate" datatype="html">
+        <source>You don&apos;t have permissions to take this action, please contact the admin to grant you the necessary permissions</source>
         <context-group purpose="location">
-          <context context-type="sourcefile">src/app/core/components/env-drawer/env-drawer.component.html</context>
-          <context context-type="linenumber">24</context>
+          <context context-type="sourcefile">src/app/core/components/access-token-drawer/access-token-drawer.component.ts</context>
+          <context context-type="linenumber">234</context>
         </context-group>
         <context-group purpose="location">
-          <context context-type="sourcefile">src/app/core/components/group-drawer/group-drawer.component.html</context>
+          <context context-type="sourcefile">src/app/core/services/permissions.service.ts</context>
           <context context-type="linenumber">14</context>
         </context-group>
+      </trans-unit>
+      <trans-unit id="common.operation-success" datatype="html">
+        <source>Operation succeeded</source>
         <context-group purpose="location">
-          <context context-type="sourcefile">src/app/core/components/group-drawer/group-drawer.component.html</context>
-          <context context-type="linenumber">16</context>
+          <context context-type="sourcefile">src/app/core/components/access-token-drawer/access-token-drawer.component.ts</context>
+          <context context-type="linenumber">243</context>
         </context-group>
         <context-group purpose="location">
-          <context context-type="sourcefile">src/app/core/components/metric-drawer/metric-drawer.component.html</context>
-          <context context-type="linenumber">12</context>
+          <context context-type="sourcefile">src/app/core/components/access-token-drawer/access-token-drawer.component.ts</context>
+          <context context-type="linenumber">258</context>
         </context-group>
         <context-group purpose="location">
-          <context context-type="sourcefile">src/app/core/components/metric-drawer/metric-drawer.component.html</context>
-          <context context-type="linenumber">14</context>
+          <context context-type="sourcefile">src/app/core/components/expt-rules-drawer/expt-rules-drawer.component.ts</context>
+          <context context-type="linenumber">193</context>
         </context-group>
         <context-group purpose="location">
-          <context context-type="sourcefile">src/app/core/components/organization-drawer/organization-drawer.component.html</context>
-          <context context-type="linenumber">13</context>
+          <context context-type="sourcefile">src/app/core/components/group-drawer/group-drawer.component.ts</context>
+          <context context-type="linenumber">68</context>
         </context-group>
         <context-group purpose="location">
-          <context context-type="sourcefile">src/app/core/components/organization-drawer/organization-drawer.component.html</context>
-          <context context-type="linenumber">15</context>
+          <context context-type="sourcefile">src/app/core/components/member-drawer/member-drawer.component.ts</context>
+          <context context-type="linenumber">121</context>
         </context-group>
         <context-group purpose="location">
-          <context context-type="sourcefile">src/app/core/components/policy-drawer/policy-drawer.component.html</context>
-          <context context-type="linenumber">14</context>
+          <context context-type="sourcefile">src/app/core/components/metric-drawer/metric-drawer.component.ts</context>
+          <context context-type="linenumber">241</context>
         </context-group>
         <context-group purpose="location">
-          <context context-type="sourcefile">src/app/core/components/policy-drawer/policy-drawer.component.html</context>
-          <context context-type="linenumber">16</context>
+          <context context-type="sourcefile">src/app/core/components/metric-drawer/metric-drawer.component.ts</context>
+          <context context-type="linenumber">258</context>
         </context-group>
         <context-group purpose="location">
-          <context context-type="sourcefile">src/app/core/components/project-drawer/project-drawer.component.html</context>
-          <context context-type="linenumber">23</context>
+          <context context-type="sourcefile">src/app/core/components/policy-drawer/policy-drawer.component.ts</context>
+          <context context-type="linenumber">68</context>
         </context-group>
         <context-group purpose="location">
-          <context context-type="sourcefile">src/app/core/components/project-drawer/project-drawer.component.html</context>
-          <context context-type="linenumber">25</context>
+          <context context-type="sourcefile">src/app/core/components/props-drawer/props-drawer.component.ts</context>
+          <context context-type="linenumber">93</context>
         </context-group>
         <context-group purpose="location">
-          <context context-type="sourcefile">src/app/core/components/props-drawer/props-drawer.component.html</context>
-          <context context-type="linenumber">39</context>
+          <context context-type="sourcefile">src/app/core/components/props-drawer/props-drawer.component.ts</context>
+          <context context-type="linenumber">116</context>
         </context-group>
         <context-group purpose="location">
-          <context context-type="sourcefile">src/app/core/components/props-drawer/props-drawer.component.html</context>
-          <context context-type="linenumber">74</context>
+          <context context-type="sourcefile">src/app/core/components/props-drawer/props-drawer.component.ts</context>
+          <context context-type="linenumber">134</context>
         </context-group>
         <context-group purpose="location">
-          <context context-type="sourcefile">src/app/core/components/user-segments-flags-drawer/user-segments-flags-drawer.component.html</context>
-          <context context-type="linenumber">37,38</context>
+          <context context-type="sourcefile">src/app/features/safe/experiments/metrics/metrics.component.ts</context>
+          <context context-type="linenumber">85</context>
         </context-group>
         <context-group purpose="location">
-          <context context-type="sourcefile">src/app/core/components/user-segments-flags-drawer/user-segments-flags-drawer.component.html</context>
-          <context context-type="linenumber">85,86</context>
+          <context context-type="sourcefile">src/app/features/safe/feature-flags/components/flag-triggers/flag-triggers.component.ts</context>
+          <context context-type="linenumber">60</context>
         </context-group>
         <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/data-sync/remote-sync/remote-sync.component.html</context>
-          <context context-type="linenumber">25</context>
+          <context context-type="sourcefile">src/app/features/safe/feature-flags/components/flag-triggers/flag-triggers.component.ts</context>
+          <context context-type="linenumber">78</context>
         </context-group>
         <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/end-users/details/details.component.html</context>
-          <context context-type="linenumber">16</context>
+          <context context-type="sourcefile">src/app/features/safe/feature-flags/components/flag-triggers/flag-triggers.component.ts</context>
+          <context context-type="linenumber">87</context>
         </context-group>
         <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/feature-flags/details/insights/insights.component.html</context>
-          <context context-type="linenumber">56</context>
+          <context context-type="sourcefile">src/app/features/safe/feature-flags/components/flag-triggers/flag-triggers.component.ts</context>
+          <context context-type="linenumber">98</context>
         </context-group>
         <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/feature-flags/details/setting/setting.component.html</context>
-          <context context-type="linenumber">31</context>
+          <context context-type="sourcefile">src/app/features/safe/feature-flags/details/setting/setting.component.ts</context>
+          <context context-type="linenumber">85</context>
         </context-group>
         <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/feature-flags/index/index.component.html</context>
-          <context context-type="linenumber">70</context>
+          <context context-type="sourcefile">src/app/features/safe/feature-flags/details/setting/setting.component.ts</context>
+          <context context-type="linenumber">96</context>
         </context-group>
         <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/feature-flags/index/index.component.html</context>
-          <context context-type="linenumber">185</context>
+          <context context-type="sourcefile">src/app/features/safe/feature-flags/details/setting/setting.component.ts</context>
+          <context context-type="linenumber">199</context>
         </context-group>
         <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/iam/groups/details/setting/setting.component.html</context>
-          <context context-type="linenumber">10</context>
+          <context context-type="sourcefile">src/app/features/safe/feature-flags/details/setting/setting.component.ts</context>
+          <context context-type="linenumber">332</context>
         </context-group>
         <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/iam/groups/details/setting/setting.component.html</context>
-          <context context-type="linenumber">17</context>
+          <context context-type="sourcefile">src/app/features/safe/feature-flags/details/setting/setting.component.ts</context>
+          <context context-type="linenumber">344</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/features/safe/feature-flags/details/setting/setting.component.ts</context>
+          <context context-type="linenumber">352</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/features/safe/feature-flags/index/index.component.ts</context>
+          <context context-type="linenumber">336</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/features/safe/feature-flags/index/index.component.ts</context>
+          <context context-type="linenumber">349</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/features/safe/feature-flags/index/index.component.ts</context>
+          <context context-type="linenumber">359</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/features/safe/iam/groups/details/policies/policies.component.ts</context>
+          <context context-type="linenumber">74</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/features/safe/iam/groups/details/policies/policies.component.ts</context>
+          <context context-type="linenumber">88</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/features/safe/iam/groups/details/setting/setting.component.ts</context>
+          <context context-type="linenumber">42</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/features/safe/iam/groups/details/setting/setting.component.ts</context>
+          <context context-type="linenumber">69</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/features/safe/iam/groups/details/team/team.component.ts</context>
+          <context context-type="linenumber">73</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/features/safe/iam/groups/details/team/team.component.ts</context>
+          <context context-type="linenumber">87</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/features/safe/iam/groups/index/index.component.ts</context>
+          <context context-type="linenumber">84</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/features/safe/iam/policies/details/groups/groups.component.ts</context>
+          <context context-type="linenumber">76</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/features/safe/iam/policies/details/groups/groups.component.ts</context>
+          <context context-type="linenumber">90</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/features/safe/iam/policies/details/permission/permission.component.ts</context>
+          <context context-type="linenumber">41</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/features/safe/iam/policies/details/setting/setting.component.ts</context>
+          <context context-type="linenumber">46</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/features/safe/iam/policies/details/setting/setting.component.ts</context>
+          <context context-type="linenumber">53</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/features/safe/iam/policies/details/team/team.component.ts</context>
+          <context context-type="linenumber">76</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/features/safe/iam/policies/details/team/team.component.ts</context>
+          <context context-type="linenumber">90</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/features/safe/iam/policies/index/index.component.ts</context>
+          <context context-type="linenumber">80</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/features/safe/iam/team/details/direct-policies/direct-policies.component.ts</context>
+          <context context-type="linenumber">75</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/features/safe/iam/team/details/direct-policies/direct-policies.component.ts</context>
+          <context context-type="linenumber">89</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/features/safe/iam/team/details/groups/groups.component.ts</context>
+          <context context-type="linenumber">81</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/features/safe/iam/team/details/groups/groups.component.ts</context>
+          <context context-type="linenumber">95</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/features/safe/iam/team/details/setting/setting.component.ts</context>
+          <context context-type="linenumber">51</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/features/safe/iam/team/index/index.component.ts</context>
+          <context context-type="linenumber">72</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/features/safe/integrations/access-tokens/index/index.component.ts</context>
+          <context context-type="linenumber">143</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/features/safe/integrations/access-tokens/index/index.component.ts</context>
+          <context context-type="linenumber">154</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/features/safe/segments/details/setting/setting.component.ts</context>
+          <context context-type="linenumber">60</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/features/safe/segments/details/targeting/targeting.component.ts</context>
+          <context context-type="linenumber">136</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/features/safe/segments/index/index.component.ts</context>
+          <context context-type="linenumber">41</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/features/safe/segments/index/index.component.ts</context>
+          <context context-type="linenumber">63</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/features/safe/segments/index/index.component.ts</context>
+          <context context-type="linenumber">76</context>
+        </context-group>
+      </trans-unit>
+      <trans-unit id="common.operation-failed-try-again" datatype="html">
+        <source>Operation failed, please try again</source>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/core/components/access-token-drawer/access-token-drawer.component.ts</context>
+          <context context-type="linenumber">246</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/core/components/metric-drawer/metric-drawer.component.ts</context>
+          <context context-type="linenumber">244</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/core/components/target-user/target-user.component.ts</context>
+          <context context-type="linenumber">127</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/core/components/target-user/target-user.component.ts</context>
+          <context context-type="linenumber">159</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/features/safe/feature-flags/details/experimentation/experimentation.component.ts</context>
+          <context context-type="linenumber">213</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/features/safe/feature-flags/details/experimentation/experimentation.component.ts</context>
+          <context context-type="linenumber">229</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/features/safe/feature-flags/details/experimentation/experimentation.component.ts</context>
+          <context context-type="linenumber">296</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/features/safe/feature-flags/details/experimentation/experimentation.component.ts</context>
+          <context context-type="linenumber">309</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/features/safe/feature-flags/details/setting/setting.component.ts</context>
+          <context context-type="linenumber">283</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/features/safe/feature-flags/details/targeting/targeting.component.ts</context>
+          <context context-type="linenumber">109</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/features/safe/feature-flags/index/index.component.ts</context>
+          <context context-type="linenumber">339</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/features/safe/onboarding/steps/steps.component.ts</context>
+          <context context-type="linenumber">63</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/features/safe/organizations/project/project.component.ts</context>
+          <context context-type="linenumber">253</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/features/safe/organizations/project/project.component.ts</context>
+          <context context-type="linenumber">287</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/features/safe/organizations/project/project.component.ts</context>
+          <context context-type="linenumber">303</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/features/safe/segments/index/index.component.ts</context>
+          <context context-type="linenumber">79</context>
+        </context-group>
+      </trans-unit>
+      <trans-unit id="common.copy-success" datatype="html">
+        <source>Copied</source>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/core/components/access-token-drawer/access-token-drawer.component.ts</context>
+          <context context-type="linenumber">277</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/core/components/header/header.component.ts</context>
+          <context context-type="linenumber">160</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/core/components/user-segments-flags-drawer/user-segments-flags-drawer.component.ts</context>
+          <context context-type="linenumber">60</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/features/safe/feature-flags/components/flag-triggers/flag-triggers.component.ts</context>
+          <context context-type="linenumber">110</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/features/safe/feature-flags/details/setting/setting.component.ts</context>
+          <context context-type="linenumber">42</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/features/safe/feature-flags/index/index.component.ts</context>
+          <context context-type="linenumber">204</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/features/safe/feature-flags/index/index.component.ts</context>
+          <context context-type="linenumber">373</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/features/safe/iam/components/policy-editor/policy-editor.component.ts</context>
+          <context context-type="linenumber">131</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/features/safe/iam/groups/details/setting/setting.component.ts</context>
+          <context context-type="linenumber">80</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/features/safe/iam/groups/index/index.component.ts</context>
+          <context context-type="linenumber">78</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/features/safe/iam/policies/details/setting/setting.component.ts</context>
+          <context context-type="linenumber">80</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/features/safe/iam/policies/index/index.component.ts</context>
+          <context context-type="linenumber">88</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/features/safe/iam/team/details/setting/setting.component.ts</context>
+          <context context-type="linenumber">58</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/features/safe/iam/team/index/index.component.ts</context>
+          <context context-type="linenumber">92</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/features/safe/organizations/project/project.component.ts</context>
+          <context context-type="linenumber">181</context>
+        </context-group>
+      </trans-unit>
+      <trans-unit id="auditlogs.operation-create" datatype="html">
+        <source>created</source>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/core/components/audit-log/audit-log.component.ts</context>
+          <context context-type="linenumber">92</context>
+        </context-group>
+      </trans-unit>
+      <trans-unit id="auditlogs.operation-update" datatype="html">
+        <source>updated</source>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/core/components/audit-log/audit-log.component.ts</context>
+          <context context-type="linenumber">95</context>
         </context-group>
+      </trans-unit>
+      <trans-unit id="auditlogs.operation-archive" datatype="html">
+        <source>archived</source>
         <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/iam/groups/details/team/team.component.html</context>
-          <context context-type="linenumber">27</context>
+          <context context-type="sourcefile">src/app/core/components/audit-log/audit-log.component.ts</context>
+          <context context-type="linenumber">98</context>
         </context-group>
+      </trans-unit>
+      <trans-unit id="auditlogs.operation-restore" datatype="html">
+        <source>restored</source>
         <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/iam/groups/index/index.component.html</context>
-          <context context-type="linenumber">29</context>
+          <context context-type="sourcefile">src/app/core/components/audit-log/audit-log.component.ts</context>
+          <context context-type="linenumber">101</context>
         </context-group>
+      </trans-unit>
+      <trans-unit id="auditlogs.operation-remove" datatype="html">
+        <source>removed</source>
         <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/iam/policies/details/groups/groups.component.html</context>
-          <context context-type="linenumber">27</context>
+          <context context-type="sourcefile">src/app/core/components/audit-log/audit-log.component.ts</context>
+          <context context-type="linenumber">104</context>
         </context-group>
+      </trans-unit>
+      <trans-unit id="auditlogs.reftype-flag" datatype="html">
+        <source>flag</source>
         <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/iam/policies/details/setting/setting.component.html</context>
-          <context context-type="linenumber">10</context>
+          <context context-type="sourcefile">src/app/core/components/audit-log/audit-log.component.ts</context>
+          <context context-type="linenumber">112</context>
         </context-group>
+      </trans-unit>
+      <trans-unit id="auditlogs.reftype-segment" datatype="html">
+        <source>segment</source>
         <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/iam/policies/details/setting/setting.component.html</context>
-          <context context-type="linenumber">17</context>
+          <context context-type="sourcefile">src/app/core/components/audit-log/audit-log.component.ts</context>
+          <context context-type="linenumber">115</context>
         </context-group>
+      </trans-unit>
+      <trans-unit id="ff.history.filter-by" datatype="html">
+        <source>Filter by name, comment</source>
         <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/iam/policies/details/team/team.component.html</context>
-          <context context-type="linenumber">28</context>
+          <context context-type="sourcefile">src/app/core/components/audit-logs/audit-logs.component.html</context>
+          <context context-type="linenumber">6</context>
         </context-group>
+      </trans-unit>
+      <trans-unit id="auditlogs.idx.filter-by-team-member" datatype="html">
+        <source>Filter by team member</source>
         <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/iam/policies/index/index.component.html</context>
-          <context context-type="linenumber">29</context>
+          <context context-type="sourcefile">src/app/core/components/audit-logs/audit-logs.component.html</context>
+          <context context-type="linenumber">20</context>
         </context-group>
+      </trans-unit>
+      <trans-unit id="ff.idx.filter-by-type" datatype="html">
+        <source>Filter by type</source>
         <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/iam/team/details/direct-policies/direct-policies.component.html</context>
-          <context context-type="linenumber">30</context>
+          <context context-type="sourcefile">src/app/core/components/audit-logs/audit-logs.component.html</context>
+          <context context-type="linenumber">35</context>
         </context-group>
+      </trans-unit>
+      <trans-unit id="auditlogs.idx.ref-type-flag" datatype="html">
+        <source>Feature flag</source>
         <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/iam/team/details/groups/groups.component.html</context>
+          <context context-type="sourcefile">src/app/core/components/audit-logs/audit-logs.component.html</context>
+          <context context-type="linenumber">36</context>
+        </context-group>
+      </trans-unit>
+      <trans-unit id="auditlogs.idx.ref-type-segment" datatype="html">
+        <source>Segment</source>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/core/components/audit-logs/audit-logs.component.html</context>
+          <context context-type="linenumber">37</context>
+        </context-group>
+      </trans-unit>
+      <trans-unit id="common.no-data" datatype="html">
+        <source>No data</source>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/core/components/audit-logs/audit-logs.component.html</context>
+          <context context-type="linenumber">44</context>
+        </context-group>
+      </trans-unit>
+      <trans-unit id="common.more" datatype="html">
+        <source>More</source>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/core/components/audit-logs/audit-logs.component.html</context>
+          <context context-type="linenumber">60</context>
+        </context-group>
+      </trans-unit>
+      <trans-unit id="auditlogs.idx.failed-to-load-members" datatype="html">
+        <source>Failed to load team members</source>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/core/components/audit-logs/audit-logs.component.ts</context>
+          <context context-type="linenumber">106</context>
+        </context-group>
+      </trans-unit>
+      <trans-unit id="differ.enabled" datatype="html">
+        <source>Enabled </source>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/core/components/change-list/change-list.component.html</context>
+          <context context-type="linenumber">8</context>
+        </context-group>
+      </trans-unit>
+      <trans-unit id="differ.disabled" datatype="html">
+        <source>Disabled </source>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/core/components/change-list/change-list.component.html</context>
+          <context context-type="linenumber">12</context>
+        </context-group>
+      </trans-unit>
+      <trans-unit id="differ.archived" datatype="html">
+        <source>Archived</source>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/core/components/change-list/change-list.component.html</context>
+          <context context-type="linenumber">16</context>
+        </context-group>
+      </trans-unit>
+      <trans-unit id="differ.unarchived" datatype="html">
+        <source>Unarchived </source>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/core/components/change-list/change-list.component.html</context>
+          <context context-type="linenumber">20</context>
+        </context-group>
+      </trans-unit>
+      <trans-unit id="differ.set" datatype="html">
+        <source>Set </source>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/core/components/change-list/change-list.component.html</context>
+          <context context-type="linenumber">24</context>
+        </context-group>
+      </trans-unit>
+      <trans-unit id="differ.from" datatype="html">
+        <source> from </source>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/core/components/change-list/change-list.component.html</context>
           <context context-type="linenumber">27</context>
         </context-group>
+      </trans-unit>
+      <trans-unit id="differ.to" datatype="html">
+        <source> to </source>
         <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/iam/team/details/inherited-policies/inherited-policies.component.html</context>
+          <context context-type="sourcefile">src/app/core/components/change-list/change-list.component.html</context>
+          <context context-type="linenumber">34</context>
+        </context-group>
+      </trans-unit>
+      <trans-unit id="differ.added" datatype="html">
+        <source>Added </source>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/core/components/change-list/change-list.component.html</context>
+          <context context-type="linenumber">42</context>
+        </context-group>
+      </trans-unit>
+      <trans-unit id="differ.add-to" datatype="html">
+        <source> to </source>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/core/components/change-list/change-list.component.html</context>
+          <context context-type="linenumber">48</context>
+        </context-group>
+      </trans-unit>
+      <trans-unit id="differ.add-from" datatype="html">
+        <source>From </source>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/core/components/change-list/change-list.component.html</context>
+          <context context-type="linenumber">54</context>
+        </context-group>
+      </trans-unit>
+      <trans-unit id="differ.add-removed" datatype="html">
+        <source> removed </source>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/core/components/change-list/change-list.component.html</context>
+          <context context-type="linenumber">57</context>
+        </context-group>
+      </trans-unit>
+      <trans-unit id="differ.serve" datatype="html">
+        <source>Serve</source>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/core/components/change-list/change-list.component.html</context>
+          <context context-type="linenumber">79</context>
+        </context-group>
+      </trans-unit>
+      <trans-unit id="differ.dispatch-by" datatype="html">
+        <source>Dispatch by</source>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/core/components/change-list/change-list.component.html</context>
+          <context context-type="linenumber">85</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/shared/diff/feature-flag.differ.ts</context>
+          <context context-type="linenumber">293</context>
+        </context-group>
+      </trans-unit>
+      <trans-unit id="common.review-and-save" datatype="html">
+        <source>Review and save</source>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/core/components/change-review/change-review.component.html</context>
+          <context context-type="linenumber">3</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/features/safe/feature-flags/details/targeting/targeting.component.html</context>
+          <context context-type="linenumber">17,19</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/features/safe/segments/details/targeting/targeting.component.html</context>
+          <context context-type="linenumber">22,24</context>
+        </context-group>
+      </trans-unit>
+      <trans-unit id="ff.targeting.the-following-changes-may-affect-insights" datatype="html">
+        <source>The following changes may affects the insights data</source>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/core/components/change-review/change-review.component.html</context>
+          <context context-type="linenumber">15</context>
+        </context-group>
+      </trans-unit>
+      <trans-unit id="common.changes" datatype="html">
+        <source>Changes</source>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/core/components/change-review/change-review.component.html</context>
+          <context context-type="linenumber">19</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/features/safe/feature-flags/details/experimentation/experimentation.component.html</context>
+          <context context-type="linenumber">158</context>
+        </context-group>
+      </trans-unit>
+      <trans-unit id="common.number-of-changes-to-submit" datatype="html">
+        <source>changes to submit</source>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/core/components/change-review/change-review.component.html</context>
           <context context-type="linenumber">23</context>
         </context-group>
+      </trans-unit>
+      <trans-unit id="common.comment" datatype="html">
+        <source>Comment</source>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/core/components/change-review/change-review.component.html</context>
+          <context context-type="linenumber">31</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/core/components/change-review/change-review.component.html</context>
+          <context context-type="linenumber">33</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/core/components/props-drawer/props-drawer.component.html</context>
+          <context context-type="linenumber">44</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/features/safe/data-sync/remote-sync/remote-sync.component.html</context>
+          <context context-type="linenumber">29</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/features/safe/end-users/details/details.component.html</context>
+          <context context-type="linenumber">18</context>
+        </context-group>
+      </trans-unit>
+      <trans-unit id="common.cancel" datatype="html">
+        <source>Cancel</source>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/core/components/change-review/change-review.component.html</context>
+          <context context-type="linenumber">41</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/core/components/header/header.component.html</context>
+          <context context-type="linenumber">79,80</context>
+        </context-group>
         <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/iam/team/details/setting/setting.component.html</context>
-          <context context-type="linenumber">10</context>
+          <context context-type="sourcefile">src/app/core/components/header/header.component.html</context>
+          <context context-type="linenumber">110,111</context>
         </context-group>
         <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/iam/team/index/index.component.html</context>
-          <context context-type="linenumber">29</context>
+          <context context-type="sourcefile">src/app/core/components/props-drawer/props-drawer.component.html</context>
+          <context context-type="linenumber">103</context>
         </context-group>
         <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/organizations/profile/profile.component.html</context>
-          <context context-type="linenumber">4</context>
+          <context context-type="sourcefile">src/app/core/components/target-user/target-user.component.html</context>
+          <context context-type="linenumber">68</context>
         </context-group>
         <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/organizations/profile/profile.component.html</context>
-          <context context-type="linenumber">7</context>
+          <context context-type="sourcefile">src/app/features/safe/feature-flags/details/setting/setting.component.html</context>
+          <context context-type="linenumber">172,173</context>
         </context-group>
         <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/organizations/project/project.component.html</context>
-          <context context-type="linenumber">120</context>
+          <context context-type="sourcefile">src/app/features/safe/feature-flags/index/index.component.html</context>
+          <context context-type="linenumber">223</context>
         </context-group>
         <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/segments/details/setting/setting.component.html</context>
-          <context context-type="linenumber">15</context>
+          <context context-type="sourcefile">src/app/features/safe/iam/components/policy-editor/resources-selector/resources-selector.component.html</context>
+          <context context-type="linenumber">75</context>
         </context-group>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/features/safe/segments/index/index.component.html</context>
-          <context context-type="linenumber">35</context>
+          <context context-type="linenumber">102</context>
         </context-group>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/features/safe/segments/index/index.component.html</context>
-          <context context-type="linenumber">82</context>
+          <context context-type="linenumber">141</context>
+        </context-group>
+      </trans-unit>
+      <trans-unit id="org.project.permission-will-become-invalid-if-change-name" datatype="html">
+        <source>Permission will become invalid if you change the name</source>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/core/components/env-drawer/env-drawer.component.html</context>
+          <context context-type="linenumber">15</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/core/components/project-drawer/project-drawer.component.html</context>
+          <context context-type="linenumber">16</context>
         </context-group>
       </trans-unit>
       <trans-unit id="org.project.envNameMandatory" datatype="html">
@@ -733,23 +1238,23 @@
         </context-group>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/features/safe/feature-flags/components/flag-triggers/flag-triggers.component.ts</context>
-          <context context-type="linenumber">36</context>
+          <context context-type="linenumber">37</context>
         </context-group>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/features/safe/feature-flags/components/flag-triggers/flag-triggers.component.ts</context>
-          <context context-type="linenumber">64</context>
+          <context context-type="linenumber">65</context>
         </context-group>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/features/safe/feature-flags/components/flag-triggers/flag-triggers.component.ts</context>
-          <context context-type="linenumber">79</context>
+          <context context-type="linenumber">80</context>
         </context-group>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/features/safe/feature-flags/components/flag-triggers/flag-triggers.component.ts</context>
-          <context context-type="linenumber">88</context>
+          <context context-type="linenumber">89</context>
         </context-group>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/features/safe/feature-flags/components/flag-triggers/flag-triggers.component.ts</context>
-          <context context-type="linenumber">99</context>
+          <context context-type="linenumber">100</context>
         </context-group>
       </trans-unit>
       <trans-unit id="expt-drawer.configure-data-sent-to-expt" datatype="html">
@@ -847,236 +1352,37 @@
         </context-group>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/core/components/expt-rules-drawer/expt-rules-drawer.component.html</context>
-          <context context-type="linenumber">178</context>
-        </context-group>
-      </trans-unit>
-      <trans-unit id="expt.rule-drawer.user-percentage-to-expt-tooltip" datatype="html">
-        <source>Compared to all users matching this rule</source>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/core/components/expt-rules-drawer/expt-rules-drawer.component.html</context>
-          <context context-type="linenumber">68</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/core/components/expt-rules-drawer/expt-rules-drawer.component.html</context>
-          <context context-type="linenumber">94</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/core/components/expt-rules-drawer/expt-rules-drawer.component.html</context>
-          <context context-type="linenumber">152</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/core/components/expt-rules-drawer/expt-rules-drawer.component.html</context>
-          <context context-type="linenumber">178</context>
-        </context-group>
-      </trans-unit>
-      <trans-unit id="expt.rule-drawer.default-rule" datatype="html">
-        <source>Default rule</source>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/core/components/expt-rules-drawer/expt-rules-drawer.component.html</context>
-          <context context-type="linenumber">88</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/core/components/expt-rules-drawer/expt-rules-drawer.component.html</context>
-          <context context-type="linenumber">172</context>
-        </context-group>
-      </trans-unit>
-      <trans-unit id="common.operation-success" datatype="html">
-        <source>Operation succeeded</source>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/core/components/expt-rules-drawer/expt-rules-drawer.component.ts</context>
-          <context context-type="linenumber">193</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/core/components/group-drawer/group-drawer.component.ts</context>
-          <context context-type="linenumber">68</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/core/components/member-drawer/member-drawer.component.ts</context>
-          <context context-type="linenumber">121</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/core/components/metric-drawer/metric-drawer.component.ts</context>
-          <context context-type="linenumber">241</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/core/components/metric-drawer/metric-drawer.component.ts</context>
-          <context context-type="linenumber">258</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/core/components/policy-drawer/policy-drawer.component.ts</context>
-          <context context-type="linenumber">68</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/core/components/props-drawer/props-drawer.component.ts</context>
-          <context context-type="linenumber">93</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/core/components/props-drawer/props-drawer.component.ts</context>
-          <context context-type="linenumber">116</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/core/components/props-drawer/props-drawer.component.ts</context>
-          <context context-type="linenumber">134</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/experiments/metrics/metrics.component.ts</context>
-          <context context-type="linenumber">85</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/feature-flags/components/flag-triggers/flag-triggers.component.ts</context>
-          <context context-type="linenumber">59</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/feature-flags/components/flag-triggers/flag-triggers.component.ts</context>
-          <context context-type="linenumber">77</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/feature-flags/components/flag-triggers/flag-triggers.component.ts</context>
-          <context context-type="linenumber">86</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/feature-flags/components/flag-triggers/flag-triggers.component.ts</context>
-          <context context-type="linenumber">97</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/feature-flags/details/setting/setting.component.ts</context>
-          <context context-type="linenumber">85</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/feature-flags/details/setting/setting.component.ts</context>
-          <context context-type="linenumber">96</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/feature-flags/details/setting/setting.component.ts</context>
-          <context context-type="linenumber">199</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/feature-flags/details/setting/setting.component.ts</context>
-          <context context-type="linenumber">332</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/feature-flags/details/setting/setting.component.ts</context>
-          <context context-type="linenumber">344</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/feature-flags/details/setting/setting.component.ts</context>
-          <context context-type="linenumber">352</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/feature-flags/index/index.component.ts</context>
-          <context context-type="linenumber">336</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/feature-flags/index/index.component.ts</context>
-          <context context-type="linenumber">349</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/feature-flags/index/index.component.ts</context>
-          <context context-type="linenumber">359</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/iam/groups/details/policies/policies.component.ts</context>
-          <context context-type="linenumber">74</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/iam/groups/details/policies/policies.component.ts</context>
-          <context context-type="linenumber">88</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/iam/groups/details/setting/setting.component.ts</context>
-          <context context-type="linenumber">42</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/iam/groups/details/setting/setting.component.ts</context>
-          <context context-type="linenumber">69</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/iam/groups/details/team/team.component.ts</context>
-          <context context-type="linenumber">73</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/iam/groups/details/team/team.component.ts</context>
-          <context context-type="linenumber">87</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/iam/groups/index/index.component.ts</context>
-          <context context-type="linenumber">84</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/iam/policies/details/groups/groups.component.ts</context>
-          <context context-type="linenumber">76</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/iam/policies/details/groups/groups.component.ts</context>
-          <context context-type="linenumber">90</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/iam/policies/details/permission/permission.component.ts</context>
-          <context context-type="linenumber">40</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/iam/policies/details/setting/setting.component.ts</context>
-          <context context-type="linenumber">46</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/iam/policies/details/setting/setting.component.ts</context>
-          <context context-type="linenumber">53</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/iam/policies/details/team/team.component.ts</context>
-          <context context-type="linenumber">76</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/iam/policies/details/team/team.component.ts</context>
-          <context context-type="linenumber">90</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/iam/policies/index/index.component.ts</context>
-          <context context-type="linenumber">80</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/iam/team/details/direct-policies/direct-policies.component.ts</context>
-          <context context-type="linenumber">75</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/iam/team/details/direct-policies/direct-policies.component.ts</context>
-          <context context-type="linenumber">89</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/iam/team/details/groups/groups.component.ts</context>
-          <context context-type="linenumber">81</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/iam/team/details/groups/groups.component.ts</context>
-          <context context-type="linenumber">95</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/iam/team/details/setting/setting.component.ts</context>
-          <context context-type="linenumber">51</context>
+          <context context-type="linenumber">178</context>
         </context-group>
+      </trans-unit>
+      <trans-unit id="expt.rule-drawer.user-percentage-to-expt-tooltip" datatype="html">
+        <source>Compared to all users matching this rule</source>
         <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/iam/team/index/index.component.ts</context>
-          <context context-type="linenumber">72</context>
+          <context context-type="sourcefile">src/app/core/components/expt-rules-drawer/expt-rules-drawer.component.html</context>
+          <context context-type="linenumber">68</context>
         </context-group>
         <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/segments/details/setting/setting.component.ts</context>
-          <context context-type="linenumber">60</context>
+          <context context-type="sourcefile">src/app/core/components/expt-rules-drawer/expt-rules-drawer.component.html</context>
+          <context context-type="linenumber">94</context>
         </context-group>
         <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/segments/details/targeting/targeting.component.ts</context>
-          <context context-type="linenumber">136</context>
+          <context context-type="sourcefile">src/app/core/components/expt-rules-drawer/expt-rules-drawer.component.html</context>
+          <context context-type="linenumber">152</context>
         </context-group>
         <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/segments/index/index.component.ts</context>
-          <context context-type="linenumber">41</context>
+          <context context-type="sourcefile">src/app/core/components/expt-rules-drawer/expt-rules-drawer.component.html</context>
+          <context context-type="linenumber">178</context>
         </context-group>
+      </trans-unit>
+      <trans-unit id="expt.rule-drawer.default-rule" datatype="html">
+        <source>Default rule</source>
         <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/segments/index/index.component.ts</context>
-          <context context-type="linenumber">63</context>
+          <context context-type="sourcefile">src/app/core/components/expt-rules-drawer/expt-rules-drawer.component.html</context>
+          <context context-type="linenumber">88</context>
         </context-group>
         <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/segments/index/index.component.ts</context>
-          <context context-type="linenumber">76</context>
+          <context context-type="sourcefile">src/app/core/components/expt-rules-drawer/expt-rules-drawer.component.html</context>
+          <context context-type="linenumber">172</context>
         </context-group>
       </trans-unit>
       <trans-unit id="common.operation-failed" datatype="html">
@@ -1111,11 +1417,11 @@
         </context-group>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/features/safe/iam/components/policy-editor/policy-editor.component.ts</context>
-          <context context-type="linenumber">142</context>
+          <context context-type="linenumber">133</context>
         </context-group>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/features/safe/iam/components/policy-editor/policy-editor.component.ts</context>
-          <context context-type="linenumber">145</context>
+          <context context-type="linenumber">136</context>
         </context-group>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/features/safe/iam/groups/details/policies/policies.component.ts</context>
@@ -1151,7 +1457,7 @@
         </context-group>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/features/safe/iam/policies/details/permission/permission.component.ts</context>
-          <context context-type="linenumber">41</context>
+          <context context-type="linenumber">42</context>
         </context-group>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/features/safe/iam/policies/details/setting/setting.component.ts</context>
@@ -1197,6 +1503,14 @@
           <context context-type="sourcefile">src/app/features/safe/iam/team/index/index.component.ts</context>
           <context context-type="linenumber">75</context>
         </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/features/safe/integrations/access-tokens/index/index.component.ts</context>
+          <context context-type="linenumber">147</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/features/safe/integrations/access-tokens/index/index.component.ts</context>
+          <context context-type="linenumber">157</context>
+        </context-group>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/features/safe/segments/details/targeting/targeting.component.ts</context>
           <context context-type="linenumber">142</context>
@@ -1459,25 +1773,6 @@
           <context context-type="linenumber">7</context>
         </context-group>
       </trans-unit>
-      <trans-unit id="common.validating" datatype="html">
-        <source>Validating...</source>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/core/components/group-drawer/group-drawer.component.html</context>
-          <context context-type="linenumber">15</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/core/components/policy-drawer/policy-drawer.component.html</context>
-          <context context-type="linenumber">15</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/feature-flags/index/index.component.html</context>
-          <context context-type="linenumber">203</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/segments/index/index.component.html</context>
-          <context context-type="linenumber">83</context>
-        </context-group>
-      </trans-unit>
       <trans-unit id="iam.groups.group-drawer.group-name-cannot-be-empty" datatype="html">
         <source>Group name cannot be empty</source>
         <context-group purpose="location">
@@ -1823,61 +2118,6 @@
           <context context-type="linenumber">62</context>
         </context-group>
       </trans-unit>
-      <trans-unit id="common.copy-success" datatype="html">
-        <source>Copied</source>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/core/components/header/header.component.ts</context>
-          <context context-type="linenumber">160</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/core/components/user-segments-flags-drawer/user-segments-flags-drawer.component.ts</context>
-          <context context-type="linenumber">60</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/feature-flags/details/setting/setting.component.ts</context>
-          <context context-type="linenumber">42</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/feature-flags/index/index.component.ts</context>
-          <context context-type="linenumber">204</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/feature-flags/index/index.component.ts</context>
-          <context context-type="linenumber">373</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/iam/components/policy-editor/policy-editor.component.ts</context>
-          <context context-type="linenumber">140</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/iam/groups/details/setting/setting.component.ts</context>
-          <context context-type="linenumber">80</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/iam/groups/index/index.component.ts</context>
-          <context context-type="linenumber">78</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/iam/policies/details/setting/setting.component.ts</context>
-          <context context-type="linenumber">80</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/iam/policies/index/index.component.ts</context>
-          <context context-type="linenumber">88</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/iam/team/details/setting/setting.component.ts</context>
-          <context context-type="linenumber">58</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/iam/team/index/index.component.ts</context>
-          <context context-type="linenumber">92</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/organizations/project/project.component.ts</context>
-          <context context-type="linenumber">181</context>
-        </context-group>
-      </trans-unit>
       <trans-unit id="common.feedback-success-message" datatype="html">
         <source>Thank you for sending us your feedback, we&apos;ll get back to you very soon!</source>
         <context-group purpose="location">
@@ -2069,7 +2309,7 @@
         </context-group>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/features/safe/feature-flags/details/experimentation/experimentation.component.html</context>
-          <context context-type="linenumber">153</context>
+          <context context-type="linenumber">151</context>
         </context-group>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/features/safe/feature-flags/details/experimentation/experimentation.component.ts</context>
@@ -2177,69 +2417,6 @@
           <context context-type="linenumber">116</context>
         </context-group>
       </trans-unit>
-      <trans-unit id="common.operation-failed-try-again" datatype="html">
-        <source>Operation failed, please try again</source>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/core/components/metric-drawer/metric-drawer.component.ts</context>
-          <context context-type="linenumber">244</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/core/components/target-user/target-user.component.ts</context>
-          <context context-type="linenumber">127</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/core/components/target-user/target-user.component.ts</context>
-          <context context-type="linenumber">159</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/feature-flags/details/experimentation/experimentation.component.ts</context>
-          <context context-type="linenumber">213</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/feature-flags/details/experimentation/experimentation.component.ts</context>
-          <context context-type="linenumber">229</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/feature-flags/details/experimentation/experimentation.component.ts</context>
-          <context context-type="linenumber">296</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/feature-flags/details/experimentation/experimentation.component.ts</context>
-          <context context-type="linenumber">309</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/feature-flags/details/setting/setting.component.ts</context>
-          <context context-type="linenumber">283</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/feature-flags/details/targeting/targeting.component.ts</context>
-          <context context-type="linenumber">109</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/feature-flags/index/index.component.ts</context>
-          <context context-type="linenumber">339</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/onboarding/steps/steps.component.ts</context>
-          <context context-type="linenumber">63</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/organizations/project/project.component.ts</context>
-          <context context-type="linenumber">253</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/organizations/project/project.component.ts</context>
-          <context context-type="linenumber">287</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/organizations/project/project.component.ts</context>
-          <context context-type="linenumber">303</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/segments/index/index.component.ts</context>
-          <context context-type="linenumber">79</context>
-        </context-group>
-      </trans-unit>
       <trans-unit id="org.org.createOrg" datatype="html">
         <source>Create organization</source>
         <context-group purpose="location">
@@ -2389,6 +2566,10 @@
           <context context-type="sourcefile">src/app/features/safe/iam/team/details/groups/groups.component.html</context>
           <context context-type="linenumber">54</context>
         </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/features/safe/integrations/access-tokens/index/index.component.html</context>
+          <context context-type="linenumber">39</context>
+        </context-group>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/features/safe/organizations/organization/organization.component.html</context>
           <context context-type="linenumber">29</context>
@@ -2494,6 +2675,10 @@
           <context context-type="sourcefile">src/app/features/safe/iam/team/index/index.component.html</context>
           <context context-type="linenumber">34</context>
         </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/features/safe/integrations/access-tokens/index/index.component.html</context>
+          <context context-type="linenumber">63</context>
+        </context-group>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/features/safe/segments/index/index.component.html</context>
           <context context-type="linenumber">37</context>
@@ -2654,6 +2839,10 @@
           <context context-type="sourcefile">src/app/features/safe/iam/team/index/index.component.html</context>
           <context context-type="linenumber">72</context>
         </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/features/safe/integrations/access-tokens/index/index.component.html</context>
+          <context context-type="linenumber">118</context>
+        </context-group>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/features/safe/organizations/project/project.component.html</context>
           <context context-type="linenumber">75</context>
@@ -2877,7 +3066,7 @@
         </context-group>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/features/safe/feature-flags/details/experimentation/experimentation.component.html</context>
-          <context context-type="linenumber">150</context>
+          <context context-type="linenumber">148</context>
         </context-group>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/features/safe/feature-flags/details/insights/insights.component.html</context>
@@ -2984,6 +3173,34 @@
           <context context-type="linenumber">168,170</context>
         </context-group>
       </trans-unit>
+      <trans-unit id="integrations.access-token.active" datatype="html">
+        <source>Active</source>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/core/pipes/access-token-status.pipe.ts</context>
+          <context context-type="linenumber">12</context>
+        </context-group>
+      </trans-unit>
+      <trans-unit id="integrations.access-token.inactive" datatype="html">
+        <source>Inactive</source>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/core/pipes/access-token-status.pipe.ts</context>
+          <context context-type="linenumber">13</context>
+        </context-group>
+      </trans-unit>
+      <trans-unit id="integrations.access-token.personal" datatype="html">
+        <source>Personal</source>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/core/pipes/access-token-type.pipe.ts</context>
+          <context context-type="linenumber">9</context>
+        </context-group>
+      </trans-unit>
+      <trans-unit id="integrations.access-token.service" datatype="html">
+        <source>Service</source>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/core/pipes/access-token-type.pipe.ts</context>
+          <context context-type="linenumber">10</context>
+        </context-group>
+      </trans-unit>
       <trans-unit id="permission.sys-managed" datatype="html">
         <source>System Managed</source>
         <context-group purpose="location">
@@ -2998,13 +3215,6 @@
           <context context-type="linenumber">9</context>
         </context-group>
       </trans-unit>
-      <trans-unit id="permissions.need-permissions-to-operate" datatype="html">
-        <source>You don&apos;t have permissions to take this action, please contact the admin to grant you the necessary permissions</source>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/core/services/permissions.service.ts</context>
-          <context context-type="linenumber">13</context>
-        </context-group>
-      </trans-unit>
       <trans-unit id="2454050363478003966" datatype="html">
         <source>Login</source>
         <context-group purpose="location">
@@ -3073,7 +3283,7 @@
         </context-group>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/features/safe/safe-routing.module.ts</context>
-          <context context-type="linenumber">62</context>
+          <context context-type="linenumber">50</context>
         </context-group>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/features/safe/safe.component.ts</context>
@@ -3211,29 +3421,6 @@
           <context context-type="linenumber">51</context>
         </context-group>
       </trans-unit>
-      <trans-unit id="common.type" datatype="html">
-        <source>Type</source>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/data-sync/remote-sync/remote-sync.component.html</context>
-          <context context-type="linenumber">26</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/iam/policies/details/setting/setting.component.html</context>
-          <context context-type="linenumber">33</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/iam/policies/index/index.component.html</context>
-          <context context-type="linenumber">30</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/iam/team/details/direct-policies/direct-policies.component.html</context>
-          <context context-type="linenumber">31</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/iam/team/details/inherited-policies/inherited-policies.component.html</context>
-          <context context-type="linenumber">25</context>
-        </context-group>
-      </trans-unit>
       <trans-unit id="common.url" datatype="html">
         <source>URL</source>
         <context-group purpose="location">
@@ -3451,6 +3638,10 @@
           <context context-type="sourcefile">src/app/features/safe/experiments/metrics/metrics.component.html</context>
           <context context-type="linenumber">72</context>
         </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/features/safe/integrations/access-tokens/index/index.component.html</context>
+          <context context-type="linenumber">94</context>
+        </context-group>
       </trans-unit>
       <trans-unit id="common.loading-failed-try-again" datatype="html">
         <source>Loading failed, please try again</source>
@@ -3827,91 +4018,91 @@
         <source>Remove data</source>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/features/safe/feature-flags/details/experimentation/experimentation.component.html</context>
-          <context context-type="linenumber">73</context>
+          <context context-type="linenumber">72</context>
         </context-group>
       </trans-unit>
       <trans-unit id="ff.expt.remove-expt-and-data-confirm" datatype="html">
         <source>This would remove the experiment and all data, it cannot be reverted, are you sure to remove it?</source>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/features/safe/feature-flags/details/experimentation/experimentation.component.html</context>
-          <context context-type="linenumber">78</context>
+          <context context-type="linenumber">77</context>
         </context-group>
       </trans-unit>
       <trans-unit id="ff.expt.remove-experiment" datatype="html">
         <source>Remove experiment</source>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/features/safe/feature-flags/details/experimentation/experimentation.component.html</context>
-          <context context-type="linenumber">83</context>
+          <context context-type="linenumber">81</context>
         </context-group>
       </trans-unit>
       <trans-unit id="ff.expt.restart-experiment" datatype="html">
         <source>Restart</source>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/features/safe/feature-flags/details/experimentation/experimentation.component.html</context>
-          <context context-type="linenumber">96</context>
+          <context context-type="linenumber">94</context>
         </context-group>
       </trans-unit>
       <trans-unit id="ff.expt.pause-experiment" datatype="html">
         <source>Pause</source>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/features/safe/feature-flags/details/experimentation/experimentation.component.html</context>
-          <context context-type="linenumber">100</context>
+          <context context-type="linenumber">98</context>
         </context-group>
       </trans-unit>
       <trans-unit id="ff.expt.period" datatype="html">
         <source>Period</source>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/features/safe/feature-flags/details/experimentation/experimentation.component.html</context>
-          <context context-type="linenumber">105</context>
+          <context context-type="linenumber">103</context>
         </context-group>
       </trans-unit>
       <trans-unit id="ff.expt.need-more-data-to-confirm-expt" datatype="html">
         <source>Need more data to confirm the results of the experiment</source>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/features/safe/feature-flags/details/experimentation/experimentation.component.html</context>
-          <context context-type="linenumber">119</context>
+          <context context-type="linenumber">117</context>
         </context-group>
       </trans-unit>
       <trans-unit id="ff.expt.result-not-significant" datatype="html">
         <source>The difference is not significant compared to the baseline</source>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/features/safe/feature-flags/details/experimentation/experimentation.component.html</context>
-          <context context-type="linenumber">123</context>
+          <context context-type="linenumber">121</context>
         </context-group>
       </trans-unit>
       <trans-unit id="ff.expt.winner" datatype="html">
         <source>Winner</source>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/features/safe/feature-flags/details/experimentation/experimentation.component.html</context>
-          <context context-type="linenumber">127</context>
+          <context context-type="linenumber">125</context>
         </context-group>
       </trans-unit>
       <trans-unit id="ff.expt.start" datatype="html">
         <source>Start</source>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/features/safe/feature-flags/details/experimentation/experimentation.component.html</context>
-          <context context-type="linenumber">135</context>
+          <context context-type="linenumber">133</context>
         </context-group>
       </trans-unit>
       <trans-unit id="common.conversion-num-user" datatype="html">
         <source>Conversion / Users</source>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/features/safe/feature-flags/details/experimentation/experimentation.component.html</context>
-          <context context-type="linenumber">152</context>
+          <context context-type="linenumber">150</context>
         </context-group>
       </trans-unit>
       <trans-unit id="common.totoal-events" datatype="html">
         <source>Total events</source>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/features/safe/feature-flags/details/experimentation/experimentation.component.html</context>
-          <context context-type="linenumber">156</context>
+          <context context-type="linenumber">154</context>
         </context-group>
       </trans-unit>
       <trans-unit id="common.average" datatype="html">
         <source>Average</source>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/features/safe/feature-flags/details/experimentation/experimentation.component.html</context>
-          <context context-type="linenumber">157</context>
+          <context context-type="linenumber">155</context>
         </context-group>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/features/safe/feature-flags/details/experimentation/experimentation.component.ts</context>
@@ -3926,67 +4117,67 @@
         <source>Confidence interval</source>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/features/safe/feature-flags/details/experimentation/experimentation.component.html</context>
-          <context context-type="linenumber">159</context>
+          <context context-type="linenumber">157</context>
         </context-group>
       </trans-unit>
       <trans-unit id="ff.expt.p-value" datatype="html">
         <source>P-Value</source>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/features/safe/feature-flags/details/experimentation/experimentation.component.html</context>
-          <context context-type="linenumber">162</context>
+          <context context-type="linenumber">160</context>
         </context-group>
       </trans-unit>
       <trans-unit id="ff.expt.p-significant-if-less-than-alpha" datatype="html">
         <source>The result is significant if P value is less than α(0.05)</source>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/features/safe/feature-flags/details/experimentation/experimentation.component.html</context>
-          <context context-type="linenumber">166</context>
+          <context context-type="linenumber">164</context>
         </context-group>
       </trans-unit>
       <trans-unit id="ff.expt.no-expt-data" datatype="html">
         <source>Data is not available yet</source>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/features/safe/feature-flags/details/experimentation/experimentation.component.html</context>
-          <context context-type="linenumber">179</context>
+          <context context-type="linenumber">177</context>
         </context-group>
       </trans-unit>
       <trans-unit id="common.baseline" datatype="html">
         <source>Baseline</source>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/features/safe/feature-flags/details/experimentation/experimentation.component.html</context>
-          <context context-type="linenumber">187</context>
+          <context context-type="linenumber">185</context>
         </context-group>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/features/safe/feature-flags/details/experimentation/experimentation.component.html</context>
-          <context context-type="linenumber">217</context>
+          <context context-type="linenumber">215</context>
         </context-group>
       </trans-unit>
       <trans-unit id="common.winner" datatype="html">
         <source>Winner</source>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/features/safe/feature-flags/details/experimentation/experimentation.component.html</context>
-          <context context-type="linenumber">195</context>
+          <context context-type="linenumber">193</context>
         </context-group>
       </trans-unit>
       <trans-unit id="ff.expt.not-significant-compared-to-baseline" datatype="html">
         <source>It&apos;s not significant compared to baseline</source>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/features/safe/feature-flags/details/experimentation/experimentation.component.html</context>
-          <context context-type="linenumber">198</context>
+          <context context-type="linenumber">196</context>
         </context-group>
       </trans-unit>
       <trans-unit id="ff.expt.hide-chart" datatype="html">
         <source>Hide chart</source>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/features/safe/feature-flags/details/experimentation/experimentation.component.html</context>
-          <context context-type="linenumber">273</context>
+          <context context-type="linenumber">271</context>
         </context-group>
       </trans-unit>
       <trans-unit id="ff.expt.show-chart" datatype="html">
         <source>Show chart</source>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/features/safe/feature-flags/details/experimentation/experimentation.component.html</context>
-          <context context-type="linenumber">274</context>
+          <context context-type="linenumber">272</context>
         </context-group>
       </trans-unit>
       <trans-unit id="common.time" datatype="html">
@@ -4525,6 +4716,10 @@
           <context context-type="sourcefile">src/app/features/safe/feature-flags/index/index.component.html</context>
           <context context-type="linenumber">75</context>
         </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/features/safe/integrations/access-tokens/index/index.component.html</context>
+          <context context-type="linenumber">60</context>
+        </context-group>
       </trans-unit>
       <trans-unit id="common.tags" datatype="html">
         <source>Tags</source>
@@ -4778,7 +4973,7 @@
         </context-group>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/features/safe/iam/components/policy-editor/policy-editor.component.ts</context>
-          <context context-type="linenumber">152</context>
+          <context context-type="linenumber">143</context>
         </context-group>
       </trans-unit>
       <trans-unit id="common.copy" datatype="html">
@@ -4821,7 +5016,7 @@
         <source>Make sure resource and operation are set for all permissions</source>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/features/safe/iam/components/policy-editor/policy-editor.component.ts</context>
-          <context context-type="linenumber">158</context>
+          <context context-type="linenumber">149</context>
         </context-group>
       </trans-unit>
       <trans-unit id="iam.policies.details.resource" datatype="html">
@@ -4887,213 +5082,6 @@
           <context context-type="linenumber">68</context>
         </context-group>
       </trans-unit>
-      <trans-unit id="iam.rsc-type.all" datatype="html">
-        <source>All</source>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/iam/components/policy-editor/types.ts</context>
-          <context context-type="linenumber">49</context>
-        </context-group>
-      </trans-unit>
-      <trans-unit id="iam.rsc-type.general" datatype="html">
-        <source>General</source>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/iam/components/policy-editor/types.ts</context>
-          <context context-type="linenumber">54</context>
-        </context-group>
-      </trans-unit>
-      <trans-unit id="iam.rsc-type.project" datatype="html">
-        <source>Project</source>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/iam/components/policy-editor/types.ts</context>
-          <context context-type="linenumber">59</context>
-        </context-group>
-      </trans-unit>
-      <trans-unit id="iam.rsc-type.env" datatype="html">
-        <source>Environment</source>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/iam/components/policy-editor/types.ts</context>
-          <context context-type="linenumber">64</context>
-        </context-group>
-      </trans-unit>
-      <trans-unit id="iam.policy.project" datatype="html">
-        <source>Project</source>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/iam/components/policy-editor/types.ts</context>
-          <context context-type="linenumber">85</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/iam/components/policy-editor/types.ts</context>
-          <context context-type="linenumber">97</context>
-        </context-group>
-      </trans-unit>
-      <trans-unit id="iam.policy.environment" datatype="html">
-        <source>Environment</source>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/iam/components/policy-editor/types.ts</context>
-          <context context-type="linenumber">107</context>
-        </context-group>
-      </trans-unit>
-      <trans-unit id="iam.action.all" datatype="html">
-        <source>All</source>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/iam/components/policy-editor/types.ts</context>
-          <context context-type="linenumber">120</context>
-        </context-group>
-      </trans-unit>
-      <trans-unit id="iam.action.update-org-name" datatype="html">
-        <source>Update org name</source>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/iam/components/policy-editor/types.ts</context>
-          <context context-type="linenumber">127</context>
-        </context-group>
-      </trans-unit>
-      <trans-unit id="iam.action.iam" datatype="html">
-        <source>IAM</source>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/iam/components/policy-editor/types.ts</context>
-          <context context-type="linenumber">134</context>
-        </context-group>
-      </trans-unit>
-      <trans-unit id="iam.action.list-projects" datatype="html">
-        <source>List projects</source>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/iam/components/policy-editor/types.ts</context>
-          <context context-type="linenumber">141</context>
-        </context-group>
-      </trans-unit>
-      <trans-unit id="iam.action.create-projects" datatype="html">
-        <source>Create projects</source>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/iam/components/policy-editor/types.ts</context>
-          <context context-type="linenumber">146</context>
-        </context-group>
-      </trans-unit>
-      <trans-unit id="iam.action.delete-projects" datatype="html">
-        <source>Delete projects</source>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/iam/components/policy-editor/types.ts</context>
-          <context context-type="linenumber">151</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/iam/components/policy-editor/types.ts</context>
-          <context context-type="linenumber">208</context>
-        </context-group>
-      </trans-unit>
-      <trans-unit id="iam.action.update-project-settings" datatype="html">
-        <source>Update project settings</source>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/iam/components/policy-editor/types.ts</context>
-          <context context-type="linenumber">156</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/iam/components/policy-editor/types.ts</context>
-          <context context-type="linenumber">213</context>
-        </context-group>
-      </trans-unit>
-      <trans-unit id="iam.action.list-envs" datatype="html">
-        <source>List environments</source>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/iam/components/policy-editor/types.ts</context>
-          <context context-type="linenumber">161</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/iam/components/policy-editor/types.ts</context>
-          <context context-type="linenumber">218</context>
-        </context-group>
-      </trans-unit>
-      <trans-unit id="iam.action.create-env" datatype="html">
-        <source>Create environment</source>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/iam/components/policy-editor/types.ts</context>
-          <context context-type="linenumber">166</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/iam/components/policy-editor/types.ts</context>
-          <context context-type="linenumber">223</context>
-        </context-group>
-      </trans-unit>
-      <trans-unit id="iam.action.access-envs" datatype="html">
-        <source>Access environments</source>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/iam/components/policy-editor/types.ts</context>
-          <context context-type="linenumber">171</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/iam/components/policy-editor/types.ts</context>
-          <context context-type="linenumber">203</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/iam/components/policy-editor/types.ts</context>
-          <context context-type="linenumber">245</context>
-        </context-group>
-      </trans-unit>
-      <trans-unit id="iam.action.delete-envs" datatype="html">
-        <source>Delete environments</source>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/iam/components/policy-editor/types.ts</context>
-          <context context-type="linenumber">176</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/iam/components/policy-editor/types.ts</context>
-          <context context-type="linenumber">250</context>
-        </context-group>
-      </trans-unit>
-      <trans-unit id="iam.action.update-env-settings" datatype="html">
-        <source>Update environment settings</source>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/iam/components/policy-editor/types.ts</context>
-          <context context-type="linenumber">181</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/iam/components/policy-editor/types.ts</context>
-          <context context-type="linenumber">255</context>
-        </context-group>
-      </trans-unit>
-      <trans-unit id="iam.action.delete-env-secret" datatype="html">
-        <source>Delete environment secret</source>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/iam/components/policy-editor/types.ts</context>
-          <context context-type="linenumber">186</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/iam/components/policy-editor/types.ts</context>
-          <context context-type="linenumber">228</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/iam/components/policy-editor/types.ts</context>
-          <context context-type="linenumber">260</context>
-        </context-group>
-      </trans-unit>
-      <trans-unit id="iam.action.create-env-secret" datatype="html">
-        <source>Create environment secret</source>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/iam/components/policy-editor/types.ts</context>
-          <context context-type="linenumber">191</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/iam/components/policy-editor/types.ts</context>
-          <context context-type="linenumber">233</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/iam/components/policy-editor/types.ts</context>
-          <context context-type="linenumber">265</context>
-        </context-group>
-      </trans-unit>
-      <trans-unit id="iam.action.update-env-secret" datatype="html">
-        <source>Update environment secret</source>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/iam/components/policy-editor/types.ts</context>
-          <context context-type="linenumber">196</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/iam/components/policy-editor/types.ts</context>
-          <context context-type="linenumber">238</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/iam/components/policy-editor/types.ts</context>
-          <context context-type="linenumber">270</context>
-        </context-group>
-      </trans-unit>
       <trans-unit id="iam.routing.team" datatype="html">
         <source>Team</source>
         <context-group purpose="location">
@@ -5131,13 +5119,6 @@
           <context context-type="linenumber">13</context>
         </context-group>
       </trans-unit>
-      <trans-unit id="common.policies" datatype="html">
-        <source>Policies</source>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/iam/groups/details/details.component.html</context>
-          <context context-type="linenumber">13</context>
-        </context-group>
-      </trans-unit>
       <trans-unit id="iam.groups.details.dp-filter-placeholder" datatype="html">
         <source>Filter by policy name</source>
         <context-group purpose="location">
@@ -5458,60 +5439,134 @@
           <context context-type="linenumber">49</context>
         </context-group>
       </trans-unit>
-      <trans-unit id="iam.team.details.remove-member-from-suffix" datatype="html">
-        <source>?</source>
+      <trans-unit id="iam.team.details.remove-member-from-suffix" datatype="html">
+        <source>?</source>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/features/safe/iam/team/details/groups/groups.component.html</context>
+          <context context-type="linenumber">49</context>
+        </context-group>
+      </trans-unit>
+      <trans-unit id="iam.team.details.ip-filter-placeholder" datatype="html">
+        <source>Filter by policy name</source>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/features/safe/iam/team/details/inherited-policies/inherited-policies.component.html</context>
+          <context context-type="linenumber">5</context>
+        </context-group>
+      </trans-unit>
+      <trans-unit id="iam.team.idx.searchPlaceholder" datatype="html">
+        <source>Filter by Email</source>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/features/safe/iam/team/index/index.component.html</context>
+          <context context-type="linenumber">4</context>
+        </context-group>
+      </trans-unit>
+      <trans-unit id="iam.team.idx.add" datatype="html">
+        <source>Add</source>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/features/safe/iam/team/index/index.component.html</context>
+          <context context-type="linenumber">11</context>
+        </context-group>
+      </trans-unit>
+      <trans-unit id="iam.team.idx.group" datatype="html">
+        <source>Group</source>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/features/safe/iam/team/index/index.component.html</context>
+          <context context-type="linenumber">32</context>
+        </context-group>
+      </trans-unit>
+      <trans-unit id="iam.team.idx.initial-password" datatype="html">
+        <source>Initial password</source>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/features/safe/iam/team/index/index.component.html</context>
+          <context context-type="linenumber">33</context>
+        </context-group>
+      </trans-unit>
+      <trans-unit id="iam.team.idx.etc" datatype="html">
+        <source>+</source>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/features/safe/iam/team/index/index.component.html</context>
+          <context context-type="linenumber">51</context>
+        </context-group>
+      </trans-unit>
+      <trans-unit id="iam.team.idx.entries" datatype="html">
+        <source>more</source>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/features/safe/iam/team/index/index.component.html</context>
+          <context context-type="linenumber">51</context>
+        </context-group>
+      </trans-unit>
+      <trans-unit id="integrations.access-tokens.searchNamePlaceholder" datatype="html">
+        <source>Filter by name</source>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/features/safe/integrations/access-tokens/index/index.component.html</context>
+          <context context-type="linenumber">5</context>
+        </context-group>
+      </trans-unit>
+      <trans-unit id="integrations.access-tokens.filter-by-creator" datatype="html">
+        <source>Select creator</source>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/features/safe/integrations/access-tokens/index/index.component.html</context>
+          <context context-type="linenumber">12</context>
+        </context-group>
+      </trans-unit>
+      <trans-unit id="integrations.access-tokens.filter-by-type" datatype="html">
+        <source>Filter by type</source>
         <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/iam/team/details/groups/groups.component.html</context>
-          <context context-type="linenumber">49</context>
+          <context context-type="sourcefile">src/app/features/safe/integrations/access-tokens/index/index.component.html</context>
+          <context context-type="linenumber">31</context>
         </context-group>
       </trans-unit>
-      <trans-unit id="iam.team.details.ip-filter-placeholder" datatype="html">
-        <source>Filter by policy name</source>
+      <trans-unit id="common.created-by" datatype="html">
+        <source>Created by</source>
         <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/iam/team/details/inherited-policies/inherited-policies.component.html</context>
-          <context context-type="linenumber">5</context>
+          <context context-type="sourcefile">src/app/features/safe/integrations/access-tokens/index/index.component.html</context>
+          <context context-type="linenumber">59</context>
         </context-group>
       </trans-unit>
-      <trans-unit id="iam.team.idx.searchPlaceholder" datatype="html">
-        <source>Filter by Email</source>
+      <trans-unit id="common.last-used" datatype="html">
+        <source>Last used</source>
         <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/iam/team/index/index.component.html</context>
-          <context context-type="linenumber">4</context>
+          <context context-type="sourcefile">src/app/features/safe/integrations/access-tokens/index/index.component.html</context>
+          <context context-type="linenumber">61</context>
         </context-group>
       </trans-unit>
-      <trans-unit id="iam.team.idx.add" datatype="html">
-        <source>Add</source>
+      <trans-unit id="common.access-token" datatype="html">
+        <source>Access token</source>
         <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/iam/team/index/index.component.html</context>
-          <context context-type="linenumber">11</context>
+          <context context-type="sourcefile">src/app/features/safe/integrations/access-tokens/index/index.component.html</context>
+          <context context-type="linenumber">62</context>
         </context-group>
       </trans-unit>
-      <trans-unit id="iam.team.idx.group" datatype="html">
-        <source>Group</source>
+      <trans-unit id="common.activate" datatype="html">
+        <source>Activate</source>
         <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/iam/team/index/index.component.html</context>
-          <context context-type="linenumber">32</context>
+          <context context-type="sourcefile">src/app/features/safe/integrations/access-tokens/index/index.component.html</context>
+          <context context-type="linenumber">97</context>
         </context-group>
       </trans-unit>
-      <trans-unit id="iam.team.idx.initial-password" datatype="html">
-        <source>Initial password</source>
+      <trans-unit id="integrations.access-tokens.deactivate-access-token-confirm" datatype="html">
+        <source>Deactivate this access token? You can&apos;t use an inactive access token to make API calls but you can activate it again later.</source>
         <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/iam/team/index/index.component.html</context>
-          <context context-type="linenumber">33</context>
+          <context context-type="sourcefile">src/app/features/safe/integrations/access-tokens/index/index.component.html</context>
+          <context context-type="linenumber">103</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/features/safe/integrations/access-tokens/index/index.component.html</context>
+          <context context-type="linenumber">113</context>
         </context-group>
       </trans-unit>
-      <trans-unit id="iam.team.idx.etc" datatype="html">
-        <source>+</source>
+      <trans-unit id="common.Deactivate" datatype="html">
+        <source>Deactivate</source>
         <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/iam/team/index/index.component.html</context>
-          <context context-type="linenumber">51</context>
+          <context context-type="sourcefile">src/app/features/safe/integrations/access-tokens/index/index.component.html</context>
+          <context context-type="linenumber">108</context>
         </context-group>
       </trans-unit>
-      <trans-unit id="iam.team.idx.entries" datatype="html">
-        <source>more</source>
+      <trans-unit id="integrations.routing.access-tokens" datatype="html">
+        <source>Access tokens</source>
         <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/iam/team/index/index.component.html</context>
-          <context context-type="linenumber">51</context>
+          <context context-type="sourcefile">src/app/features/safe/integrations/integrations-routing.module.ts</context>
+          <context context-type="linenumber">16</context>
         </context-group>
       </trans-unit>
       <trans-unit id="onboarding.complete.title" datatype="html">
@@ -5936,7 +5991,7 @@
         <source>Organization</source>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/features/safe/safe-routing.module.ts</context>
-          <context context-type="linenumber">50</context>
+          <context context-type="linenumber">57</context>
         </context-group>
       </trans-unit>
       <trans-unit id="menu.FF" datatype="html">
@@ -6009,6 +6064,20 @@
           <context context-type="linenumber">107,106</context>
         </context-group>
       </trans-unit>
+      <trans-unit id="menu.integrations" datatype="html">
+        <source>Integrations</source>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/features/safe/safe.component.ts</context>
+          <context context-type="linenumber">114,113</context>
+        </context-group>
+      </trans-unit>
+      <trans-unit id="menu.integrations.access-tokens" datatype="html">
+        <source>Access tokens</source>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/features/safe/safe.component.ts</context>
+          <context context-type="linenumber">119,118</context>
+        </context-group>
+      </trans-unit>
       <trans-unit id="segment.details.segment-not-used" datatype="html">
         <source>This segment is not used by any feature flag</source>
         <context-group purpose="location">
@@ -6322,6 +6391,264 @@
           <context context-type="linenumber">76</context>
         </context-group>
       </trans-unit>
+      <trans-unit id="iam.action.all" datatype="html">
+        <source>All</source>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/shared/permissions.ts</context>
+          <context context-type="linenumber">17</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/shared/permissions.ts</context>
+          <context context-type="linenumber">18</context>
+        </context-group>
+      </trans-unit>
+      <trans-unit id="iam.action.list-projects" datatype="html">
+        <source>List projects</source>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/shared/permissions.ts</context>
+          <context context-type="linenumber">25</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/shared/permissions.ts</context>
+          <context context-type="linenumber">26</context>
+        </context-group>
+      </trans-unit>
+      <trans-unit id="iam.action.create-projects" datatype="html">
+        <source>Create projects</source>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/shared/permissions.ts</context>
+          <context context-type="linenumber">33</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/shared/permissions.ts</context>
+          <context context-type="linenumber">34</context>
+        </context-group>
+      </trans-unit>
+      <trans-unit id="iam.action.delete-projects" datatype="html">
+        <source>Delete projects</source>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/shared/permissions.ts</context>
+          <context context-type="linenumber">41</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/shared/permissions.ts</context>
+          <context context-type="linenumber">42</context>
+        </context-group>
+      </trans-unit>
+      <trans-unit id="iam.action.access-envs" datatype="html">
+        <source>Access environments</source>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/shared/permissions.ts</context>
+          <context context-type="linenumber">49</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/shared/permissions.ts</context>
+          <context context-type="linenumber">50</context>
+        </context-group>
+      </trans-unit>
+      <trans-unit id="iam.action.update-project-settings" datatype="html">
+        <source>Update project settings</source>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/shared/permissions.ts</context>
+          <context context-type="linenumber">57</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/shared/permissions.ts</context>
+          <context context-type="linenumber">58</context>
+        </context-group>
+      </trans-unit>
+      <trans-unit id="iam.action.list-envs" datatype="html">
+        <source>List environments</source>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/shared/permissions.ts</context>
+          <context context-type="linenumber">65</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/shared/permissions.ts</context>
+          <context context-type="linenumber">66</context>
+        </context-group>
+      </trans-unit>
+      <trans-unit id="iam.action.create-env" datatype="html">
+        <source>Create environment</source>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/shared/permissions.ts</context>
+          <context context-type="linenumber">73</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/shared/permissions.ts</context>
+          <context context-type="linenumber">74</context>
+        </context-group>
+      </trans-unit>
+      <trans-unit id="iam.action.delete-envs" datatype="html">
+        <source>Delete environments</source>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/shared/permissions.ts</context>
+          <context context-type="linenumber">81</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/shared/permissions.ts</context>
+          <context context-type="linenumber">82</context>
+        </context-group>
+      </trans-unit>
+      <trans-unit id="iam.action.update-env-settings" datatype="html">
+        <source>Update environment settings</source>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/shared/permissions.ts</context>
+          <context context-type="linenumber">89</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/shared/permissions.ts</context>
+          <context context-type="linenumber">90</context>
+        </context-group>
+      </trans-unit>
+      <trans-unit id="iam.action.delete-env-secret" datatype="html">
+        <source>Delete environment secret</source>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/shared/permissions.ts</context>
+          <context context-type="linenumber">97</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/shared/permissions.ts</context>
+          <context context-type="linenumber">98</context>
+        </context-group>
+      </trans-unit>
+      <trans-unit id="iam.action.create-env-secret" datatype="html">
+        <source>Create environment secret</source>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/shared/permissions.ts</context>
+          <context context-type="linenumber">105</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/shared/permissions.ts</context>
+          <context context-type="linenumber">106</context>
+        </context-group>
+      </trans-unit>
+      <trans-unit id="iam.action.update-env-secret" datatype="html">
+        <source>Update environment secret</source>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/shared/permissions.ts</context>
+          <context context-type="linenumber">113</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/shared/permissions.ts</context>
+          <context context-type="linenumber">114</context>
+        </context-group>
+      </trans-unit>
+      <trans-unit id="iam.action.update-org-name" datatype="html">
+        <source>Update org name</source>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/shared/permissions.ts</context>
+          <context context-type="linenumber">123</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/shared/permissions.ts</context>
+          <context context-type="linenumber">124</context>
+        </context-group>
+      </trans-unit>
+      <trans-unit id="iam.action.iam" datatype="html">
+        <source>IAM</source>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/shared/permissions.ts</context>
+          <context context-type="linenumber">133</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/shared/permissions.ts</context>
+          <context context-type="linenumber">134</context>
+        </context-group>
+      </trans-unit>
+      <trans-unit id="iam.action.list-access-tokens" datatype="html">
+        <source>List access tokens</source>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/shared/permissions.ts</context>
+          <context context-type="linenumber">143</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/shared/permissions.ts</context>
+          <context context-type="linenumber">144</context>
+        </context-group>
+      </trans-unit>
+      <trans-unit id="iam.action.manage-service-access-tokens" datatype="html">
+        <source>Manage service access tokens</source>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/shared/permissions.ts</context>
+          <context context-type="linenumber">151</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/shared/permissions.ts</context>
+          <context context-type="linenumber">152</context>
+        </context-group>
+      </trans-unit>
+      <trans-unit id="iam.action.manage-personal-access-tokens" datatype="html">
+        <source>Manage personal access tokens</source>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/shared/permissions.ts</context>
+          <context context-type="linenumber">159</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/shared/permissions.ts</context>
+          <context context-type="linenumber">160</context>
+        </context-group>
+      </trans-unit>
+      <trans-unit id="iam.rsc-type.all" datatype="html">
+        <source>All</source>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/shared/policy.ts</context>
+          <context context-type="linenumber">62</context>
+        </context-group>
+      </trans-unit>
+      <trans-unit id="iam.rsc-type.account" datatype="html">
+        <source>Account</source>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/shared/policy.ts</context>
+          <context context-type="linenumber">67</context>
+        </context-group>
+      </trans-unit>
+      <trans-unit id="iam.rsc-type.iam" datatype="html">
+        <source>IAM</source>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/shared/policy.ts</context>
+          <context context-type="linenumber">72</context>
+        </context-group>
+      </trans-unit>
+      <trans-unit id="iam.rsc-type.access-token" datatype="html">
+        <source>Access token</source>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/shared/policy.ts</context>
+          <context context-type="linenumber">77</context>
+        </context-group>
+      </trans-unit>
+      <trans-unit id="iam.rsc-type.project" datatype="html">
+        <source>Project</source>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/shared/policy.ts</context>
+          <context context-type="linenumber">82</context>
+        </context-group>
+      </trans-unit>
+      <trans-unit id="iam.rsc-type.env" datatype="html">
+        <source>Environment</source>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/shared/policy.ts</context>
+          <context context-type="linenumber">87</context>
+        </context-group>
+      </trans-unit>
+      <trans-unit id="iam.policy.project" datatype="html">
+        <source>Project</source>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/shared/policy.ts</context>
+          <context context-type="linenumber">110</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/shared/policy.ts</context>
+          <context context-type="linenumber">122</context>
+        </context-group>
+      </trans-unit>
+      <trans-unit id="iam.policy.environment" datatype="html">
+        <source>Environment</source>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/shared/policy.ts</context>
+          <context context-type="linenumber">132</context>
+        </context-group>
+      </trans-unit>
     </body>
   </file>
 </xliff>
diff --git a/modules/front-end/src/locale/messages.zh.xlf b/modules/front-end/src/locale/messages.zh.xlf
index ee5a89ce1..be6a062ec 100644
--- a/modules/front-end/src/locale/messages.zh.xlf
+++ b/modules/front-end/src/locale/messages.zh.xlf
@@ -337,7 +337,7 @@
         </context-group>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/features/safe/feature-flags/details/setting/setting.component.html</context>
-          <context context-type="linenumber">136,137</context>
+          <context context-type="linenumber">146,147</context>
         </context-group>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/features/safe/feature-flags/index/index.component.html</context>
@@ -425,7 +425,7 @@
         </context-group>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/features/safe/feature-flags/details/setting/setting.component.html</context>
-          <context context-type="linenumber">164,166</context>
+          <context context-type="linenumber">174,176</context>
         </context-group>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/features/safe/feature-flags/index/index.component.html</context>
@@ -549,27 +549,27 @@
         </context-group>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/features/safe/feature-flags/details/setting/setting.component.ts</context>
-          <context context-type="linenumber">84</context>
+          <context context-type="linenumber">85</context>
         </context-group>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/features/safe/feature-flags/details/setting/setting.component.ts</context>
-          <context context-type="linenumber">95</context>
+          <context context-type="linenumber">96</context>
         </context-group>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/features/safe/feature-flags/details/setting/setting.component.ts</context>
-          <context context-type="linenumber">190</context>
+          <context context-type="linenumber">199</context>
         </context-group>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/features/safe/feature-flags/details/setting/setting.component.ts</context>
-          <context context-type="linenumber">322</context>
+          <context context-type="linenumber">332</context>
         </context-group>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/features/safe/feature-flags/details/setting/setting.component.ts</context>
-          <context context-type="linenumber">333</context>
+          <context context-type="linenumber">344</context>
         </context-group>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/features/safe/feature-flags/details/setting/setting.component.ts</context>
-          <context context-type="linenumber">341</context>
+          <context context-type="linenumber">352</context>
         </context-group>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/features/safe/feature-flags/index/index.component.ts</context>
@@ -733,7 +733,7 @@
         </context-group>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/features/safe/feature-flags/details/setting/setting.component.ts</context>
-          <context context-type="linenumber">274</context>
+          <context context-type="linenumber">283</context>
         </context-group>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/features/safe/feature-flags/details/targeting/targeting.component.ts</context>
@@ -773,7 +773,7 @@
         </context-group>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/core/components/header/header.component.ts</context>
-          <context context-type="linenumber">151</context>
+          <context context-type="linenumber">160</context>
         </context-group>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/core/components/user-segments-flags-drawer/user-segments-flags-drawer.component.ts</context>
@@ -797,7 +797,7 @@
         </context-group>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/features/safe/iam/components/policy-editor/policy-editor.component.ts</context>
-          <context context-type="linenumber">130</context>
+          <context context-type="linenumber">131</context>
         </context-group>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/features/safe/iam/groups/details/setting/setting.component.ts</context>
@@ -901,66 +901,6 @@
         </context-group>
         <target>按团队成员查找</target>
       </trans-unit>
-      <trans-unit id="common.loading" datatype="html">
-        <source>Loading...</source>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/core/components/audit-logs/audit-logs.component.html</context>
-          <context context-type="linenumber">26</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/core/components/experiment-drawer/experiment-drawer.component.html</context>
-          <context context-type="linenumber">36</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/core/components/experiment-drawer/experiment-drawer.component.html</context>
-          <context context-type="linenumber">66</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/core/components/member-drawer/member-drawer.component.html</context>
-          <context context-type="linenumber">38</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/core/components/member-drawer/member-drawer.component.html</context>
-          <context context-type="linenumber">55</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/core/components/metric-drawer/metric-drawer.component.html</context>
-          <context context-type="linenumber">43</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/core/components/target-user/target-user.component.html</context>
-          <context context-type="linenumber">44</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/end-users/index/index.component.html</context>
-          <context context-type="linenumber">25</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/end-users/index/index.component.html</context>
-          <context context-type="linenumber">60</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/feature-flags/details/experimentation/experimentation.component.html</context>
-          <context context-type="linenumber">138</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/feature-flags/details/insights/insights.component.html</context>
-          <context context-type="linenumber">18</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/feature-flags/details/setting/setting.component.html</context>
-          <context context-type="linenumber">146,147</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/feature-flags/index/index.component.html</context>
-          <context context-type="linenumber">26</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/iam/components/policy-editor/resources-selector/resources-selector.component.html</context>
-          <context context-type="linenumber">38</context>
-        </context-group>
-        <target>数据加载中...</target>
-      </trans-unit>
       <trans-unit id="ff.idx.filter-by-type" datatype="html">
         <source>Filter by type</source>
         <context-group purpose="location">
@@ -1229,82 +1169,6 @@
         </context-group>
         <target>取消</target>
       </trans-unit>
-      <trans-unit id="common.save" datatype="html">
-        <source>Save</source>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/core/components/change-review/change-review.component.html</context>
-          <context context-type="linenumber">43</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/core/components/env-drawer/env-drawer.component.html</context>
-          <context context-type="linenumber">35</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/core/components/experiment-drawer/experiment-drawer.component.html</context>
-          <context context-type="linenumber">91</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/core/components/expt-rules-drawer/expt-rules-drawer.component.html</context>
-          <context context-type="linenumber">202</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/core/components/group-drawer/group-drawer.component.html</context>
-          <context context-type="linenumber">32</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/core/components/header/header.component.html</context>
-          <context context-type="linenumber">80,81</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/core/components/member-drawer/member-drawer.component.html</context>
-          <context context-type="linenumber">61</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/core/components/metric-drawer/metric-drawer.component.html</context>
-          <context context-type="linenumber">121</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/core/components/organization-drawer/organization-drawer.component.html</context>
-          <context context-type="linenumber">18</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/core/components/policy-drawer/policy-drawer.component.html</context>
-          <context context-type="linenumber">32</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/core/components/project-drawer/project-drawer.component.html</context>
-          <context context-type="linenumber">29</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/core/components/props-drawer/props-drawer.component.html</context>
-          <context context-type="linenumber">90</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/core/components/target-user/target-user.component.html</context>
-          <context context-type="linenumber">69</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/feature-flags/details/setting/setting.component.html</context>
-          <context context-type="linenumber">174,176</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/feature-flags/index/index.component.html</context>
-          <context context-type="linenumber">224</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/iam/components/policy-editor/policy-editor.component.html</context>
-          <context context-type="linenumber">9</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/iam/components/policy-editor/resources-selector/resources-selector.component.html</context>
-          <context context-type="linenumber">76</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/segments/index/index.component.html</context>
-          <context context-type="linenumber">104</context>
-        </context-group>
-        <target>保存</target>
-      </trans-unit>
       <trans-unit id="org.project.permission-will-become-invalid-if-change-name" datatype="html">
         <source>Permission will become invalid if you change the name</source>
         <context-group purpose="location">
@@ -1597,206 +1461,6 @@
         </context-group>
         <target>默认规则</target>
       </trans-unit>
-      <trans-unit id="common.operation-success" datatype="html">
-        <source>Operation succeeded</source>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/core/components/expt-rules-drawer/expt-rules-drawer.component.ts</context>
-          <context context-type="linenumber">193</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/core/components/group-drawer/group-drawer.component.ts</context>
-          <context context-type="linenumber">68</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/core/components/member-drawer/member-drawer.component.ts</context>
-          <context context-type="linenumber">121</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/core/components/metric-drawer/metric-drawer.component.ts</context>
-          <context context-type="linenumber">241</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/core/components/metric-drawer/metric-drawer.component.ts</context>
-          <context context-type="linenumber">258</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/core/components/policy-drawer/policy-drawer.component.ts</context>
-          <context context-type="linenumber">68</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/core/components/props-drawer/props-drawer.component.ts</context>
-          <context context-type="linenumber">93</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/core/components/props-drawer/props-drawer.component.ts</context>
-          <context context-type="linenumber">116</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/core/components/props-drawer/props-drawer.component.ts</context>
-          <context context-type="linenumber">134</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/experiments/metrics/metrics.component.ts</context>
-          <context context-type="linenumber">85</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/feature-flags/components/flag-triggers/flag-triggers.component.ts</context>
-          <context context-type="linenumber">59</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/feature-flags/components/flag-triggers/flag-triggers.component.ts</context>
-          <context context-type="linenumber">77</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/feature-flags/components/flag-triggers/flag-triggers.component.ts</context>
-          <context context-type="linenumber">86</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/feature-flags/components/flag-triggers/flag-triggers.component.ts</context>
-          <context context-type="linenumber">97</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/feature-flags/details/setting/setting.component.ts</context>
-          <context context-type="linenumber">85</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/feature-flags/details/setting/setting.component.ts</context>
-          <context context-type="linenumber">96</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/feature-flags/details/setting/setting.component.ts</context>
-          <context context-type="linenumber">199</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/feature-flags/details/setting/setting.component.ts</context>
-          <context context-type="linenumber">332</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/feature-flags/details/setting/setting.component.ts</context>
-          <context context-type="linenumber">344</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/feature-flags/details/setting/setting.component.ts</context>
-          <context context-type="linenumber">352</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/feature-flags/index/index.component.ts</context>
-          <context context-type="linenumber">336</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/feature-flags/index/index.component.ts</context>
-          <context context-type="linenumber">349</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/feature-flags/index/index.component.ts</context>
-          <context context-type="linenumber">359</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/iam/groups/details/policies/policies.component.ts</context>
-          <context context-type="linenumber">74</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/iam/groups/details/policies/policies.component.ts</context>
-          <context context-type="linenumber">88</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/iam/groups/details/setting/setting.component.ts</context>
-          <context context-type="linenumber">42</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/iam/groups/details/setting/setting.component.ts</context>
-          <context context-type="linenumber">69</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/iam/groups/details/team/team.component.ts</context>
-          <context context-type="linenumber">73</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/iam/groups/details/team/team.component.ts</context>
-          <context context-type="linenumber">87</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/iam/groups/index/index.component.ts</context>
-          <context context-type="linenumber">84</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/iam/policies/details/groups/groups.component.ts</context>
-          <context context-type="linenumber">76</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/iam/policies/details/groups/groups.component.ts</context>
-          <context context-type="linenumber">90</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/iam/policies/details/permission/permission.component.ts</context>
-          <context context-type="linenumber">40</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/iam/policies/details/setting/setting.component.ts</context>
-          <context context-type="linenumber">46</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/iam/policies/details/setting/setting.component.ts</context>
-          <context context-type="linenumber">53</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/iam/policies/details/team/team.component.ts</context>
-          <context context-type="linenumber">76</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/iam/policies/details/team/team.component.ts</context>
-          <context context-type="linenumber">90</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/iam/policies/index/index.component.ts</context>
-          <context context-type="linenumber">80</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/iam/team/details/direct-policies/direct-policies.component.ts</context>
-          <context context-type="linenumber">75</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/iam/team/details/direct-policies/direct-policies.component.ts</context>
-          <context context-type="linenumber">89</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/iam/team/details/groups/groups.component.ts</context>
-          <context context-type="linenumber">81</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/iam/team/details/groups/groups.component.ts</context>
-          <context context-type="linenumber">95</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/iam/team/details/setting/setting.component.ts</context>
-          <context context-type="linenumber">51</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/iam/team/index/index.component.ts</context>
-          <context context-type="linenumber">72</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/segments/details/setting/setting.component.ts</context>
-          <context context-type="linenumber">60</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/segments/details/targeting/targeting.component.ts</context>
-          <context context-type="linenumber">136</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/segments/index/index.component.ts</context>
-          <context context-type="linenumber">41</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/segments/index/index.component.ts</context>
-          <context context-type="linenumber">63</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/segments/index/index.component.ts</context>
-          <context context-type="linenumber">76</context>
-        </context-group>
-        <target>操作成功</target>
-      </trans-unit>
       <trans-unit id="common.operation-failed" datatype="html">
         <source>Operation failed</source>
         <context-group purpose="location">
@@ -1829,11 +1493,11 @@
         </context-group>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/features/safe/iam/components/policy-editor/policy-editor.component.ts</context>
-          <context context-type="linenumber">132</context>
+          <context context-type="linenumber">133</context>
         </context-group>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/features/safe/iam/components/policy-editor/policy-editor.component.ts</context>
-          <context context-type="linenumber">135</context>
+          <context context-type="linenumber">136</context>
         </context-group>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/features/safe/iam/groups/details/policies/policies.component.ts</context>
@@ -2597,62 +2261,6 @@
         </context-group>
         <target>您没有查看项目环境列表的权限， 请联系账户管理员添加相关权限</target>
       </trans-unit>
-      <trans-unit id="common.copy-success" datatype="html">
-        <source>Copied</source>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/core/components/header/header.component.ts</context>
-          <context context-type="linenumber">160</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/core/components/user-segments-flags-drawer/user-segments-flags-drawer.component.ts</context>
-          <context context-type="linenumber">60</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/feature-flags/details/setting/setting.component.ts</context>
-          <context context-type="linenumber">42</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/feature-flags/index/index.component.ts</context>
-          <context context-type="linenumber">204</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/feature-flags/index/index.component.ts</context>
-          <context context-type="linenumber">373</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/iam/components/policy-editor/policy-editor.component.ts</context>
-          <context context-type="linenumber">140</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/iam/groups/details/setting/setting.component.ts</context>
-          <context context-type="linenumber">80</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/iam/groups/index/index.component.ts</context>
-          <context context-type="linenumber">78</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/iam/policies/details/setting/setting.component.ts</context>
-          <context context-type="linenumber">80</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/iam/policies/index/index.component.ts</context>
-          <context context-type="linenumber">88</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/iam/team/details/setting/setting.component.ts</context>
-          <context context-type="linenumber">58</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/iam/team/index/index.component.ts</context>
-          <context context-type="linenumber">92</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/organizations/project/project.component.ts</context>
-          <context context-type="linenumber">181</context>
-        </context-group>
-        <target>复制成功</target>
-      </trans-unit>
       <trans-unit id="common.feedback-success-message" datatype="html">
         <source>Thank you for sending us your feedback, we&apos;ll get back to you very soon!</source>
         <context-group purpose="location">
@@ -2985,70 +2593,6 @@
         </context-group>
         <target>低于基准值</target>
       </trans-unit>
-      <trans-unit id="common.operation-failed-try-again" datatype="html">
-        <source>Operation failed, please try again</source>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/core/components/metric-drawer/metric-drawer.component.ts</context>
-          <context context-type="linenumber">244</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/core/components/target-user/target-user.component.ts</context>
-          <context context-type="linenumber">127</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/core/components/target-user/target-user.component.ts</context>
-          <context context-type="linenumber">159</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/feature-flags/details/experimentation/experimentation.component.ts</context>
-          <context context-type="linenumber">213</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/feature-flags/details/experimentation/experimentation.component.ts</context>
-          <context context-type="linenumber">229</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/feature-flags/details/experimentation/experimentation.component.ts</context>
-          <context context-type="linenumber">296</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/feature-flags/details/experimentation/experimentation.component.ts</context>
-          <context context-type="linenumber">309</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/feature-flags/details/setting/setting.component.ts</context>
-          <context context-type="linenumber">283</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/feature-flags/details/targeting/targeting.component.ts</context>
-          <context context-type="linenumber">109</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/feature-flags/index/index.component.ts</context>
-          <context context-type="linenumber">339</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/onboarding/steps/steps.component.ts</context>
-          <context context-type="linenumber">63</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/organizations/project/project.component.ts</context>
-          <context context-type="linenumber">253</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/organizations/project/project.component.ts</context>
-          <context context-type="linenumber">287</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/organizations/project/project.component.ts</context>
-          <context context-type="linenumber">303</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/segments/index/index.component.ts</context>
-          <context context-type="linenumber">79</context>
-        </context-group>
-        <target>操作失败，请重试</target>
-      </trans-unit>
       <trans-unit id="org.org.createOrg" datatype="html">
         <source>Create organization</source>
         <context-group purpose="location">
@@ -5876,7 +5420,7 @@
         </context-group>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/features/safe/iam/components/policy-editor/policy-editor.component.ts</context>
-          <context context-type="linenumber">142</context>
+          <context context-type="linenumber">143</context>
         </context-group>
         <target>系统托管策略不允许被修改。 如确有需要，可以复制以后再根据需求进行修改。</target>
       </trans-unit>
@@ -5924,7 +5468,7 @@
         <source>Make sure resource and operation are set for all permissions</source>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/features/safe/iam/components/policy-editor/policy-editor.component.ts</context>
-          <context context-type="linenumber">148</context>
+          <context context-type="linenumber">149</context>
         </context-group>
         <target>请确保已设置所有权限的资源和操作</target>
       </trans-unit>

From a00d40edf40cd59ad989fa1c86dad0409787f97b Mon Sep 17 00:00:00 2001
From: cosmos-explorer <lian.yang.work@gmail.com>
Date: Thu, 16 Mar 2023 09:30:12 +0100
Subject: [PATCH 28/44] more work

---
 .../Application/AccessTokens/AccessTokenVm.cs |   2 +-
 .../AccessTokens/CreateAccessToken.cs         |  12 +-
 .../src/Domain/AccessTokens/AccessToken.cs    |   6 +-
 .../access-token-drawer.component.html        |  79 +++---
 .../access-token-drawer.component.less        | 106 ++++---
 .../access-token-drawer.component.ts          | 157 +++++------
 modules/front-end/src/app/core/core.module.ts |  92 ++++---
 .../src/app/core/guards/accessTokens.guard.ts |   2 +-
 .../src/app/core/pipes/translation.pipe.ts    |  19 +-
 .../app/core/services/access-token.service.ts |   5 +-
 .../translations/iam-operation.translation.ts |   8 -
 .../policy-editor.component.html              |   4 +-
 .../src/app/features/safe/iam/types/policy.ts |  10 +-
 .../access-tokens/index/index.component.ts    |  14 +-
 .../access-tokens/types/access-token.ts       |   2 +
 .../access-tokens/types/permission-helper.ts  |  53 ++++
 .../front-end/src/app/shared/permissions.ts   |   4 +-
 modules/front-end/src/app/shared/policy.ts    |  75 ++---
 modules/front-end/src/locale/messages.xlf     | 245 +++++++++--------
 modules/front-end/src/locale/messages.zh.xlf  | 258 +++++++++---------
 modules/front-end/src/styles-common.less      |   7 +-
 21 files changed, 609 insertions(+), 551 deletions(-)
 delete mode 100644 modules/front-end/src/app/core/translations/iam-operation.translation.ts
 create mode 100644 modules/front-end/src/app/features/safe/integrations/access-tokens/types/permission-helper.ts

diff --git a/modules/back-end/src/Application/AccessTokens/AccessTokenVm.cs b/modules/back-end/src/Application/AccessTokens/AccessTokenVm.cs
index e4660e40f..fdaa4bfb8 100644
--- a/modules/back-end/src/Application/AccessTokens/AccessTokenVm.cs
+++ b/modules/back-end/src/Application/AccessTokens/AccessTokenVm.cs
@@ -15,7 +15,7 @@ public class AccessTokenVm
     public string Token { get; set; }
     public MemberVm Creator { get; set; }
 
-    public IEnumerable<Policy> Policies { get; set; }
+    public IEnumerable<PolicyStatement> Permissions { get; set; }
     
     public DateTime? LastUsedAt { get; set; }
 }
\ No newline at end of file
diff --git a/modules/back-end/src/Application/AccessTokens/CreateAccessToken.cs b/modules/back-end/src/Application/AccessTokens/CreateAccessToken.cs
index 80f18d6d3..c16d491cc 100644
--- a/modules/back-end/src/Application/AccessTokens/CreateAccessToken.cs
+++ b/modules/back-end/src/Application/AccessTokens/CreateAccessToken.cs
@@ -14,7 +14,7 @@ public class CreateAccessToken : IRequest<AccessTokenVm>
 
     public string Type { get; set; }
 
-    public IEnumerable<Guid> PolicyIds { get; set; }
+    public IEnumerable<PolicyStatement> Permissions { get; set; }
 }
 
 public class CreateAccessTokenValidator : AbstractValidator<CreateAccessToken>
@@ -27,8 +27,8 @@ public CreateAccessTokenValidator()
         RuleFor(x => x.Type)
             .Must(AccessTokenTypes.IsDefined).WithErrorCode(ErrorCodes.InvalidAccessTokenType);
         
-        RuleFor(x => x.PolicyIds)
-            .Must(PolicyIds => PolicyIds.Any())
+        RuleFor(x => x.Permissions)
+            .Must(Permissions => Permissions.Any())
             .Unless(x => x.Type == AccessTokenTypes.Personal)
             .WithErrorCode(ErrorCodes.ServiceAccessTokenMustDefinePolicies);
     }
@@ -51,13 +51,13 @@ public CreateAccessTokenHandler(IAccessTokenService service, IPolicyService poli
 
     public async Task<AccessTokenVm> Handle(CreateAccessToken request, CancellationToken cancellationToken)
     {
-        var policies = Enumerable.Empty<Policy>();
+        var permissions = request.Permissions;
         if (request.Type == AccessTokenTypes.Service)
         {
-            policies = await _policyService.FindManyAsync((x) => request.PolicyIds.Contains(x.Id));
+            // TODO check currentUser has all the permissions
         }
         
-        var accessToken = new AccessToken(request.OrganizationId, _currentUser.Id, request.Name, request.Type, policies);
+        var accessToken = new AccessToken(request.OrganizationId, _currentUser.Id, request.Name, request.Type, permissions);
 
         await _service.AddOneAsync(accessToken);
 
diff --git a/modules/back-end/src/Domain/AccessTokens/AccessToken.cs b/modules/back-end/src/Domain/AccessTokens/AccessToken.cs
index 4b9a5b9f8..5759e5814 100644
--- a/modules/back-end/src/Domain/AccessTokens/AccessToken.cs
+++ b/modules/back-end/src/Domain/AccessTokens/AccessToken.cs
@@ -14,7 +14,7 @@ public class AccessToken : AuditedEntity
     public string Token { get; set; }
     public Guid CreatorId { get; set; }
 
-    public ICollection<Policy> Policies { get; set; }
+    public IEnumerable<PolicyStatement> Permissions { get; set; }
     
     public DateTime? LastUsedAt { get; set; }
 
@@ -34,7 +34,7 @@ private string NewToken()
         return $"api-{header}{guid}";
     }
     
-    public AccessToken(Guid organizationId, Guid creatorId, string name, string type, IEnumerable<Policy> policies)
+    public AccessToken(Guid organizationId, Guid creatorId, string name, string type, IEnumerable<PolicyStatement> permissions)
     {
         OrganizationId = organizationId;
         CreatorId = creatorId;
@@ -42,7 +42,7 @@ public AccessToken(Guid organizationId, Guid creatorId, string name, string type
         
         Status = AccessTokenStatus.Active;
         Type = type;
-        Policies = policies.ToArray();
+        Permissions = permissions;
 
         Token = NewToken();
     }
diff --git a/modules/front-end/src/app/core/components/access-token-drawer/access-token-drawer.component.html b/modules/front-end/src/app/core/components/access-token-drawer/access-token-drawer.component.html
index f8535ac65..ff4281e52 100644
--- a/modules/front-end/src/app/core/components/access-token-drawer/access-token-drawer.component.html
+++ b/modules/front-end/src/app/core/components/access-token-drawer/access-token-drawer.component.html
@@ -5,7 +5,7 @@
   nzPlacement="right"
   i18n-nzTitle="@@integrations.access-token.access-token-drawer.title"
   nzTitle="Add access token"
-  [nzWidth]="500"
+  [nzWidth]="700"
   (nzOnClose)="onClose()"
   [nzFooter]="footer">
   <ng-container *nzDrawerContent>
@@ -39,50 +39,43 @@
           </nz-select>
         </nz-form-control>
       </nz-form-item>
+    </form>
+    <!-- Permissions -->
+    <div *ngIf="isServiceAccessToken" class="permissions">
+      <nz-form-label nzRequired i18n="@@common.permissions">Permissions</nz-form-label>
+      <div class="">
+        <nz-collapse nzExpandIconPosition="right">
+          <nz-collapse-panel class="resource-type"
+                             *ngFor="let rt of authorizedResourceTypes; let first=first;"
+                             [nzHeader]="rt.displayName"
+                             [nzActive]="first"
+          >
+            <div class="permissions">
+              <label *ngIf="!isEditing"
+                nz-checkbox
+                [(ngModel)]="permissions[rt.type].allChecked"
+                (ngModelChange)="updatePermissionsAllChecked(permissions[rt.type])"
+                [nzIndeterminate]="permissions[rt.type].indeterminate"
+                i18n="@@common.all"
+              >All</label>
+              <div *ngFor="let permission of permissions[rt.type].statements" class="permission">
+                <div class="permission-header">
+                  <label *ngIf="isEditing">{{permission.action.displayName}} ({{permission.action.name}})</label>
+                  <label *ngIf="!isEditing" nz-checkbox [(ngModel)]="permission.checked" (ngModelChange)="updatePermissionSingleChecked(permissions[rt.type])">{{permission.action.displayName}} ({{permission.action.name}})</label>
+                  <i nz-icon [nz-tooltip]="permission.action.description" nzType="icons:icon-info-outline"></i>
+                </div>
 
-      <!-- Policies -->
-      <nz-form-item *ngIf="isServiceAccessToken">
-        <nz-form-label nzRequired i18n="@@common.policies">Policies</nz-form-label>
-        <nz-form-control>
-          <nz-select #policyNodeSelector [nzDisabled]="isEditing"
-            formControlName="policy"
-            i18n-nzPlaceHolder="@@integrations.access-token.select-policies"
-            nzPlaceHolder="Select policies"
-            nzShowSearch
-            nzServerSearch
-            [compareWith]="policyCompareWith"
-            (ngModelChange)="onPolicySelectChange()"
-            (nzOnSearch)="policyDebouncer.next($event)">
-            <ng-container *ngFor="let policy of policySearchResultList">
-              <nz-option nzCustomContent *ngIf="!isLoadingPolicies" [nzLabel]="policy.name" [nzValue]="policy">
-                <span style="display: flex;justify-content: space-between;align-items: center">
-                  <span>
-                  <i *ngIf="policy.type === 'SysManaged'" style="color: #28a17d;" nz-icon nzType="star" nzTheme="outline"></i>
-                    {{ policy.name }}
-                  </span>
-                  <i *ngIf="policy.isSelected" nz-icon nzType="close"></i>
-                </span>
-              </nz-option>
-            </ng-container>
-            <nz-option *ngIf="isLoadingPolicies" nzDisabled nzCustomContent>
-              <i nz-icon nzType="loading" class="loading-icon"></i> <ng-container i18n="@@common.loading">Loading...</ng-container>
-            </nz-option>
-          </nz-select>
-        </nz-form-control>
-        <div class="selected-policies" nz-row *ngIf="selectedPolicyList.length">
-          <div nz-col class="policy" *ngFor="let policy of selectedPolicyList">
-            <div class="inner-box">
-              <i *ngIf="policy.type === 'SysManaged'" style="color: #28a17d;" nz-icon nzType="star" nzTheme="outline"></i>
-              {{ policy.name }}
+                <div class="permission-resources">
+                  <div *ngFor="let resource of permission['resources']" class="permission-resource">
+                    {{resource}}
+                  </div>
+                </div>
+              </div>
             </div>
-            <button [disabled]="isEditing" nz-button nzType="default" [nzSize]="'large'" (click)="removePolicy(policy)"><i nz-icon nzType="close"></i></button>
-          </div>
-        </div>
-
-        <div class="error-message" *ngIf="!isPolicyIdsValid" i18n="@@integrations.access-token.service-access-token-must-define-policies">Policies are mandatory for service type access tokens</div>
-
-      </nz-form-item>
-    </form>
+          </nz-collapse-panel>
+        </nz-collapse>
+      </div>
+    </div>
   </ng-container>
   <ng-template #extra>
     <i (click)="onClose()" nz-icon nzType="icons:icon-close"></i>
diff --git a/modules/front-end/src/app/core/components/access-token-drawer/access-token-drawer.component.less b/modules/front-end/src/app/core/components/access-token-drawer/access-token-drawer.component.less
index ea11d5fcc..d5030f94a 100644
--- a/modules/front-end/src/app/core/components/access-token-drawer/access-token-drawer.component.less
+++ b/modules/front-end/src/app/core/components/access-token-drawer/access-token-drawer.component.less
@@ -23,48 +23,78 @@
   font-size: 15px;
 }
 
-.selected-policies {
-  border: 1px solid @grey20-color;
-  background-color: #ffffff;
-  padding: 5px 0 1px 6px;
-  box-sizing: border-box;
-  border-radius: 8px;
-  margin-bottom: 12px;
-  margin-top: 12px;
+.resource-type {
+    .permissions {
+      display: flex;
+      flex-direction: column;
+      gap: 8px;
 
-  .policy {
-    display: flex;
-    margin-bottom: 4px;
-    margin-right: 10px;
+      .permission {
+        display: flex;
+        flex-direction: column;
 
-    .inner-box {
-      width: 182px;
-      border-top-left-radius: 4px;
-      border-bottom-left-radius: 4px;
-      padding: 4px 7px 6px 7px;
-      background: @grey20-color;
-      height: 23px;
-      line-height: 15px;
-      overflow: hidden;
-      text-overflow: ellipsis;
-      cursor: pointer;
-      white-space: nowrap;
-    }
+        .permission-header {
+          display: flex;
+          justify-content: flex-start;
+          gap: 8px;
+          align-items: center;
+        }
 
-    button {
-      display: flex;
-      background: @grey20-color;
-      border-top-right-radius: 4px;
-      border-bottom-right-radius: 4px;
-      height: 23px;
-      width: 15px;
-      border: 0;
+        .permission-resources {
+          border-top: 1px solid @grey40-color;
+          display: flex;
+          flex-direction: column;
 
-      i {
-        width:10px;
-        height: 10px;
-        font-size: 10px;
+          .permission-resource {
+            padding: 0 8px;
+          }
+        }
       }
     }
-  }
 }
+
+//.selected-policies {
+//  border: 1px solid @grey20-color;
+//  background-color: #ffffff;
+//  padding: 5px 0 1px 6px;
+//  box-sizing: border-box;
+//  border-radius: 8px;
+//  margin-bottom: 12px;
+//  margin-top: 12px;
+//
+//  .policy {
+//    display: flex;
+//    margin-bottom: 4px;
+//    margin-right: 10px;
+//
+//    .inner-box {
+//      width: 182px;
+//      border-top-left-radius: 4px;
+//      border-bottom-left-radius: 4px;
+//      padding: 4px 7px 6px 7px;
+//      background: @grey20-color;
+//      height: 23px;
+//      line-height: 15px;
+//      overflow: hidden;
+//      text-overflow: ellipsis;
+//      cursor: pointer;
+//      white-space: nowrap;
+//    }
+//
+//    button {
+//      display: flex;
+//      background: @grey20-color;
+//      border-top-right-radius: 4px;
+//      border-bottom-right-radius: 4px;
+//      height: 23px;
+//      width: 15px;
+//      border: 0;
+//
+//      i {
+//        width:10px;
+//        height: 10px;
+//        font-size: 10px;
+//      }
+//    }
+//  }
+//}
diff --git a/modules/front-end/src/app/core/components/access-token-drawer/access-token-drawer.component.ts b/modules/front-end/src/app/core/components/access-token-drawer/access-token-drawer.component.ts
index 4eeecc425..88319d472 100644
--- a/modules/front-end/src/app/core/components/access-token-drawer/access-token-drawer.component.ts
+++ b/modules/front-end/src/app/core/components/access-token-drawer/access-token-drawer.component.ts
@@ -9,51 +9,55 @@ import {
   IAccessTokenPolicy
 } from "@features/safe/integrations/access-tokens/types/access-token";
 import { NzSelectComponent } from "ng-zorro-antd/select";
-import { Subject } from "rxjs";
 import { AccessTokenService } from "@services/access-token.service";
 import { PermissionsService } from "@services/permissions.service";
 import { generalResourceRNPattern, permissionActions } from "@shared/permissions";
 import { PolicyFilter } from "@features/safe/iam/types/policy";
-import { IFeatureFlag } from "@features/safe/feature-flags/types/details";
 import { NzModalService } from "ng-zorro-antd/modal";
 import { copyToClipboard } from "@utils/index";
+import {
+  preProcessPermissions,
+  IPermissionStatementGroup, postProcessPermissions
+} from "@features/safe/integrations/access-tokens/types/permission-helper";
+import {
+  IPolicyStatement,
+  ResourceType, ResourceTypeAccessToken,
+  ResourceTypeEnv,
+  ResourceTypeProject
+} from "@shared/policy";
 
 @Component({
   selector: 'access-token-drawer',
   templateUrl: './access-token-drawer.component.html',
   styleUrls: ['./access-token-drawer.component.less']
 })
-export class AccessTokenDrawerComponent implements OnInit {
-
-  public policyCompareWith: (obj1: IAccessTokenPolicy, obj2: IAccessTokenPolicy) => boolean = (obj1: IAccessTokenPolicy, obj2: IAccessTokenPolicy) => {
-    if (obj1 && obj2) {
-      return obj1.id === obj2.id;
-    } else {
-      return false;
-    }
-  };
-
+export class AccessTokenDrawerComponent {
   private _accessToken: IAccessToken;
   isEditing: boolean = false;
 
+  resourceTypes: ResourceType[] = [ResourceTypeAccessToken, ResourceTypeProject, ResourceTypeEnv]; // TODO replace with real open API resource types
+  authorizedResourceTypes: ResourceType[] = [];
+  permissions: { [key: string]: IPermissionStatementGroup };
   @Input()
   set accessToken(accessToken: IAccessToken) {
     this.isEditing = accessToken && !!accessToken.id;
-    if (accessToken) {
-      this.selectedPolicyList = accessToken.policies.map((p) => ({...p, isSelected: true}));
-      this.isServiceAccessToken = accessToken.type === AccessTokenTypeEnum.Service;
-      this.patchForm(accessToken);
+    if (this.isEditing) {
+      this.permissions = preProcessPermissions(accessToken.permissions);
+      this.authorizedResourceTypes = this.resourceTypes.filter((rt) => this.permissions[rt.type]?.statements?.length > 0);
     } else {
-      this.resetForm();
+      accessToken = { name: null, type: AccessTokenTypeEnum.Personal};
+      this.setAuthorizedPermissions();
     }
+
+    this.isServiceAccessToken = accessToken.type === AccessTokenTypeEnum.Service;
+    this.patchForm(accessToken);
     this._accessToken = accessToken;
+
   }
 
   @Input() visible: boolean = false;
   @Output() close: EventEmitter<any> = new EventEmitter();
 
-  policyDebouncer = new Subject<string>();
-
   canTakeActionOnPersonalAccessToken = false;
   canTakeActionOnServiceAccessToken = false;
   constructor(
@@ -64,29 +68,20 @@ export class AccessTokenDrawerComponent implements OnInit {
     private modal: NzModalService,
     private message: NzMessageService
   ) {
-    this.policyDebouncer.pipe(
-      debounceTime(100),
-    ).subscribe(query => this.searchPolicies(query));
+    this.form = this.fb.group({
+      name: ['', [Validators.required], [this.nameAsyncValidator], 'change'],
+      type: [AccessTokenTypeEnum.Personal, [Validators.required]]
+    });
 
-    this.canTakeActionOnPersonalAccessToken = this.permissionsService.canTakeAction(generalResourceRNPattern.account, permissionActions.CreatePersonalAccessTokens);
-    this.canTakeActionOnServiceAccessToken = this.permissionsService.canTakeAction(generalResourceRNPattern.account, permissionActions.CreateServiceAccessTokens);
+    this.canTakeActionOnPersonalAccessToken = this.permissionsService.canTakeAction(generalResourceRNPattern.accessToken, permissionActions.ManagePersonalAccessTokens);
+    this.canTakeActionOnServiceAccessToken = this.permissionsService.canTakeAction(generalResourceRNPattern.accessToken, permissionActions.ManageServiceAccessTokens);
   }
 
   isServiceAccessToken: boolean = false
 
   @ViewChild("policyNodeSelector", {static: false}) policySelectNode: NzSelectComponent;
-  selectedPolicyList: IAccessTokenPolicy[] = [];
-  policySearchResultList: IAccessTokenPolicy[] = [];
   form: FormGroup;
 
-  ngOnInit(): void {
-    this.form = this.fb.group({
-      name: ['', [Validators.required], [this.nameAsyncValidator], 'change'],
-      type: [AccessTokenTypeEnum.Personal, [Validators.required]],
-      policy: [null, []]
-    });
-  }
-
   get accessToken() {
     return this._accessToken;
   }
@@ -121,60 +116,22 @@ export class AccessTokenDrawerComponent implements OnInit {
   onTypeChange() {
     const {type} = this.form.value;
     this.isServiceAccessToken = type === AccessTokenTypeEnum.Service;
-    this.selectedPolicyList = [];
     this.resetPolicy();
   }
 
-  onPolicySelectChange() {
-    const {policy} = this.form.value;
-
-    if (this.selectedPolicyList.some((sp) => sp.id === policy.id)) {
-      this.selectedPolicyList = this.selectedPolicyList.filter((sp) => sp.id !== policy.id);
-    } else {
-      this.selectedPolicyList = [...this.selectedPolicyList, {...policy}];
-    }
-
-    this.policySearchResultList = this.policySearchResultList.map((p) => ({
-      ...p,
-      isSelected: this.selectedPolicyList.some((sp => sp.id === p.id))
-    }));
-    this.policySelectNode.writeValue(undefined);
-    this.validatePoliciesControl();
-  }
-
-  removePolicy(policy: IAccessTokenPolicy) {
-    this.selectedPolicyList = this.selectedPolicyList.filter((p) => p.id !== policy.id);
-    this.validatePoliciesControl();
-  }
-
-  isLoadingPolicies = false;
-  searchPolicies(query: string = '') {
+  setAuthorizedPermissions() {
     const hasOwnerPolicy = this.permissionsService.policies.some((policy) => policy.name === 'Owner' && policy.type === 'SysManaged');
 
     if (hasOwnerPolicy) {
-      this.isLoadingPolicies = true;
-
-      this.policyService.getList(new PolicyFilter(query, 1, 50)).subscribe({
+      this.policyService.getList(new PolicyFilter('', 1, 100)).subscribe({
         next: policies => {
-          this.policySearchResultList = policies.items.map(p => ({
-            ...p,
-            isSelected: this.selectedPolicyList.some((sp => sp.id === p.id))
-          }));
-
-          this.isLoadingPolicies = false;
-        }, error: () => this.isLoadingPolicies = false
+          this.permissions = preProcessPermissions(policies.items.flatMap(p => p.statements));
+          this.authorizedResourceTypes = this.resourceTypes.filter((rt) => this.permissions[rt.type]?.statements?.length > 0);
+        }
       });
     } else {
-      const regex = new RegExp(query,'ig');
-      this.policySearchResultList = this.permissionsService.policies
-        .filter((policy) => query === '' || policy.name.match(regex))
-        .map((policy) => ({
-            ...policy,
-            isSelected: this.selectedPolicyList.some((sp => sp.id === policy.id))
-          })
-        );
+      this.permissions = preProcessPermissions(this.permissionsService.permissions);
     }
-
   }
 
   nameAsyncValidator = (control: FormControl) => control.valueChanges.pipe(
@@ -193,38 +150,45 @@ export class AccessTokenDrawerComponent implements OnInit {
     first()
   );
 
-  isLoading: boolean = false;
-  isPolicyIdsValid = true;
+  updatePermissionsAllChecked(statementGroup: IPermissionStatementGroup) {
+    statementGroup.indeterminate = false;
+    if (statementGroup.allChecked) {
+      statementGroup.statements = statementGroup.statements.map(item => ({
+        ...item,
+        checked: true
+      }));
+    } else {
+      statementGroup.statements = statementGroup.statements.map(item => ({
+        ...item,
+        checked: false
+      }));
+    }
+  }
 
-  validatePoliciesControl() {
-    const policyControl = this.form.get('policy');
-    if (this.isServiceAccessToken && this.selectedPolicyList.length === 0) {
-      policyControl.setValidators(Validators.required);
-      policyControl.setErrors({required: true});
-      this.isPolicyIdsValid = false;
+  updatePermissionSingleChecked(statementGroup: IPermissionStatementGroup){
+    if (statementGroup.statements.every(item => !item.checked)) {
+      statementGroup.allChecked = false;
+      statementGroup.indeterminate = false;
+    } else if (statementGroup.statements.every(item => item.checked)) {
+      statementGroup.allChecked = true;
+      statementGroup.indeterminate = false;
     } else {
-      policyControl.clearValidators();
-      policyControl.markAsPristine();
-      this.isPolicyIdsValid = true;
+      statementGroup.indeterminate = true;
     }
   }
 
+  isLoading: boolean = false;
+
   tokenName = '';
   tokenValue = '';
   isCreationConfirmModalVisible = false;
   doSubmit() {
-    // we validate name and type only here
     if (this.form.invalid) {
       for (const i in this.form.controls) {
         this.form.controls[i].markAsDirty();
         this.form.controls[i].updateValueAndValidity();
       }
-    }
 
-    // validate policies
-    this.validatePoliciesControl();
-
-    if (this.form.invalid || !this.isPolicyIdsValid) {
       return;
     }
 
@@ -234,6 +198,7 @@ export class AccessTokenDrawerComponent implements OnInit {
       this.message.warning($localize `:@@permissions.need-permissions-to-operate:You don't have permissions to take this action, please contact the admin to grant you the necessary permissions`);
       return;
     }
+
     this.isLoading = true;
     if (this.isEditing) {
       this.accessTokenService.update(this.accessToken.id, name).subscribe({
@@ -249,7 +214,7 @@ export class AccessTokenDrawerComponent implements OnInit {
         }
       );
     } else {
-      const policies = this.isServiceAccessToken ? this.selectedPolicyList.map(p => p.id) : [];
+      const policies = this.isServiceAccessToken ? postProcessPermissions(this.permissions) : [];
 
       this.accessTokenService.create(name, type, policies).subscribe({
           next: ({id, name, token}) => {
diff --git a/modules/front-end/src/app/core/core.module.ts b/modules/front-end/src/app/core/core.module.ts
index d049483d8..950d75890 100644
--- a/modules/front-end/src/app/core/core.module.ts
+++ b/modules/front-end/src/app/core/core.module.ts
@@ -82,6 +82,7 @@ import { NzInputNumberModule } from "ng-zorro-antd/input-number";
 import { AccessTokenDrawerComponent } from "@core/components/access-token-drawer/access-token-drawer.component";
 import { AccessTokenTypePipe } from "@core/pipes/access-token-type.pipe";
 import { AccessTokenStatusPipe } from "@core/pipes/access-token-status.pipe";
+import { NzCollapseModule } from "ng-zorro-antd/collapse";
 
 @NgModule({
   declarations: [
@@ -123,51 +124,52 @@ import { AccessTokenStatusPipe } from "@core/pipes/access-token-status.pipe";
     ChangeReviewComponent,
     AccessTokenDrawerComponent
   ],
-  imports: [
-    CommonModule,
-    FormsModule,
-    OverlayModule,
-    ReactiveFormsModule,
-    RouterModule,
-    NzFormModule,
-    NzIconModule,
-    NzMenuModule,
-    NzModalModule,
-    NzInputModule,
-    NzOutletModule,
-    NzButtonModule,
-    NzDrawerModule,
-    NzMessageModule,
-    NzOverlayModule,
-    NzDropDownModule,
-    NzTableModule,
-    NzSelectModule,
-    NzDividerModule,
-    NzSpaceModule,
-    NzSpinModule,
-    NzRadioModule,
-    NzUploadModule,
-    NzTagModule,
-    NzToolTipModule,
-    NzListModule,
-    NzCheckboxModule,
-    NzTabsModule,
-    NzPopconfirmModule,
-    NzStepsModule,
-    NzAlertModule,
-    NzResultModule,
-    NzLayoutModule,
-    NzImageModule,
-    NzPopoverModule,
-    NzCodeEditorModule,
-    NzCardModule,
-    NzTypographyModule,
-    NzDatePickerModule,
-    NzEmptyModule,
-    NzTimelineModule,
-    NzBreadCrumbModule,
-    NzInputNumberModule
-  ],
+    imports: [
+        CommonModule,
+        FormsModule,
+        OverlayModule,
+        ReactiveFormsModule,
+        RouterModule,
+        NzFormModule,
+        NzIconModule,
+        NzMenuModule,
+        NzModalModule,
+        NzInputModule,
+        NzOutletModule,
+        NzButtonModule,
+        NzDrawerModule,
+        NzMessageModule,
+        NzOverlayModule,
+        NzDropDownModule,
+        NzTableModule,
+        NzSelectModule,
+        NzDividerModule,
+        NzSpaceModule,
+        NzSpinModule,
+        NzRadioModule,
+        NzUploadModule,
+        NzTagModule,
+        NzToolTipModule,
+        NzListModule,
+        NzCheckboxModule,
+        NzTabsModule,
+        NzPopconfirmModule,
+        NzStepsModule,
+        NzAlertModule,
+        NzResultModule,
+        NzLayoutModule,
+        NzImageModule,
+        NzPopoverModule,
+        NzCodeEditorModule,
+        NzCardModule,
+        NzTypographyModule,
+        NzDatePickerModule,
+        NzEmptyModule,
+        NzTimelineModule,
+        NzBreadCrumbModule,
+        NzInputNumberModule,
+        NzCollapseModule
+    ],
   exports: [
     CommonModule,
     ReactiveFormsModule,
diff --git a/modules/front-end/src/app/core/guards/accessTokens.guard.ts b/modules/front-end/src/app/core/guards/accessTokens.guard.ts
index c11c0c1b6..a9bf8ce4a 100644
--- a/modules/front-end/src/app/core/guards/accessTokens.guard.ts
+++ b/modules/front-end/src/app/core/guards/accessTokens.guard.ts
@@ -22,7 +22,7 @@ export class AccessTokensGuard implements CanActivate {
   }
 
   async checkPermission(url: string): Promise<boolean | UrlTree> {
-    const canListAccessTokens = !!this.permissionsService.canTakeAction(generalResourceRNPattern.account, permissionActions.ListAccessTokens);
+    const canListAccessTokens = !!this.permissionsService.canTakeAction(generalResourceRNPattern.accessToken, permissionActions.ListAccessTokens);
 
     if (!canListAccessTokens) {
       this.message.warning(this.permissionsService.genericDenyMessage);
diff --git a/modules/front-end/src/app/core/pipes/translation.pipe.ts b/modules/front-end/src/app/core/pipes/translation.pipe.ts
index f3475e3e1..0e178776f 100644
--- a/modules/front-end/src/app/core/pipes/translation.pipe.ts
+++ b/modules/front-end/src/app/core/pipes/translation.pipe.ts
@@ -1,12 +1,11 @@
 import {Inject, LOCALE_ID, Pipe, PipeTransform} from "@angular/core";
 import ResourceTranslation from "@core/translations/resource.translation";
-import IamOperationTranslation from "@core/translations/iam-operation.translation";
 import ExptStatusTranslation from "@core/translations/expt-status.translation";
 import TriggerTypeTranslation from "@core/translations/trigger-type.translation";
 
 const translationType = {
   resource: 'resource',
-  op: 'operation',
+  effect: 'effect',
   exptStatus: 'expt-status',
   triggerType: 'trigger-type'
 }
@@ -16,14 +15,22 @@ export class TranslationPipe implements PipeTransform {
   constructor(@Inject(LOCALE_ID) private locale: string) {
   }
 
-  transform(value, defaultValue, type: 'resource' | 'operation' | 'expt-status' | 'trigger-type') {
-    let result;
+  transform(value, defaultValue, type: 'resource' | 'effect' | 'expt-status' | 'trigger-type') {
+    let result = null;
     switch (type){
       case translationType.resource:
         result = ResourceTranslation[value] ? ResourceTranslation[value][this.locale] : null
         break;
-      case translationType.op:
-        result = IamOperationTranslation[value] ? IamOperationTranslation[value][this.locale] : null
+      case translationType.effect:
+        const effectAllow = new RegExp('allow', 'i');
+        const effectDeny = new RegExp('deny', 'i');
+
+        if (value.match(effectAllow)) {
+          result = $localize `:@@iam.effect.allow:Allow`;
+        } else if (value.match(effectDeny)) {
+          result = $localize `:@@iam.effect.deny:Deny`;
+        }
+
         break;
       case translationType.exptStatus:
         result = ExptStatusTranslation[value] ? ExptStatusTranslation[value][this.locale] : null
diff --git a/modules/front-end/src/app/core/services/access-token.service.ts b/modules/front-end/src/app/core/services/access-token.service.ts
index 29c301eb3..2383568d5 100644
--- a/modules/front-end/src/app/core/services/access-token.service.ts
+++ b/modules/front-end/src/app/core/services/access-token.service.ts
@@ -10,6 +10,7 @@ import {
   IPagedAccessToken
 } from "@features/safe/integrations/access-tokens/types/access-token";
 import { IMetric } from "@features/safe/experiments/types";
+import { IPolicyStatement } from "@shared/policy";
 
 @Injectable({
   providedIn: 'root'
@@ -43,8 +44,8 @@ export class AccessTokenService {
     return this.http.get<boolean>(url).pipe(catchError(() => of(undefined)));
   }
 
-  create(name: string, type: string, policyIds: string[] = []): Observable<IAccessToken> {
-    return this.http.post<IAccessToken>(this.baseUrl, { name, type, policyIds });
+  create(name: string, type: string, permissions: IPolicyStatement[] = []): Observable<IAccessToken> {
+    return this.http.post<IAccessToken>(this.baseUrl, { name, type, permissions });
   }
 
   delete(id: string): Observable<boolean> {
diff --git a/modules/front-end/src/app/core/translations/iam-operation.translation.ts b/modules/front-end/src/app/core/translations/iam-operation.translation.ts
deleted file mode 100644
index 74ffc6a67..000000000
--- a/modules/front-end/src/app/core/translations/iam-operation.translation.ts
+++ /dev/null
@@ -1,8 +0,0 @@
-export default {
-  'Allow': {
-    zh: '允许操作'
-  },
-  'Deny':{
-    zh: '禁止操作'
-  }
-}
diff --git a/modules/front-end/src/app/features/safe/iam/components/policy-editor/policy-editor.component.html b/modules/front-end/src/app/features/safe/iam/components/policy-editor/policy-editor.component.html
index 15f996a64..eb3802b1f 100644
--- a/modules/front-end/src/app/features/safe/iam/components/policy-editor/policy-editor.component.html
+++ b/modules/front-end/src/app/features/safe/iam/components/policy-editor/policy-editor.component.html
@@ -45,8 +45,8 @@
         <div class="input-item">
           <div class="title" i18n="@@iam.policies.details.allow-or-deny">Allow or deny</div>
           <nz-select i18n-nzPlaceHolder="@@iam.policies.details.allow-or-deny" nzPlaceHolder="Allow or deny" [(ngModel)]="statement.effect">
-            <nz-option [nzLabel]="'Allow' | T: 'Allow': 'operation'" [nzValue]="'allow'"></nz-option>
-            <nz-option [nzLabel]="'Deny' | T: 'Deny': 'operation'" [nzValue]="'deny'"></nz-option>
+            <nz-option [nzLabel]="'Allow' | T: 'Allow': 'effect'" [nzValue]="'allow'"></nz-option>
+            <nz-option [nzLabel]="'Deny' | T: 'Deny': 'effect'" [nzValue]="'deny'"></nz-option>
           </nz-select>
         </div>
         <div class="input-item">
diff --git a/modules/front-end/src/app/features/safe/iam/types/policy.ts b/modules/front-end/src/app/features/safe/iam/types/policy.ts
index f89ac317c..3b515b3e6 100644
--- a/modules/front-end/src/app/features/safe/iam/types/policy.ts
+++ b/modules/front-end/src/app/features/safe/iam/types/policy.ts
@@ -1,3 +1,5 @@
+import { IPolicyStatement } from "@shared/policy";
+
 export interface IPolicy {
   id: string;
   type: string;
@@ -10,14 +12,6 @@ export interface IPolicy {
   resourceName?: string;
 }
 
-export interface IPolicyStatement {
-  id: string;
-  resourceType: string;
-  effect: string;
-  actions: string[];
-  resources: string[];
-}
-
 export class PolicyFilter {
   name?: string;
   pageIndex: number;
diff --git a/modules/front-end/src/app/features/safe/integrations/access-tokens/index/index.component.ts b/modules/front-end/src/app/features/safe/integrations/access-tokens/index/index.component.ts
index 2ee9a321e..5a2fe1814 100644
--- a/modules/front-end/src/app/features/safe/integrations/access-tokens/index/index.component.ts
+++ b/modules/front-end/src/app/features/safe/integrations/access-tokens/index/index.component.ts
@@ -30,6 +30,7 @@ export class IndexComponent implements OnInit {
 
   canTakeActionOnPersonalAccessToken = false;
   canTakeActionOnServiceAccessToken = false;
+
   constructor(
     private router: Router,
     private message: NzMessageService,
@@ -53,8 +54,8 @@ export class IndexComponent implements OnInit {
       });
     });
 
-    this.canTakeActionOnPersonalAccessToken = this.permissionsService.canTakeAction(generalResourceRNPattern.account, permissionActions.CreatePersonalAccessTokens);
-    this.canTakeActionOnServiceAccessToken = this.permissionsService.canTakeAction(generalResourceRNPattern.account, permissionActions.CreateServiceAccessTokens);
+    this.canTakeActionOnPersonalAccessToken = this.permissionsService.canTakeAction(generalResourceRNPattern.accessToken, permissionActions.ManagePersonalAccessTokens);
+    this.canTakeActionOnServiceAccessToken = this.permissionsService.canTakeAction(generalResourceRNPattern.accessToken, permissionActions.ManageServiceAccessTokens);
   }
 
   private search$ = new Subject();
@@ -107,9 +108,6 @@ export class IndexComponent implements OnInit {
   }
 
   accessTokenDrawerVisible: boolean = false;
-  private openAccessTokenDrawer(){
-    this.accessTokenDrawerVisible = true;
-  }
 
   accessTokenDrawerClosed(data: any) { //{ isEditing: boolean, id: string, name: string }
     this.accessTokenDrawerVisible = false;
@@ -131,10 +129,10 @@ export class IndexComponent implements OnInit {
     }
   }
 
-  currentAccessToken: IAccessToken;
-  creatOrEdit(accessToken: IAccessToken = { name: null, type: AccessTokenTypeEnum.Personal, policies: []}) {
+  currentAccessToken: IAccessToken = { name: null, type: AccessTokenTypeEnum.Personal, permissions: []};
+  creatOrEdit(accessToken: IAccessToken = { name: null, type: AccessTokenTypeEnum.Personal, permissions: []}) {
     this.currentAccessToken = accessToken;
-    this.openAccessTokenDrawer();
+    this.accessTokenDrawerVisible = true;
   }
 
   delete(accessToken: IAccessToken) {
diff --git a/modules/front-end/src/app/features/safe/integrations/access-tokens/types/access-token.ts b/modules/front-end/src/app/features/safe/integrations/access-tokens/types/access-token.ts
index bcfba7446..497bb1db5 100644
--- a/modules/front-end/src/app/features/safe/integrations/access-tokens/types/access-token.ts
+++ b/modules/front-end/src/app/features/safe/integrations/access-tokens/types/access-token.ts
@@ -1,5 +1,6 @@
 import { IPolicy } from "@features/safe/iam/types/policy";
 import { IMember } from "@features/safe/iam/types/member";
+import { IPolicyStatement } from "@shared/policy";
 
 export interface IAccessToken {
   id?: string;
@@ -9,6 +10,7 @@ export interface IAccessToken {
   token?: string;
   name: string;
   policies?: IPolicy[],
+  permissions?: IPolicyStatement[],
   lastUsedAt?: string
 }
 
diff --git a/modules/front-end/src/app/features/safe/integrations/access-tokens/types/permission-helper.ts b/modules/front-end/src/app/features/safe/integrations/access-tokens/types/permission-helper.ts
new file mode 100644
index 000000000..25c31070c
--- /dev/null
+++ b/modules/front-end/src/app/features/safe/integrations/access-tokens/types/permission-helper.ts
@@ -0,0 +1,53 @@
+import { IamPolicyAction, IPolicyStatement, ResourceTypeEnum } from "@shared/policy";
+import { permissionActions } from "@shared/permissions";
+import { uuidv4 } from "@utils/index";
+
+export interface IPermissionStatementGroup {
+  allChecked: boolean,
+  indeterminate: boolean,
+  statements: IPermissionStatement[]
+}
+
+export interface IPermissionStatement extends IPolicyStatement {
+  action: IamPolicyAction;
+  checked: boolean
+}
+
+export const preProcessPermissions = (statements: IPolicyStatement[]): { [key: string]: IPermissionStatementGroup} => {
+  return statements.flatMap((statement) => {
+    const {effect, resourceType, resources} = statement;
+    return statement.actions.map((action) => ({
+      effect,
+      resourceType,
+      resources,
+      action: permissionActions[action]
+    }));
+  }).filter(({effect, resourceType, resources, action}) => action && action.isOpenAPIApplicable)
+    .reduce((acc, cur) => {
+      acc[cur.resourceType] = acc[cur.resourceType] || { allChecked: true, indeterminate: false, statements: [] };
+      const idx = acc[cur.resourceType].statements.findIndex((api) => api.effect ===cur.effect && api.action.name ===cur.action.name && api.effect === 'allow');
+
+      if (idx !== -1) { // duplicate exists
+        const statement = acc[cur.resourceType].statements[idx];
+        const resources = [...statement.resources, ...cur.resources];
+        acc[cur.resourceType].statements.splice(idx, 1, { ...cur, checked: true, resources: resources.filter((resource, idx) => resources.indexOf(resource) === idx)});
+      } else {
+        acc[cur.resourceType].statements.push({...cur, checked: true});
+      }
+
+      return acc;
+    }, {});
+}
+
+export const postProcessPermissions = (permissions: { [key: string]: IPermissionStatementGroup}): IPolicyStatement[] => {
+  return Object.keys(permissions)
+    .flatMap((property) => permissions[property].statements)
+    .filter((statement) => statement.checked)
+    .map(({id, effect, resourceType, resources, action}) => ({
+      id: uuidv4(),
+      effect,
+      resourceType,
+      resources,
+      actions: [action.name]
+    }));
+}
diff --git a/modules/front-end/src/app/shared/permissions.ts b/modules/front-end/src/app/shared/permissions.ts
index b166598cf..2546e3313 100644
--- a/modules/front-end/src/app/shared/permissions.ts
+++ b/modules/front-end/src/app/shared/permissions.ts
@@ -145,7 +145,7 @@ export const permissionActions: {[key: string]: IamPolicyAction} = {
     isOpenAPIApplicable: true,
     isSpecificApplicable: false
   },
-  CreateServiceAccessTokens: {
+  ManageServiceAccessTokens: {
     id: uuidv4(),
     name: 'ManageServiceAccessTokens',
     displayName: $localize`:@@iam.action.manage-service-access-tokens:Manage service access tokens`,
@@ -153,7 +153,7 @@ export const permissionActions: {[key: string]: IamPolicyAction} = {
     isOpenAPIApplicable: true,
     isSpecificApplicable: false
   },
-  CreatePersonalAccessTokens: {
+  ManagePersonalAccessTokens: {
     id: uuidv4(),
     name: 'ManagePersonalAccessTokens',
     displayName: $localize`:@@iam.action.manage-personal-access-tokens:Manage personal access tokens`,
diff --git a/modules/front-end/src/app/shared/policy.ts b/modules/front-end/src/app/shared/policy.ts
index 32030d5bd..d6793280d 100644
--- a/modules/front-end/src/app/shared/policy.ts
+++ b/modules/front-end/src/app/shared/policy.ts
@@ -55,37 +55,48 @@ export interface RNViewModel {
   isInvalid?: boolean
 }
 
+export const ResourceTypeAll: ResourceType = {
+  type: ResourceTypeEnum.All,
+  pattern: generalResourceRNPattern.all,
+  displayName: $localize`:@@iam.rsc-type.all:All`
+};
+
+export const ResourceTypeAccount: ResourceType = {
+  type: ResourceTypeEnum.Account,
+  pattern: generalResourceRNPattern.account,
+  displayName: $localize`:@@iam.rsc-type.account:Account`
+};
+
+export const ResourceTypeIAM: ResourceType = {
+  type: ResourceTypeEnum.IAM,
+  pattern: generalResourceRNPattern.iam,
+  displayName: $localize`:@@iam.rsc-type.iam:IAM`
+};
+
+export const ResourceTypeAccessToken: ResourceType = {
+  type: ResourceTypeEnum.AccessToken,
+  pattern: generalResourceRNPattern.accessToken,
+  displayName: $localize`:@@iam.rsc-type.access-token:Access token`
+};
+export const ResourceTypeProject: ResourceType = {
+  type: ResourceTypeEnum.Project,
+  pattern: 'project/{project}',
+  displayName: $localize`:@@iam.rsc-type.project:Project`
+};
+
+export const ResourceTypeEnv = {
+  type: ResourceTypeEnum.Env,
+  pattern: 'project/{project}:env/{env}',
+  displayName: $localize`:@@iam.rsc-type.env:Environment`
+};
+
 export const resourcesTypes: ResourceType[] = [
-  {
-    type: ResourceTypeEnum.All,
-    pattern: generalResourceRNPattern.all,
-    displayName: $localize`:@@iam.rsc-type.all:All`
-  },
-  {
-    type: ResourceTypeEnum.Account,
-    pattern: generalResourceRNPattern.account,
-    displayName: $localize`:@@iam.rsc-type.account:Account`
-  },
-  {
-    type: ResourceTypeEnum.IAM,
-    pattern: generalResourceRNPattern.iam,
-    displayName: $localize`:@@iam.rsc-type.iam:IAM`
-  },
-  {
-    type: ResourceTypeEnum.AccessToken,
-    pattern: generalResourceRNPattern.accessToken,
-    displayName: $localize`:@@iam.rsc-type.access-token:Access token`
-  },
-  {
-    type: ResourceTypeEnum.Project,
-    pattern: 'project/{project}',
-    displayName: $localize`:@@iam.rsc-type.project:Project`
-  },
-  {
-    type: ResourceTypeEnum.Env,
-    pattern: 'project/{project}:env/{env}',
-    displayName: $localize`:@@iam.rsc-type.env:Environment`
-  }
+  ResourceTypeAll,
+  ResourceTypeAccount,
+  ResourceTypeIAM,
+  ResourceTypeAccessToken,
+  ResourceTypeProject,
+  ResourceTypeEnv
 ];
 
 export interface ResourceParamViewModel {
@@ -149,8 +160,8 @@ export const resourceActionsDict: {[key: string]: IamPolicyAction[]} = {
   ],
   [ResourceTypeEnum.AccessToken]: [
     permissionActions.ListAccessTokens,
-    permissionActions.CreateServiceAccessTokens,
-    permissionActions.CreatePersonalAccessTokens,
+    permissionActions.ManageServiceAccessTokens,
+    permissionActions.ManagePersonalAccessTokens,
   ],
   [ResourceTypeEnum.Project]: [
     permissionActions.ListProjects,
diff --git a/modules/front-end/src/locale/messages.xlf b/modules/front-end/src/locale/messages.xlf
index d6d7e7ca2..dd6f1b03b 100644
--- a/modules/front-end/src/locale/messages.xlf
+++ b/modules/front-end/src/locale/messages.xlf
@@ -260,107 +260,41 @@
           <context context-type="linenumber">58</context>
         </context-group>
       </trans-unit>
-      <trans-unit id="common.policies" datatype="html">
-        <source>Policies</source>
+      <trans-unit id="common.permissions" datatype="html">
+        <source>Permissions</source>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/core/components/access-token-drawer/access-token-drawer.component.html</context>
           <context context-type="linenumber">45</context>
         </context-group>
         <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/iam/groups/details/details.component.html</context>
-          <context context-type="linenumber">13</context>
+          <context context-type="sourcefile">src/app/features/safe/iam/components/policy-editor/policy-editor.component.html</context>
+          <context context-type="linenumber">14</context>
         </context-group>
-      </trans-unit>
-      <trans-unit id="integrations.access-token.select-policies" datatype="html">
-        <source>Select policies</source>
         <context-group purpose="location">
-          <context context-type="sourcefile">src/app/core/components/access-token-drawer/access-token-drawer.component.html</context>
-          <context context-type="linenumber">50</context>
+          <context context-type="sourcefile">src/app/features/safe/iam/policies/details/details.component.html</context>
+          <context context-type="linenumber">7</context>
         </context-group>
       </trans-unit>
-      <trans-unit id="common.loading" datatype="html">
-        <source>Loading...</source>
+      <trans-unit id="common.all" datatype="html">
+        <source>All</source>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/core/components/access-token-drawer/access-token-drawer.component.html</context>
-          <context context-type="linenumber">68</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/core/components/audit-logs/audit-logs.component.html</context>
-          <context context-type="linenumber">26</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/core/components/experiment-drawer/experiment-drawer.component.html</context>
-          <context context-type="linenumber">36</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/core/components/experiment-drawer/experiment-drawer.component.html</context>
-          <context context-type="linenumber">66</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/core/components/member-drawer/member-drawer.component.html</context>
-          <context context-type="linenumber">38</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/core/components/member-drawer/member-drawer.component.html</context>
-          <context context-type="linenumber">55</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/core/components/metric-drawer/metric-drawer.component.html</context>
-          <context context-type="linenumber">43</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/core/components/target-user/target-user.component.html</context>
-          <context context-type="linenumber">44</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/end-users/index/index.component.html</context>
-          <context context-type="linenumber">25</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/end-users/index/index.component.html</context>
           <context context-type="linenumber">60</context>
         </context-group>
         <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/feature-flags/details/experimentation/experimentation.component.html</context>
-          <context context-type="linenumber">136</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/feature-flags/details/insights/insights.component.html</context>
-          <context context-type="linenumber">18</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/feature-flags/details/setting/setting.component.html</context>
-          <context context-type="linenumber">146,147</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/feature-flags/index/index.component.html</context>
-          <context context-type="linenumber">26</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/iam/components/policy-editor/resources-selector/resources-selector.component.html</context>
-          <context context-type="linenumber">38</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/integrations/access-tokens/index/index.component.html</context>
-          <context context-type="linenumber">28</context>
-        </context-group>
-      </trans-unit>
-      <trans-unit id="integrations.access-token.service-access-token-must-define-policies" datatype="html">
-        <source>Policies are mandatory for service type access tokens</source>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/core/components/access-token-drawer/access-token-drawer.component.html</context>
-          <context context-type="linenumber">82</context>
+          <context context-type="sourcefile">src/app/features/safe/experiments/metrics/metrics.component.html</context>
+          <context context-type="linenumber">12</context>
         </context-group>
         <context-group purpose="location">
-          <context context-type="sourcefile">src/app/core/components/access-token-drawer/access-token-drawer.component.ts</context>
-          <context context-type="linenumber">267</context>
+          <context context-type="sourcefile">src/app/features/safe/feature-flags/details/insights/insights.component.ts</context>
+          <context context-type="linenumber">58</context>
         </context-group>
       </trans-unit>
       <trans-unit id="common.save" datatype="html">
         <source>Save</source>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/core/components/access-token-drawer/access-token-drawer.component.html</context>
-          <context context-type="linenumber">92</context>
+          <context context-type="linenumber">85</context>
         </context-group>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/core/components/change-review/change-review.component.html</context>
@@ -439,28 +373,28 @@
         <source>Access token created</source>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/core/components/access-token-drawer/access-token-drawer.component.html</context>
-          <context context-type="linenumber">100</context>
+          <context context-type="linenumber">93</context>
         </context-group>
       </trans-unit>
       <trans-unit id="integrations.access-token.copy-token-warning" datatype="html">
         <source>Copy and save this token now, the token value will be masked once you leave the page.</source>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/core/components/access-token-drawer/access-token-drawer.component.html</context>
-          <context context-type="linenumber">109</context>
+          <context context-type="linenumber">102</context>
         </context-group>
       </trans-unit>
       <trans-unit id="common.ok" datatype="html">
         <source>OK</source>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/core/components/access-token-drawer/access-token-drawer.component.html</context>
-          <context context-type="linenumber">124</context>
+          <context context-type="linenumber">117</context>
         </context-group>
       </trans-unit>
       <trans-unit id="permissions.need-permissions-to-operate" datatype="html">
         <source>You don&apos;t have permissions to take this action, please contact the admin to grant you the necessary permissions</source>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/core/components/access-token-drawer/access-token-drawer.component.ts</context>
-          <context context-type="linenumber">234</context>
+          <context context-type="linenumber">198</context>
         </context-group>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/core/services/permissions.service.ts</context>
@@ -471,11 +405,11 @@
         <source>Operation succeeded</source>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/core/components/access-token-drawer/access-token-drawer.component.ts</context>
-          <context context-type="linenumber">243</context>
+          <context context-type="linenumber">208</context>
         </context-group>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/core/components/access-token-drawer/access-token-drawer.component.ts</context>
-          <context context-type="linenumber">258</context>
+          <context context-type="linenumber">223</context>
         </context-group>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/core/components/expt-rules-drawer/expt-rules-drawer.component.ts</context>
@@ -655,11 +589,11 @@
         </context-group>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/features/safe/integrations/access-tokens/index/index.component.ts</context>
-          <context context-type="linenumber">143</context>
+          <context context-type="linenumber">141</context>
         </context-group>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/features/safe/integrations/access-tokens/index/index.component.ts</context>
-          <context context-type="linenumber">154</context>
+          <context context-type="linenumber">152</context>
         </context-group>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/features/safe/segments/details/setting/setting.component.ts</context>
@@ -686,7 +620,7 @@
         <source>Operation failed, please try again</source>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/core/components/access-token-drawer/access-token-drawer.component.ts</context>
-          <context context-type="linenumber">246</context>
+          <context context-type="linenumber">211</context>
         </context-group>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/core/components/metric-drawer/metric-drawer.component.ts</context>
@@ -749,11 +683,18 @@
           <context context-type="linenumber">79</context>
         </context-group>
       </trans-unit>
+      <trans-unit id="integrations.access-token.service-access-token-must-define-policies" datatype="html">
+        <source>Policies are mandatory for service type access tokens</source>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/core/components/access-token-drawer/access-token-drawer.component.ts</context>
+          <context context-type="linenumber">232</context>
+        </context-group>
+      </trans-unit>
       <trans-unit id="common.copy-success" datatype="html">
         <source>Copied</source>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/core/components/access-token-drawer/access-token-drawer.component.ts</context>
-          <context context-type="linenumber">277</context>
+          <context context-type="linenumber">242</context>
         </context-group>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/core/components/header/header.component.ts</context>
@@ -875,6 +816,69 @@
           <context context-type="linenumber">20</context>
         </context-group>
       </trans-unit>
+      <trans-unit id="common.loading" datatype="html">
+        <source>Loading...</source>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/core/components/audit-logs/audit-logs.component.html</context>
+          <context context-type="linenumber">26</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/core/components/experiment-drawer/experiment-drawer.component.html</context>
+          <context context-type="linenumber">36</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/core/components/experiment-drawer/experiment-drawer.component.html</context>
+          <context context-type="linenumber">66</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/core/components/member-drawer/member-drawer.component.html</context>
+          <context context-type="linenumber">38</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/core/components/member-drawer/member-drawer.component.html</context>
+          <context context-type="linenumber">55</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/core/components/metric-drawer/metric-drawer.component.html</context>
+          <context context-type="linenumber">43</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/core/components/target-user/target-user.component.html</context>
+          <context context-type="linenumber">44</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/features/safe/end-users/index/index.component.html</context>
+          <context context-type="linenumber">25</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/features/safe/end-users/index/index.component.html</context>
+          <context context-type="linenumber">60</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/features/safe/feature-flags/details/experimentation/experimentation.component.html</context>
+          <context context-type="linenumber">136</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/features/safe/feature-flags/details/insights/insights.component.html</context>
+          <context context-type="linenumber">18</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/features/safe/feature-flags/details/setting/setting.component.html</context>
+          <context context-type="linenumber">146,147</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/features/safe/feature-flags/index/index.component.html</context>
+          <context context-type="linenumber">26</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/features/safe/iam/components/policy-editor/resources-selector/resources-selector.component.html</context>
+          <context context-type="linenumber">38</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/features/safe/integrations/access-tokens/index/index.component.html</context>
+          <context context-type="linenumber">28</context>
+        </context-group>
+      </trans-unit>
       <trans-unit id="ff.idx.filter-by-type" datatype="html">
         <source>Filter by type</source>
         <context-group purpose="location">
@@ -1505,11 +1509,11 @@
         </context-group>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/features/safe/integrations/access-tokens/index/index.component.ts</context>
-          <context context-type="linenumber">147</context>
+          <context context-type="linenumber">145</context>
         </context-group>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/features/safe/integrations/access-tokens/index/index.component.ts</context>
-          <context context-type="linenumber">157</context>
+          <context context-type="linenumber">155</context>
         </context-group>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/features/safe/segments/details/targeting/targeting.component.ts</context>
@@ -3215,6 +3219,20 @@
           <context context-type="linenumber">9</context>
         </context-group>
       </trans-unit>
+      <trans-unit id="iam.effect.allow" datatype="html">
+        <source>Allow</source>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/core/pipes/translation.pipe.ts</context>
+          <context context-type="linenumber">29</context>
+        </context-group>
+      </trans-unit>
+      <trans-unit id="iam.effect.deny" datatype="html">
+        <source>Deny</source>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/core/pipes/translation.pipe.ts</context>
+          <context context-type="linenumber">31</context>
+        </context-group>
+      </trans-unit>
       <trans-unit id="2454050363478003966" datatype="html">
         <source>Login</source>
         <context-group purpose="location">
@@ -3574,17 +3592,6 @@
           <context context-type="linenumber">3</context>
         </context-group>
       </trans-unit>
-      <trans-unit id="common.all" datatype="html">
-        <source>All</source>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/experiments/metrics/metrics.component.html</context>
-          <context context-type="linenumber">12</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/feature-flags/details/insights/insights.component.ts</context>
-          <context context-type="linenumber">58</context>
-        </context-group>
-      </trans-unit>
       <trans-unit id="expt.metric.custom-event-metric" datatype="html">
         <source>Custom event</source>
         <context-group purpose="location">
@@ -4983,17 +4990,6 @@
           <context context-type="linenumber">5</context>
         </context-group>
       </trans-unit>
-      <trans-unit id="common.permissions" datatype="html">
-        <source>Permissions</source>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/iam/components/policy-editor/policy-editor.component.html</context>
-          <context context-type="linenumber">14</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/iam/policies/details/details.component.html</context>
-          <context context-type="linenumber">7</context>
-        </context-group>
-      </trans-unit>
       <trans-unit id="iam.policies.details.resource-type" datatype="html">
         <source>Resource type</source>
         <context-group purpose="location">
@@ -5119,6 +5115,13 @@
           <context context-type="linenumber">13</context>
         </context-group>
       </trans-unit>
+      <trans-unit id="common.policies" datatype="html">
+        <source>Policies</source>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/features/safe/iam/groups/details/details.component.html</context>
+          <context context-type="linenumber">13</context>
+        </context-group>
+      </trans-unit>
       <trans-unit id="iam.groups.details.dp-filter-placeholder" datatype="html">
         <source>Filter by policy name</source>
         <context-group purpose="location">
@@ -6593,7 +6596,7 @@
         <source>All</source>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/shared/policy.ts</context>
-          <context context-type="linenumber">62</context>
+          <context context-type="linenumber">61</context>
         </context-group>
       </trans-unit>
       <trans-unit id="iam.rsc-type.account" datatype="html">
@@ -6607,46 +6610,46 @@
         <source>IAM</source>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/shared/policy.ts</context>
-          <context context-type="linenumber">72</context>
+          <context context-type="linenumber">73</context>
         </context-group>
       </trans-unit>
       <trans-unit id="iam.rsc-type.access-token" datatype="html">
         <source>Access token</source>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/shared/policy.ts</context>
-          <context context-type="linenumber">77</context>
+          <context context-type="linenumber">79</context>
         </context-group>
       </trans-unit>
       <trans-unit id="iam.rsc-type.project" datatype="html">
         <source>Project</source>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/shared/policy.ts</context>
-          <context context-type="linenumber">82</context>
+          <context context-type="linenumber">84</context>
         </context-group>
       </trans-unit>
       <trans-unit id="iam.rsc-type.env" datatype="html">
         <source>Environment</source>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/shared/policy.ts</context>
-          <context context-type="linenumber">87</context>
+          <context context-type="linenumber">90</context>
         </context-group>
       </trans-unit>
       <trans-unit id="iam.policy.project" datatype="html">
         <source>Project</source>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/shared/policy.ts</context>
-          <context context-type="linenumber">110</context>
+          <context context-type="linenumber">121</context>
         </context-group>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/shared/policy.ts</context>
-          <context context-type="linenumber">122</context>
+          <context context-type="linenumber">133</context>
         </context-group>
       </trans-unit>
       <trans-unit id="iam.policy.environment" datatype="html">
         <source>Environment</source>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/shared/policy.ts</context>
-          <context context-type="linenumber">132</context>
+          <context context-type="linenumber">143</context>
         </context-group>
       </trans-unit>
     </body>
diff --git a/modules/front-end/src/locale/messages.zh.xlf b/modules/front-end/src/locale/messages.zh.xlf
index be6a062ec..76092a4aa 100644
--- a/modules/front-end/src/locale/messages.zh.xlf
+++ b/modules/front-end/src/locale/messages.zh.xlf
@@ -265,111 +265,43 @@
         </context-group>
         <target>类型</target>
       </trans-unit>
-      <trans-unit id="common.policies" datatype="html">
-        <source>Policies</source>
+      <trans-unit id="common.permissions" datatype="html">
+        <source>Permissions</source>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/core/components/access-token-drawer/access-token-drawer.component.html</context>
           <context context-type="linenumber">45</context>
         </context-group>
         <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/iam/groups/details/details.component.html</context>
-          <context context-type="linenumber">13</context>
+          <context context-type="sourcefile">src/app/features/safe/iam/components/policy-editor/policy-editor.component.html</context>
+          <context context-type="linenumber">14</context>
         </context-group>
-        <target>策略</target>
-      </trans-unit>
-      <trans-unit id="integrations.access-token.select-policies" datatype="html">
-        <source>Select policies</source>
         <context-group purpose="location">
-          <context context-type="sourcefile">src/app/core/components/access-token-drawer/access-token-drawer.component.html</context>
-          <context context-type="linenumber">50</context>
+          <context context-type="sourcefile">src/app/features/safe/iam/policies/details/details.component.html</context>
+          <context context-type="linenumber">7</context>
         </context-group>
-        <target>选择策略</target>
+        <target>权限</target>
       </trans-unit>
-      <trans-unit id="common.loading" datatype="html">
-        <source>Loading...</source>
+      <trans-unit id="common.all" datatype="html">
+        <source>All</source>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/core/components/access-token-drawer/access-token-drawer.component.html</context>
-          <context context-type="linenumber">68</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/core/components/audit-logs/audit-logs.component.html</context>
-          <context context-type="linenumber">26</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/core/components/experiment-drawer/experiment-drawer.component.html</context>
-          <context context-type="linenumber">36</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/core/components/experiment-drawer/experiment-drawer.component.html</context>
-          <context context-type="linenumber">66</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/core/components/member-drawer/member-drawer.component.html</context>
-          <context context-type="linenumber">38</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/core/components/member-drawer/member-drawer.component.html</context>
-          <context context-type="linenumber">55</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/core/components/metric-drawer/metric-drawer.component.html</context>
-          <context context-type="linenumber">43</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/core/components/target-user/target-user.component.html</context>
-          <context context-type="linenumber">44</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/end-users/index/index.component.html</context>
-          <context context-type="linenumber">25</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/end-users/index/index.component.html</context>
           <context context-type="linenumber">60</context>
         </context-group>
         <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/feature-flags/details/experimentation/experimentation.component.html</context>
-          <context context-type="linenumber">136</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/feature-flags/details/insights/insights.component.html</context>
-          <context context-type="linenumber">18</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/feature-flags/details/setting/setting.component.html</context>
-          <context context-type="linenumber">146,147</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/feature-flags/index/index.component.html</context>
-          <context context-type="linenumber">26</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/iam/components/policy-editor/resources-selector/resources-selector.component.html</context>
-          <context context-type="linenumber">38</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/integrations/access-tokens/index/index.component.html</context>
-          <context context-type="linenumber">28</context>
-        </context-group>
-        <target>数据加载中...</target>
-      </trans-unit>
-      <trans-unit id="integrations.access-token.service-access-token-must-define-policies" datatype="html">
-        <source>Policies are mandatory for service type access tokens</source>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/core/components/access-token-drawer/access-token-drawer.component.html</context>
-          <context context-type="linenumber">82</context>
+          <context context-type="sourcefile">src/app/features/safe/experiments/metrics/metrics.component.html</context>
+          <context context-type="linenumber">12</context>
         </context-group>
         <context-group purpose="location">
-          <context context-type="sourcefile">src/app/core/components/access-token-drawer/access-token-drawer.component.ts</context>
-          <context context-type="linenumber">267</context>
+          <context context-type="sourcefile">src/app/features/safe/feature-flags/details/insights/insights.component.ts</context>
+          <context context-type="linenumber">58</context>
         </context-group>
-        <target>策略不能为空</target>
+        <target>全部</target>
       </trans-unit>
       <trans-unit id="common.save" datatype="html">
         <source>Save</source>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/core/components/access-token-drawer/access-token-drawer.component.html</context>
-          <context context-type="linenumber">92</context>
+          <context context-type="linenumber">85</context>
         </context-group>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/core/components/change-review/change-review.component.html</context>
@@ -449,7 +381,7 @@
         <source>Access token created</source>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/core/components/access-token-drawer/access-token-drawer.component.html</context>
-          <context context-type="linenumber">100</context>
+          <context context-type="linenumber">93</context>
         </context-group>
         <target>成功创建访问秘钥</target>
       </trans-unit>
@@ -457,7 +389,7 @@
         <source>Copy and save this token now, the token value will be masked once you leave the page.</source>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/core/components/access-token-drawer/access-token-drawer.component.html</context>
-          <context context-type="linenumber">109</context>
+          <context context-type="linenumber">102</context>
         </context-group>
         <target>请复制并保存 Token，一旦离开该页面后，该 Token 将会被隐藏。</target>
       </trans-unit>
@@ -465,7 +397,7 @@
         <source>OK</source>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/core/components/access-token-drawer/access-token-drawer.component.html</context>
-          <context context-type="linenumber">124</context>
+          <context context-type="linenumber">117</context>
         </context-group>
         <target>OK</target>
       </trans-unit>
@@ -473,7 +405,7 @@
         <source>You don&apos;t have permissions to take this action, please contact the admin to grant you the necessary permissions</source>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/core/components/access-token-drawer/access-token-drawer.component.ts</context>
-          <context context-type="linenumber">234</context>
+          <context context-type="linenumber">198</context>
         </context-group>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/core/services/permissions.service.ts</context>
@@ -485,11 +417,11 @@
         <source>Operation succeeded</source>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/core/components/access-token-drawer/access-token-drawer.component.ts</context>
-          <context context-type="linenumber">243</context>
+          <context context-type="linenumber">208</context>
         </context-group>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/core/components/access-token-drawer/access-token-drawer.component.ts</context>
-          <context context-type="linenumber">258</context>
+          <context context-type="linenumber">223</context>
         </context-group>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/core/components/expt-rules-drawer/expt-rules-drawer.component.ts</context>
@@ -669,11 +601,11 @@
         </context-group>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/features/safe/integrations/access-tokens/index/index.component.ts</context>
-          <context context-type="linenumber">143</context>
+          <context context-type="linenumber">141</context>
         </context-group>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/features/safe/integrations/access-tokens/index/index.component.ts</context>
-          <context context-type="linenumber">154</context>
+          <context context-type="linenumber">152</context>
         </context-group>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/features/safe/segments/details/setting/setting.component.ts</context>
@@ -701,7 +633,7 @@
         <source>Operation failed, please try again</source>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/core/components/access-token-drawer/access-token-drawer.component.ts</context>
-          <context context-type="linenumber">246</context>
+          <context context-type="linenumber">211</context>
         </context-group>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/core/components/metric-drawer/metric-drawer.component.ts</context>
@@ -765,11 +697,19 @@
         </context-group>
         <target>操作失败，请重试</target>
       </trans-unit>
+      <trans-unit id="integrations.access-token.service-access-token-must-define-policies" datatype="html">
+        <source>Policies are mandatory for service type access tokens</source>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/core/components/access-token-drawer/access-token-drawer.component.ts</context>
+          <context context-type="linenumber">232</context>
+        </context-group>
+        <target>策略不能为空</target>
+      </trans-unit>
       <trans-unit id="common.copy-success" datatype="html">
         <source>Copied</source>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/core/components/access-token-drawer/access-token-drawer.component.ts</context>
-          <context context-type="linenumber">277</context>
+          <context context-type="linenumber">242</context>
         </context-group>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/core/components/header/header.component.ts</context>
@@ -901,6 +841,70 @@
         </context-group>
         <target>按团队成员查找</target>
       </trans-unit>
+      <trans-unit id="common.loading" datatype="html">
+        <source>Loading...</source>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/core/components/audit-logs/audit-logs.component.html</context>
+          <context context-type="linenumber">26</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/core/components/experiment-drawer/experiment-drawer.component.html</context>
+          <context context-type="linenumber">36</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/core/components/experiment-drawer/experiment-drawer.component.html</context>
+          <context context-type="linenumber">66</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/core/components/member-drawer/member-drawer.component.html</context>
+          <context context-type="linenumber">38</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/core/components/member-drawer/member-drawer.component.html</context>
+          <context context-type="linenumber">55</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/core/components/metric-drawer/metric-drawer.component.html</context>
+          <context context-type="linenumber">43</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/core/components/target-user/target-user.component.html</context>
+          <context context-type="linenumber">44</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/features/safe/end-users/index/index.component.html</context>
+          <context context-type="linenumber">25</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/features/safe/end-users/index/index.component.html</context>
+          <context context-type="linenumber">60</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/features/safe/feature-flags/details/experimentation/experimentation.component.html</context>
+          <context context-type="linenumber">136</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/features/safe/feature-flags/details/insights/insights.component.html</context>
+          <context context-type="linenumber">18</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/features/safe/feature-flags/details/setting/setting.component.html</context>
+          <context context-type="linenumber">146,147</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/features/safe/feature-flags/index/index.component.html</context>
+          <context context-type="linenumber">26</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/features/safe/iam/components/policy-editor/resources-selector/resources-selector.component.html</context>
+          <context context-type="linenumber">38</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/features/safe/integrations/access-tokens/index/index.component.html</context>
+          <context context-type="linenumber">28</context>
+        </context-group>
+        <target>数据加载中...</target>
+      </trans-unit>
       <trans-unit id="ff.idx.filter-by-type" datatype="html">
         <source>Filter by type</source>
         <context-group purpose="location">
@@ -1581,11 +1585,11 @@
         </context-group>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/features/safe/integrations/access-tokens/index/index.component.ts</context>
-          <context context-type="linenumber">147</context>
+          <context context-type="linenumber">145</context>
         </context-group>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/features/safe/integrations/access-tokens/index/index.component.ts</context>
-          <context context-type="linenumber">157</context>
+          <context context-type="linenumber">155</context>
         </context-group>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/features/safe/segments/details/targeting/targeting.component.ts</context>
@@ -3448,6 +3452,22 @@
         </context-group>
         <target>客户托管</target>
       </trans-unit>
+      <trans-unit id="iam.effect.allow" datatype="html">
+        <source>Allow</source>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/core/pipes/translation.pipe.ts</context>
+          <context context-type="linenumber">29</context>
+        </context-group>
+        <target>允许</target>
+      </trans-unit>
+      <trans-unit id="iam.effect.deny" datatype="html">
+        <source>Deny</source>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/core/pipes/translation.pipe.ts</context>
+          <context context-type="linenumber">31</context>
+        </context-group>
+        <target>禁止</target>
+      </trans-unit>
       <trans-unit id="2454050363478003966" datatype="html">
         <source>Login</source>
         <context-group purpose="location">
@@ -3852,18 +3872,6 @@
         </context-group>
         <target>概览</target>
       </trans-unit>
-      <trans-unit id="common.all" datatype="html">
-        <source>All</source>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/experiments/metrics/metrics.component.html</context>
-          <context context-type="linenumber">12</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/feature-flags/details/insights/insights.component.ts</context>
-          <context context-type="linenumber">58</context>
-        </context-group>
-        <target>全部</target>
-      </trans-unit>
       <trans-unit id="expt.metric.custom-event-metric" datatype="html">
         <source>Custom event</source>
         <context-group purpose="location">
@@ -5432,18 +5440,6 @@
         </context-group>
         <target>复制</target>
       </trans-unit>
-      <trans-unit id="common.permissions" datatype="html">
-        <source>Permissions</source>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/iam/components/policy-editor/policy-editor.component.html</context>
-          <context context-type="linenumber">14</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/iam/policies/details/details.component.html</context>
-          <context context-type="linenumber">7</context>
-        </context-group>
-        <target>权限</target>
-      </trans-unit>
       <trans-unit id="iam.policies.details.resource-type" datatype="html">
         <source>Resource type</source>
         <context-group purpose="location">
@@ -5584,6 +5580,14 @@
         </context-group>
         <target>团队</target>
       </trans-unit>
+      <trans-unit id="common.policies" datatype="html">
+        <source>Policies</source>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/features/safe/iam/groups/details/details.component.html</context>
+          <context context-type="linenumber">13</context>
+        </context-group>
+        <target>策略</target>
+      </trans-unit>
       <trans-unit id="iam.groups.details.dp-filter-placeholder" datatype="html">
         <source>Filter by policy name</source>
         <context-group purpose="location">
@@ -7245,7 +7249,7 @@
         <source>All</source>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/shared/policy.ts</context>
-          <context context-type="linenumber">62</context>
+          <context context-type="linenumber">61</context>
         </context-group>
         <target>全部</target>
       </trans-unit>
@@ -7261,7 +7265,7 @@
         <source>IAM</source>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/shared/policy.ts</context>
-          <context context-type="linenumber">72</context>
+          <context context-type="linenumber">73</context>
         </context-group>
         <target>权限管理</target>
       </trans-unit>
@@ -7269,7 +7273,7 @@
         <source>Access token</source>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/shared/policy.ts</context>
-          <context context-type="linenumber">77</context>
+          <context context-type="linenumber">79</context>
         </context-group>
         <target>访问策略</target>
       </trans-unit>
@@ -7277,7 +7281,7 @@
         <source>Project</source>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/shared/policy.ts</context>
-          <context context-type="linenumber">82</context>
+          <context context-type="linenumber">84</context>
         </context-group>
         <target>项目</target>
       </trans-unit>
@@ -7285,7 +7289,7 @@
         <source>Environment</source>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/shared/policy.ts</context>
-          <context context-type="linenumber">87</context>
+          <context context-type="linenumber">90</context>
         </context-group>
         <target>环境</target>
       </trans-unit>
@@ -7293,11 +7297,11 @@
         <source>Project</source>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/shared/policy.ts</context>
-          <context context-type="linenumber">110</context>
+          <context context-type="linenumber">121</context>
         </context-group>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/shared/policy.ts</context>
-          <context context-type="linenumber">122</context>
+          <context context-type="linenumber">133</context>
         </context-group>
         <target>项目</target>
       </trans-unit>
@@ -7305,7 +7309,7 @@
         <source>Environment</source>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/shared/policy.ts</context>
-          <context context-type="linenumber">132</context>
+          <context context-type="linenumber">143</context>
         </context-group>
         <target>环境</target>
       </trans-unit>
diff --git a/modules/front-end/src/styles-common.less b/modules/front-end/src/styles-common.less
index be09ea3af..50b6a3b5a 100644
--- a/modules/front-end/src/styles-common.less
+++ b/modules/front-end/src/styles-common.less
@@ -22,8 +22,11 @@ app-root {
   padding: 6px 0 7px 0;
 }
 
-.ant-collapse>.ant-collapse-item>.ant-collapse-header {
-  padding: 0;
+.ant-collapse {
+  border-radius: 8px;
+  .ant-collapse-item>.ant-collapse-header {
+    padding: 8px 16px;
+  }
 }
 
 .menu-list li a i {

From 9098ebbc35fb22d5ab2012be2af7f0aa88ddaa93 Mon Sep 17 00:00:00 2001
From: cosmos-explorer <lian.yang.work@gmail.com>
Date: Thu, 16 Mar 2023 09:33:07 +0100
Subject: [PATCH 29/44] style

---
 .../access-token-drawer/access-token-drawer.component.less    | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/modules/front-end/src/app/core/components/access-token-drawer/access-token-drawer.component.less b/modules/front-end/src/app/core/components/access-token-drawer/access-token-drawer.component.less
index d5030f94a..e1a472ed6 100644
--- a/modules/front-end/src/app/core/components/access-token-drawer/access-token-drawer.component.less
+++ b/modules/front-end/src/app/core/components/access-token-drawer/access-token-drawer.component.less
@@ -4,6 +4,10 @@
   color: @red60-color;
 }
 
+i {
+ cursor: pointer;
+}
+
 #confirm-modal-ok {
   color: @white;
 

From 67f9b6c23a0ba4bf387c10debbe1a5f93dbb0135 Mon Sep 17 00:00:00 2001
From: cosmos-explorer <lian.yang.work@gmail.com>
Date: Thu, 16 Mar 2023 10:11:30 +0100
Subject: [PATCH 30/44] refactor

---
 .../access-token-drawer.component.ts          |  28 +-
 .../env-drawer/env-drawer.component.ts        |   2 +-
 .../components/header/header.component.ts     |   2 +-
 .../project-drawer.component.ts               |   3 +-
 .../src/app/core/guards/accessTokens.guard.ts |   2 +-
 .../src/app/core/guards/iam.guard.ts          |   2 +-
 .../access-tokens/index/index.component.ts    |   2 +-
 .../access-tokens/types/permission-helper.ts  |   3 +-
 .../organization/organization.component.ts    |   2 +-
 .../project/project.component.ts              |   3 +-
 .../front-end/src/app/shared/permissions.ts   | 164 ---------
 modules/front-end/src/app/shared/policy.ts    | 183 +++++++++-
 modules/front-end/src/locale/messages.xlf     | 308 ++++++++--------
 modules/front-end/src/locale/messages.zh.xlf  | 330 +++++++++---------
 14 files changed, 526 insertions(+), 508 deletions(-)
 delete mode 100644 modules/front-end/src/app/shared/permissions.ts

diff --git a/modules/front-end/src/app/core/components/access-token-drawer/access-token-drawer.component.ts b/modules/front-end/src/app/core/components/access-token-drawer/access-token-drawer.component.ts
index 88319d472..58d8885c3 100644
--- a/modules/front-end/src/app/core/components/access-token-drawer/access-token-drawer.component.ts
+++ b/modules/front-end/src/app/core/components/access-token-drawer/access-token-drawer.component.ts
@@ -6,21 +6,19 @@ import { PolicyService } from "@services/policy.service";
 import {
   AccessTokenTypeEnum,
   IAccessToken,
-  IAccessTokenPolicy
 } from "@features/safe/integrations/access-tokens/types/access-token";
 import { NzSelectComponent } from "ng-zorro-antd/select";
 import { AccessTokenService } from "@services/access-token.service";
 import { PermissionsService } from "@services/permissions.service";
-import { generalResourceRNPattern, permissionActions } from "@shared/permissions";
+import { EffectEnum, generalResourceRNPattern, permissionActions } from "@shared/policy";
 import { PolicyFilter } from "@features/safe/iam/types/policy";
 import { NzModalService } from "ng-zorro-antd/modal";
-import { copyToClipboard } from "@utils/index";
+import { copyToClipboard, uuidv4 } from "@utils/index";
 import {
   preProcessPermissions,
   IPermissionStatementGroup, postProcessPermissions
 } from "@features/safe/integrations/access-tokens/types/permission-helper";
 import {
-  IPolicyStatement,
   ResourceType, ResourceTypeAccessToken,
   ResourceTypeEnv,
   ResourceTypeProject
@@ -43,7 +41,6 @@ export class AccessTokenDrawerComponent {
     this.isEditing = accessToken && !!accessToken.id;
     if (this.isEditing) {
       this.permissions = preProcessPermissions(accessToken.permissions);
-      this.authorizedResourceTypes = this.resourceTypes.filter((rt) => this.permissions[rt.type]?.statements?.length > 0);
     } else {
       accessToken = { name: null, type: AccessTokenTypeEnum.Personal};
       this.setAuthorizedPermissions();
@@ -52,7 +49,7 @@ export class AccessTokenDrawerComponent {
     this.isServiceAccessToken = accessToken.type === AccessTokenTypeEnum.Service;
     this.patchForm(accessToken);
     this._accessToken = accessToken;
-
+    this.authorizedResourceTypes = this.resourceTypes.filter((rt) => this.permissions[rt.type]?.statements?.length > 0);
   }
 
   @Input() visible: boolean = false;
@@ -123,12 +120,19 @@ export class AccessTokenDrawerComponent {
     const hasOwnerPolicy = this.permissionsService.policies.some((policy) => policy.name === 'Owner' && policy.type === 'SysManaged');
 
     if (hasOwnerPolicy) {
-      this.policyService.getList(new PolicyFilter('', 1, 100)).subscribe({
-        next: policies => {
-          this.permissions = preProcessPermissions(policies.items.flatMap(p => p.statements));
-          this.authorizedResourceTypes = this.resourceTypes.filter((rt) => this.permissions[rt.type]?.statements?.length > 0);
-        }
-      });
+      const permissions = Object.keys(permissionActions)
+        .filter((property) => permissionActions[property].isOpenAPIApplicable)
+        .map((property) => {
+          const { resourceType, name } = permissionActions[property];
+          return {
+            id: uuidv4(),
+            resourceType,
+            effect: EffectEnum.Allow,
+            actions: [name],
+            resources: [generalResourceRNPattern[resourceType]]
+          }
+        });
+      this.permissions = preProcessPermissions(permissions);
     } else {
       this.permissions = preProcessPermissions(this.permissionsService.permissions);
     }
diff --git a/modules/front-end/src/app/core/components/env-drawer/env-drawer.component.ts b/modules/front-end/src/app/core/components/env-drawer/env-drawer.component.ts
index d61135a57..5232c75d6 100644
--- a/modules/front-end/src/app/core/components/env-drawer/env-drawer.component.ts
+++ b/modules/front-end/src/app/core/components/env-drawer/env-drawer.component.ts
@@ -4,7 +4,7 @@ import { NzMessageService } from 'ng-zorro-antd/message';
 import { IEnvironment } from '@shared/types';
 import { EnvService } from '@services/env.service';
 import { ProjectService } from "@services/project.service";
-import { generalResourceRNPattern, permissionActions } from "@shared/permissions";
+import { generalResourceRNPattern, permissionActions } from "@shared/policy";
 import { PermissionsService } from "@services/permissions.service";
 
 @Component({
diff --git a/modules/front-end/src/app/core/components/header/header.component.ts b/modules/front-end/src/app/core/components/header/header.component.ts
index 6c74af2fd..c4fef8fa6 100644
--- a/modules/front-end/src/app/core/components/header/header.component.ts
+++ b/modules/front-end/src/app/core/components/header/header.component.ts
@@ -5,7 +5,7 @@ import { ProjectService } from '@services/project.service';
 import { Router } from '@angular/router';
 import { Breadcrumb, BreadcrumbService } from '@services/bread-crumb.service';
 import { PermissionsService } from "@services/permissions.service";
-import { generalResourceRNPattern, permissionActions } from "@shared/permissions";
+import { generalResourceRNPattern, permissionActions } from "@shared/policy";
 import { NzMessageService } from "ng-zorro-antd/message";
 import { MessageQueueService } from "@services/message-queue.service";
 import { Observable } from "rxjs";
diff --git a/modules/front-end/src/app/core/components/project-drawer/project-drawer.component.ts b/modules/front-end/src/app/core/components/project-drawer/project-drawer.component.ts
index 8ff69d746..c298adad7 100644
--- a/modules/front-end/src/app/core/components/project-drawer/project-drawer.component.ts
+++ b/modules/front-end/src/app/core/components/project-drawer/project-drawer.component.ts
@@ -4,8 +4,7 @@ import {NzMessageService} from 'ng-zorro-antd/message';
 import {IProject} from '@shared/types';
 import {ProjectService} from '@services/project.service';
 import {PermissionsService} from "@services/permissions.service";
-import {generalResourceRNPattern, permissionActions} from "@shared/permissions";
-import {ResourceTypeEnum} from "@shared/policy";
+import {ResourceTypeEnum, generalResourceRNPattern, permissionActions} from "@shared/policy";
 
 @Component({
   selector: 'app-project-drawer',
diff --git a/modules/front-end/src/app/core/guards/accessTokens.guard.ts b/modules/front-end/src/app/core/guards/accessTokens.guard.ts
index a9bf8ce4a..d16795762 100644
--- a/modules/front-end/src/app/core/guards/accessTokens.guard.ts
+++ b/modules/front-end/src/app/core/guards/accessTokens.guard.ts
@@ -1,7 +1,7 @@
 import { Injectable } from '@angular/core';
 import { CanActivate, ActivatedRouteSnapshot, RouterStateSnapshot, UrlTree, Router } from '@angular/router';
 import {PermissionsService} from "@services/permissions.service";
-import {generalResourceRNPattern, permissionActions} from "@shared/permissions";
+import {generalResourceRNPattern, permissionActions} from "@shared/policy";
 import {NzMessageService} from "ng-zorro-antd/message";
 
 @Injectable({
diff --git a/modules/front-end/src/app/core/guards/iam.guard.ts b/modules/front-end/src/app/core/guards/iam.guard.ts
index 9539775fb..67a852d15 100644
--- a/modules/front-end/src/app/core/guards/iam.guard.ts
+++ b/modules/front-end/src/app/core/guards/iam.guard.ts
@@ -1,7 +1,7 @@
 import { Injectable } from '@angular/core';
 import { CanActivate, ActivatedRouteSnapshot, RouterStateSnapshot, UrlTree, Router } from '@angular/router';
 import {PermissionsService} from "@services/permissions.service";
-import {generalResourceRNPattern, permissionActions} from "@shared/permissions";
+import {generalResourceRNPattern, permissionActions} from "@shared/policy";
 import {NzMessageService} from "ng-zorro-antd/message";
 
 @Injectable({
diff --git a/modules/front-end/src/app/features/safe/integrations/access-tokens/index/index.component.ts b/modules/front-end/src/app/features/safe/integrations/access-tokens/index/index.component.ts
index 5a2fe1814..d6bdad500 100644
--- a/modules/front-end/src/app/features/safe/integrations/access-tokens/index/index.component.ts
+++ b/modules/front-end/src/app/features/safe/integrations/access-tokens/index/index.component.ts
@@ -13,7 +13,7 @@ import { IOrganization } from "@shared/types";
 import { CURRENT_ORGANIZATION } from "@utils/localstorage-keys";
 import { TeamService } from "@services/team.service";
 import { PermissionsService } from "@services/permissions.service";
-import { generalResourceRNPattern, permissionActions } from "@shared/permissions";
+import { generalResourceRNPattern, permissionActions } from "@shared/policy";
 
 @Component({
   selector: 'access-tokens',
diff --git a/modules/front-end/src/app/features/safe/integrations/access-tokens/types/permission-helper.ts b/modules/front-end/src/app/features/safe/integrations/access-tokens/types/permission-helper.ts
index 25c31070c..3b7119a77 100644
--- a/modules/front-end/src/app/features/safe/integrations/access-tokens/types/permission-helper.ts
+++ b/modules/front-end/src/app/features/safe/integrations/access-tokens/types/permission-helper.ts
@@ -1,5 +1,4 @@
-import { IamPolicyAction, IPolicyStatement, ResourceTypeEnum } from "@shared/policy";
-import { permissionActions } from "@shared/permissions";
+import { IamPolicyAction, IPolicyStatement, permissionActions } from "@shared/policy";
 import { uuidv4 } from "@utils/index";
 
 export interface IPermissionStatementGroup {
diff --git a/modules/front-end/src/app/features/safe/organizations/organization/organization.component.ts b/modules/front-end/src/app/features/safe/organizations/organization/organization.component.ts
index 684034bf5..13336a2b7 100644
--- a/modules/front-end/src/app/features/safe/organizations/organization/organization.component.ts
+++ b/modules/front-end/src/app/features/safe/organizations/organization/organization.component.ts
@@ -6,7 +6,7 @@ import { IOrganization } from '@shared/types';
 import { OrganizationService } from '@services/organization.service';
 import { getCurrentOrganization } from "@utils/project-env";
 import {PermissionsService} from "@services/permissions.service";
-import {generalResourceRNPattern, permissionActions} from "@shared/permissions";
+import {generalResourceRNPattern, permissionActions} from "@shared/policy";
 import { MessageQueueService } from '@core/services/message-queue.service';
 
 @Component({
diff --git a/modules/front-end/src/app/features/safe/organizations/project/project.component.ts b/modules/front-end/src/app/features/safe/organizations/project/project.component.ts
index 3348aabab..7bbcee7bb 100644
--- a/modules/front-end/src/app/features/safe/organizations/project/project.component.ts
+++ b/modules/front-end/src/app/features/safe/organizations/project/project.component.ts
@@ -5,12 +5,11 @@ import { OrganizationService } from '@services/organization.service';
 import { EnvService } from '@services/env.service';
 import { NzMessageService } from "ng-zorro-antd/message";
 import {PermissionsService} from "@services/permissions.service";
-import {generalResourceRNPattern, permissionActions} from "@shared/permissions";
 import {MessageQueueService} from "@services/message-queue.service";
 import { FormBuilder, FormGroup, Validators } from "@angular/forms";
 import { EnvSecretService } from "@services/env-secret.service";
 import { copyToClipboard } from '@utils/index';
-import { ResourceTypeEnum } from "@shared/policy";
+import { ResourceTypeEnum, generalResourceRNPattern, permissionActions } from "@shared/policy";
 
 @Component({
   selector: 'app-project',
diff --git a/modules/front-end/src/app/shared/permissions.ts b/modules/front-end/src/app/shared/permissions.ts
deleted file mode 100644
index 2546e3313..000000000
--- a/modules/front-end/src/app/shared/permissions.ts
+++ /dev/null
@@ -1,164 +0,0 @@
-import { uuidv4 } from "@utils/index";
-import { IamPolicyAction } from "@shared/policy";
-
-export const generalResourceRNPattern = {
-  all: '*',
-  account: 'account/*',
-  iam: 'iam/*',
-  accessToken: 'access-token/*',
-  project: 'project/*',
-  env: 'project/*:env/*'
-}
-
-export const permissionActions: {[key: string]: IamPolicyAction} = {
-  All: {
-    id: uuidv4(),
-    name: '*',
-    displayName: $localize`:@@iam.action.all:All`,
-    description: $localize`:@@iam.action.all:All`,
-    isOpenAPIApplicable: false,
-    isSpecificApplicable: false
-  },
-  ListProjects: {
-    id: uuidv4(),
-    name: 'ListProjects',
-    displayName: $localize`:@@iam.action.list-projects:List projects`,
-    description: $localize`:@@iam.action.list-projects:List projects`,
-    isOpenAPIApplicable: true,
-    isSpecificApplicable: false
-  },
-  CreateProject: {
-    id: uuidv4(),
-    name: 'CreateProject',
-    displayName: $localize`:@@iam.action.create-projects:Create projects`,
-    description: $localize`:@@iam.action.create-projects:Create projects`,
-    isOpenAPIApplicable: true,
-    isSpecificApplicable: false
-  },
-  DeleteProject: {
-    id: uuidv4(),
-    name: 'DeleteProject',
-    displayName: $localize`:@@iam.action.delete-projects:Delete projects`,
-    description: $localize`:@@iam.action.delete-projects:Delete projects`,
-    isOpenAPIApplicable: true,
-    isSpecificApplicable: true
-  },
-  AccessEnvs: {
-    id: uuidv4(),
-    name: 'AccessEnvs',
-    displayName: $localize`:@@iam.action.access-envs:Access environments`,
-    description: $localize`:@@iam.action.access-envs:Access environments`,
-    isOpenAPIApplicable: true,
-    isSpecificApplicable: true
-  },
-  UpdateProjectSettings: {
-    id: uuidv4(),
-    name: 'UpdateProjectSettings',
-    displayName: $localize`:@@iam.action.update-project-settings:Update project settings`,
-    description: $localize`:@@iam.action.update-project-settings:Update project settings`,
-    isOpenAPIApplicable: true,
-    isSpecificApplicable: true
-  },
-  ListEnvs: {
-    id: uuidv4(),
-    name: 'ListEnvs',
-    displayName: $localize`:@@iam.action.list-envs:List environments`,
-    description: $localize`:@@iam.action.list-envs:List environments`,
-    isOpenAPIApplicable: true,
-    isSpecificApplicable: true
-  },
-  CreateEnv:  {
-    id: uuidv4(),
-    name: 'CreateEnv',
-    displayName: $localize`:@@iam.action.create-env:Create environment`,
-    description: $localize`:@@iam.action.create-env:Create environment`,
-    isOpenAPIApplicable: true,
-    isSpecificApplicable: true
-  },
-  DeleteEnv: {
-    id: uuidv4(),
-    name: 'DeleteEnv',
-    displayName: $localize`:@@iam.action.delete-envs:Delete environments`,
-    description: $localize`:@@iam.action.delete-envs:Delete environments`,
-    isOpenAPIApplicable: true,
-    isSpecificApplicable: true
-  },
-  UpdateEnvSettings: {
-    id: uuidv4(),
-    name: 'UpdateEnvSettings',
-    displayName: $localize`:@@iam.action.update-env-settings:Update environment settings`,
-    description: $localize`:@@iam.action.update-env-settings:Update environment settings`,
-    isOpenAPIApplicable: true,
-    isSpecificApplicable: true
-  },
-  DeleteEnvSecret: {
-    id: uuidv4(),
-    name: 'DeleteEnvSecret',
-    displayName: $localize`:@@iam.action.delete-env-secret:Delete environment secret`,
-    description: $localize`:@@iam.action.delete-env-secret:Delete environment secret`,
-    isOpenAPIApplicable: true,
-    isSpecificApplicable: true
-  },
-  CreateEnvSecret: {
-    id: uuidv4(),
-    name: 'CreateEnvSecret',
-    displayName: $localize`:@@iam.action.create-env-secret:Create environment secret`,
-    description: $localize`:@@iam.action.create-env-secret:Create environment secret`,
-    isOpenAPIApplicable: true,
-    isSpecificApplicable: true
-  },
-  UpdateEnvSecret: {
-    id: uuidv4(),
-    name: 'UpdateEnvSecret',
-    displayName: $localize`:@@iam.action.update-env-secret:Update environment secret`,
-    description: $localize`:@@iam.action.update-env-secret:Update environment secret`,
-    isOpenAPIApplicable: true,
-    isSpecificApplicable: true
-  },
-
-  // account
-  UpdateOrgName: {
-    id: uuidv4(),
-    name: 'UpdateOrgName',
-    displayName: $localize`:@@iam.action.update-org-name:Update org name`,
-    description: $localize`:@@iam.action.update-org-name:Update org name`,
-    isOpenAPIApplicable: true,
-    isSpecificApplicable: false
-  },
-
-  // iam
-  CanManageIAM: {
-    id: uuidv4(),
-    name: 'CanManageIAM',
-    displayName: $localize`:@@iam.action.iam:IAM`,
-    description: $localize`:@@iam.action.iam:IAM`,
-    isOpenAPIApplicable: true,
-    isSpecificApplicable: false
-  },
-
-  // access tokens
-  ListAccessTokens: {
-    id: uuidv4(),
-    name: 'ListAccessTokens',
-    displayName: $localize`:@@iam.action.list-access-tokens:List access tokens`,
-    description: $localize`:@@iam.action.list-access-tokens:List access tokens`,
-    isOpenAPIApplicable: true,
-    isSpecificApplicable: false
-  },
-  ManageServiceAccessTokens: {
-    id: uuidv4(),
-    name: 'ManageServiceAccessTokens',
-    displayName: $localize`:@@iam.action.manage-service-access-tokens:Manage service access tokens`,
-    description: $localize`:@@iam.action.manage-service-access-tokens:Manage service access tokens`,
-    isOpenAPIApplicable: true,
-    isSpecificApplicable: false
-  },
-  ManagePersonalAccessTokens: {
-    id: uuidv4(),
-    name: 'ManagePersonalAccessTokens',
-    displayName: $localize`:@@iam.action.manage-personal-access-tokens:Manage personal access tokens`,
-    description: $localize`:@@iam.action.manage-personal-access-tokens:Manage personal access tokens`,
-    isOpenAPIApplicable: true,
-    isSpecificApplicable: false
-  },
-}
diff --git a/modules/front-end/src/app/shared/policy.ts b/modules/front-end/src/app/shared/policy.ts
index d6793280d..e80ecd4c0 100644
--- a/modules/front-end/src/app/shared/policy.ts
+++ b/modules/front-end/src/app/shared/policy.ts
@@ -1,4 +1,4 @@
-import {generalResourceRNPattern, permissionActions} from "@shared/permissions";
+import { uuidv4 } from "@utils/index";
 
 export interface IPolicyStatement {
   id: string;
@@ -23,6 +23,7 @@ export interface ValPlaceholder {
 export interface IamPolicyAction {
   id: string;
   name: string;
+  resourceType?: ResourceTypeEnum,
   displayName: string;
   description: string;
   isOpenAPIApplicable: boolean;
@@ -55,6 +56,15 @@ export interface RNViewModel {
   isInvalid?: boolean
 }
 
+export const generalResourceRNPattern = {
+  all: '*',
+  account: 'account/*',
+  iam: 'iam/*',
+  accessToken: 'access-token/*',
+  project: 'project/*',
+  env: 'project/*:env/*'
+};
+
 export const ResourceTypeAll: ResourceType = {
   type: ResourceTypeEnum.All,
   pattern: generalResourceRNPattern.all,
@@ -148,6 +158,177 @@ export const rscParamsDict: {[key in ResourceTypeEnum]: ResourceParamViewModel[]
   ],
 };
 
+export const permissionActions: {[key: string]: IamPolicyAction} = {
+  All: {
+    id: uuidv4(),
+    name: '*',
+    resourceType: ResourceTypeEnum.All,
+    displayName: $localize`:@@iam.action.all:All`,
+    description: $localize`:@@iam.action.all:All`,
+    isOpenAPIApplicable: false,
+    isSpecificApplicable: false
+  },
+  ListProjects: {
+    id: uuidv4(),
+    name: 'ListProjects',
+    resourceType: ResourceTypeEnum.Project,
+    displayName: $localize`:@@iam.action.list-projects:List projects`,
+    description: $localize`:@@iam.action.list-projects:List projects`,
+    isOpenAPIApplicable: true,
+    isSpecificApplicable: false
+  },
+  CreateProject: {
+    id: uuidv4(),
+    name: 'CreateProject',
+    resourceType: ResourceTypeEnum.Project,
+    displayName: $localize`:@@iam.action.create-projects:Create projects`,
+    description: $localize`:@@iam.action.create-projects:Create projects`,
+    isOpenAPIApplicable: true,
+    isSpecificApplicable: false
+  },
+  DeleteProject: {
+    id: uuidv4(),
+    name: 'DeleteProject',
+    resourceType: ResourceTypeEnum.Project,
+    displayName: $localize`:@@iam.action.delete-projects:Delete projects`,
+    description: $localize`:@@iam.action.delete-projects:Delete projects`,
+    isOpenAPIApplicable: true,
+    isSpecificApplicable: true
+  },
+  UpdateProjectSettings: {
+    id: uuidv4(),
+    name: 'UpdateProjectSettings',
+    resourceType: ResourceTypeEnum.Project,
+    displayName: $localize`:@@iam.action.update-project-settings:Update project settings`,
+    description: $localize`:@@iam.action.update-project-settings:Update project settings`,
+    isOpenAPIApplicable: true,
+    isSpecificApplicable: true
+  },
+  ListEnvs: {
+    id: uuidv4(),
+    name: 'ListEnvs',
+    resourceType: ResourceTypeEnum.Project,
+    displayName: $localize`:@@iam.action.list-envs:List environments`,
+    description: $localize`:@@iam.action.list-envs:List environments`,
+    isOpenAPIApplicable: true,
+    isSpecificApplicable: true
+  },
+  CreateEnv:  {
+    id: uuidv4(),
+    name: 'CreateEnv',
+    resourceType: ResourceTypeEnum.Project,
+    displayName: $localize`:@@iam.action.create-env:Create environment`,
+    description: $localize`:@@iam.action.create-env:Create environment`,
+    isOpenAPIApplicable: true,
+    isSpecificApplicable: true
+  },
+  AccessEnvs: {
+    id: uuidv4(),
+    name: 'AccessEnvs',
+    resourceType: ResourceTypeEnum.Env,
+    displayName: $localize`:@@iam.action.access-envs:Access environments`,
+    description: $localize`:@@iam.action.access-envs:Access environments`,
+    isOpenAPIApplicable: true,
+    isSpecificApplicable: true
+  },
+  DeleteEnv: {
+    id: uuidv4(),
+    name: 'DeleteEnv',
+    resourceType: ResourceTypeEnum.Env,
+    displayName: $localize`:@@iam.action.delete-envs:Delete environments`,
+    description: $localize`:@@iam.action.delete-envs:Delete environments`,
+    isOpenAPIApplicable: true,
+    isSpecificApplicable: true
+  },
+  UpdateEnvSettings: {
+    id: uuidv4(),
+    name: 'UpdateEnvSettings',
+    resourceType: ResourceTypeEnum.Env,
+    displayName: $localize`:@@iam.action.update-env-settings:Update environment settings`,
+    description: $localize`:@@iam.action.update-env-settings:Update environment settings`,
+    isOpenAPIApplicable: true,
+    isSpecificApplicable: true
+  },
+  DeleteEnvSecret: {
+    id: uuidv4(),
+    name: 'DeleteEnvSecret',
+    resourceType: ResourceTypeEnum.Env,
+    displayName: $localize`:@@iam.action.delete-env-secret:Delete environment secret`,
+    description: $localize`:@@iam.action.delete-env-secret:Delete environment secret`,
+    isOpenAPIApplicable: true,
+    isSpecificApplicable: true
+  },
+  CreateEnvSecret: {
+    id: uuidv4(),
+    name: 'CreateEnvSecret',
+    resourceType: ResourceTypeEnum.Env,
+    displayName: $localize`:@@iam.action.create-env-secret:Create environment secret`,
+    description: $localize`:@@iam.action.create-env-secret:Create environment secret`,
+    isOpenAPIApplicable: true,
+    isSpecificApplicable: true
+  },
+  UpdateEnvSecret: {
+    id: uuidv4(),
+    name: 'UpdateEnvSecret',
+    resourceType: ResourceTypeEnum.Env,
+    displayName: $localize`:@@iam.action.update-env-secret:Update environment secret`,
+    description: $localize`:@@iam.action.update-env-secret:Update environment secret`,
+    isOpenAPIApplicable: true,
+    isSpecificApplicable: true
+  },
+
+  // account
+  UpdateOrgName: {
+    id: uuidv4(),
+    name: 'UpdateOrgName',
+    resourceType: ResourceTypeEnum.Account,
+    displayName: $localize`:@@iam.action.update-org-name:Update org name`,
+    description: $localize`:@@iam.action.update-org-name:Update org name`,
+    isOpenAPIApplicable: true,
+    isSpecificApplicable: false
+  },
+
+  // iam
+  CanManageIAM: {
+    id: uuidv4(),
+    name: 'CanManageIAM',
+    resourceType: ResourceTypeEnum.IAM,
+    displayName: $localize`:@@iam.action.iam:IAM`,
+    description: $localize`:@@iam.action.iam:IAM`,
+    isOpenAPIApplicable: true,
+    isSpecificApplicable: false
+  },
+
+  // access tokens
+  ListAccessTokens: {
+    id: uuidv4(),
+    name: 'ListAccessTokens',
+    resourceType: ResourceTypeEnum.AccessToken,
+    displayName: $localize`:@@iam.action.list-access-tokens:List access tokens`,
+    description: $localize`:@@iam.action.list-access-tokens:List access tokens`,
+    isOpenAPIApplicable: true,
+    isSpecificApplicable: false
+  },
+  ManageServiceAccessTokens: {
+    id: uuidv4(),
+    name: 'ManageServiceAccessTokens',
+    resourceType: ResourceTypeEnum.AccessToken,
+    displayName: $localize`:@@iam.action.manage-service-access-tokens:Manage service access tokens`,
+    description: $localize`:@@iam.action.manage-service-access-tokens:Manage service access tokens`,
+    isOpenAPIApplicable: true,
+    isSpecificApplicable: false
+  },
+  ManagePersonalAccessTokens: {
+    id: uuidv4(),
+    name: 'ManagePersonalAccessTokens',
+    resourceType: ResourceTypeEnum.AccessToken,
+    displayName: $localize`:@@iam.action.manage-personal-access-tokens:Manage personal access tokens`,
+    description: $localize`:@@iam.action.manage-personal-access-tokens:Manage personal access tokens`,
+    isOpenAPIApplicable: true,
+    isSpecificApplicable: false
+  },
+}
+
 export const resourceActionsDict: {[key: string]: IamPolicyAction[]} = {
   [ResourceTypeEnum.All]: [
     permissionActions.All,
diff --git a/modules/front-end/src/locale/messages.xlf b/modules/front-end/src/locale/messages.xlf
index dd6f1b03b..cc23986ae 100644
--- a/modules/front-end/src/locale/messages.xlf
+++ b/modules/front-end/src/locale/messages.xlf
@@ -394,7 +394,7 @@
         <source>You don&apos;t have permissions to take this action, please contact the admin to grant you the necessary permissions</source>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/core/components/access-token-drawer/access-token-drawer.component.ts</context>
-          <context context-type="linenumber">198</context>
+          <context context-type="linenumber">202</context>
         </context-group>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/core/services/permissions.service.ts</context>
@@ -405,11 +405,11 @@
         <source>Operation succeeded</source>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/core/components/access-token-drawer/access-token-drawer.component.ts</context>
-          <context context-type="linenumber">208</context>
+          <context context-type="linenumber">212</context>
         </context-group>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/core/components/access-token-drawer/access-token-drawer.component.ts</context>
-          <context context-type="linenumber">223</context>
+          <context context-type="linenumber">227</context>
         </context-group>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/core/components/expt-rules-drawer/expt-rules-drawer.component.ts</context>
@@ -620,7 +620,7 @@
         <source>Operation failed, please try again</source>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/core/components/access-token-drawer/access-token-drawer.component.ts</context>
-          <context context-type="linenumber">211</context>
+          <context context-type="linenumber">215</context>
         </context-group>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/core/components/metric-drawer/metric-drawer.component.ts</context>
@@ -668,15 +668,15 @@
         </context-group>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/features/safe/organizations/project/project.component.ts</context>
-          <context context-type="linenumber">253</context>
+          <context context-type="linenumber">252</context>
         </context-group>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/features/safe/organizations/project/project.component.ts</context>
-          <context context-type="linenumber">287</context>
+          <context context-type="linenumber">286</context>
         </context-group>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/features/safe/organizations/project/project.component.ts</context>
-          <context context-type="linenumber">303</context>
+          <context context-type="linenumber">302</context>
         </context-group>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/features/safe/segments/index/index.component.ts</context>
@@ -687,14 +687,14 @@
         <source>Policies are mandatory for service type access tokens</source>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/core/components/access-token-drawer/access-token-drawer.component.ts</context>
-          <context context-type="linenumber">232</context>
+          <context context-type="linenumber">236</context>
         </context-group>
       </trans-unit>
       <trans-unit id="common.copy-success" datatype="html">
         <source>Copied</source>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/core/components/access-token-drawer/access-token-drawer.component.ts</context>
-          <context context-type="linenumber">242</context>
+          <context context-type="linenumber">246</context>
         </context-group>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/core/components/header/header.component.ts</context>
@@ -750,7 +750,7 @@
         </context-group>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/features/safe/organizations/project/project.component.ts</context>
-          <context context-type="linenumber">181</context>
+          <context context-type="linenumber">180</context>
         </context-group>
       </trans-unit>
       <trans-unit id="auditlogs.operation-create" datatype="html">
@@ -2478,28 +2478,28 @@
         <source>Edit project</source>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/core/components/project-drawer/project-drawer.component.ts</context>
-          <context context-type="linenumber">30</context>
+          <context context-type="linenumber">29</context>
         </context-group>
       </trans-unit>
       <trans-unit id="org.project.addProject" datatype="html">
         <source>Add project</source>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/core/components/project-drawer/project-drawer.component.ts</context>
-          <context context-type="linenumber">33</context>
+          <context context-type="linenumber">32</context>
         </context-group>
       </trans-unit>
       <trans-unit id="org.project.projectUpdateSuccess" datatype="html">
         <source>Project successfully updated</source>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/core/components/project-drawer/project-drawer.component.ts</context>
-          <context context-type="linenumber">113</context>
+          <context context-type="linenumber">112</context>
         </context-group>
       </trans-unit>
       <trans-unit id="org.project.projectCreateSuccess" datatype="html">
         <source>Project successfully created</source>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/core/components/project-drawer/project-drawer.component.ts</context>
-          <context context-type="linenumber">126</context>
+          <context context-type="linenumber">125</context>
         </context-group>
       </trans-unit>
       <trans-unit id="users.idx.customized-user-properties" datatype="html">
@@ -5938,28 +5938,28 @@
         <source>Environment successfully removed</source>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/features/safe/organizations/project/project.component.ts</context>
-          <context context-type="linenumber">106</context>
+          <context context-type="linenumber">105</context>
         </context-group>
       </trans-unit>
       <trans-unit id="org.project.project-remove-success" datatype="html">
         <source>Project successfully removed</source>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/features/safe/organizations/project/project.component.ts</context>
-          <context context-type="linenumber">122</context>
+          <context context-type="linenumber">121</context>
         </context-group>
       </trans-unit>
       <trans-unit id="org.project.add-secret" datatype="html">
         <source>Add secret</source>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/features/safe/organizations/project/project.component.ts</context>
-          <context context-type="linenumber">205</context>
+          <context context-type="linenumber">204</context>
         </context-group>
       </trans-unit>
       <trans-unit id="org.project.edit-secret" datatype="html">
         <source>Edit secret: <x id="PH" equiv-text="secret.name"/></source>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/features/safe/organizations/project/project.component.ts</context>
-          <context context-type="linenumber">230</context>
+          <context context-type="linenumber">229</context>
         </context-group>
       </trans-unit>
       <trans-unit id="feature-flags" datatype="html">
@@ -6394,262 +6394,262 @@
           <context context-type="linenumber">76</context>
         </context-group>
       </trans-unit>
-      <trans-unit id="iam.action.all" datatype="html">
+      <trans-unit id="iam.rsc-type.all" datatype="html">
         <source>All</source>
         <context-group purpose="location">
-          <context context-type="sourcefile">src/app/shared/permissions.ts</context>
-          <context context-type="linenumber">17</context>
+          <context context-type="sourcefile">src/app/shared/policy.ts</context>
+          <context context-type="linenumber">71</context>
         </context-group>
+      </trans-unit>
+      <trans-unit id="iam.rsc-type.account" datatype="html">
+        <source>Account</source>
         <context-group purpose="location">
-          <context context-type="sourcefile">src/app/shared/permissions.ts</context>
-          <context context-type="linenumber">18</context>
+          <context context-type="sourcefile">src/app/shared/policy.ts</context>
+          <context context-type="linenumber">77</context>
         </context-group>
       </trans-unit>
-      <trans-unit id="iam.action.list-projects" datatype="html">
-        <source>List projects</source>
+      <trans-unit id="iam.rsc-type.iam" datatype="html">
+        <source>IAM</source>
         <context-group purpose="location">
-          <context context-type="sourcefile">src/app/shared/permissions.ts</context>
-          <context context-type="linenumber">25</context>
+          <context context-type="sourcefile">src/app/shared/policy.ts</context>
+          <context context-type="linenumber">83</context>
         </context-group>
+      </trans-unit>
+      <trans-unit id="iam.rsc-type.access-token" datatype="html">
+        <source>Access token</source>
         <context-group purpose="location">
-          <context context-type="sourcefile">src/app/shared/permissions.ts</context>
-          <context context-type="linenumber">26</context>
+          <context context-type="sourcefile">src/app/shared/policy.ts</context>
+          <context context-type="linenumber">89</context>
         </context-group>
       </trans-unit>
-      <trans-unit id="iam.action.create-projects" datatype="html">
-        <source>Create projects</source>
+      <trans-unit id="iam.rsc-type.project" datatype="html">
+        <source>Project</source>
         <context-group purpose="location">
-          <context context-type="sourcefile">src/app/shared/permissions.ts</context>
-          <context context-type="linenumber">33</context>
+          <context context-type="sourcefile">src/app/shared/policy.ts</context>
+          <context context-type="linenumber">94</context>
         </context-group>
+      </trans-unit>
+      <trans-unit id="iam.rsc-type.env" datatype="html">
+        <source>Environment</source>
         <context-group purpose="location">
-          <context context-type="sourcefile">src/app/shared/permissions.ts</context>
-          <context context-type="linenumber">34</context>
+          <context context-type="sourcefile">src/app/shared/policy.ts</context>
+          <context context-type="linenumber">100</context>
         </context-group>
       </trans-unit>
-      <trans-unit id="iam.action.delete-projects" datatype="html">
-        <source>Delete projects</source>
+      <trans-unit id="iam.policy.project" datatype="html">
+        <source>Project</source>
         <context-group purpose="location">
-          <context context-type="sourcefile">src/app/shared/permissions.ts</context>
-          <context context-type="linenumber">41</context>
+          <context context-type="sourcefile">src/app/shared/policy.ts</context>
+          <context context-type="linenumber">131</context>
         </context-group>
         <context-group purpose="location">
-          <context context-type="sourcefile">src/app/shared/permissions.ts</context>
-          <context context-type="linenumber">42</context>
+          <context context-type="sourcefile">src/app/shared/policy.ts</context>
+          <context context-type="linenumber">143</context>
         </context-group>
       </trans-unit>
-      <trans-unit id="iam.action.access-envs" datatype="html">
-        <source>Access environments</source>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/shared/permissions.ts</context>
-          <context context-type="linenumber">49</context>
-        </context-group>
+      <trans-unit id="iam.policy.environment" datatype="html">
+        <source>Environment</source>
         <context-group purpose="location">
-          <context context-type="sourcefile">src/app/shared/permissions.ts</context>
-          <context context-type="linenumber">50</context>
+          <context context-type="sourcefile">src/app/shared/policy.ts</context>
+          <context context-type="linenumber">153</context>
         </context-group>
       </trans-unit>
-      <trans-unit id="iam.action.update-project-settings" datatype="html">
-        <source>Update project settings</source>
+      <trans-unit id="iam.action.all" datatype="html">
+        <source>All</source>
         <context-group purpose="location">
-          <context context-type="sourcefile">src/app/shared/permissions.ts</context>
-          <context context-type="linenumber">57</context>
+          <context context-type="sourcefile">src/app/shared/policy.ts</context>
+          <context context-type="linenumber">166</context>
         </context-group>
         <context-group purpose="location">
-          <context context-type="sourcefile">src/app/shared/permissions.ts</context>
-          <context context-type="linenumber">58</context>
+          <context context-type="sourcefile">src/app/shared/policy.ts</context>
+          <context context-type="linenumber">167</context>
         </context-group>
       </trans-unit>
-      <trans-unit id="iam.action.list-envs" datatype="html">
-        <source>List environments</source>
+      <trans-unit id="iam.action.list-projects" datatype="html">
+        <source>List projects</source>
         <context-group purpose="location">
-          <context context-type="sourcefile">src/app/shared/permissions.ts</context>
-          <context context-type="linenumber">65</context>
+          <context context-type="sourcefile">src/app/shared/policy.ts</context>
+          <context context-type="linenumber">175</context>
         </context-group>
         <context-group purpose="location">
-          <context context-type="sourcefile">src/app/shared/permissions.ts</context>
-          <context context-type="linenumber">66</context>
+          <context context-type="sourcefile">src/app/shared/policy.ts</context>
+          <context context-type="linenumber">176</context>
         </context-group>
       </trans-unit>
-      <trans-unit id="iam.action.create-env" datatype="html">
-        <source>Create environment</source>
+      <trans-unit id="iam.action.create-projects" datatype="html">
+        <source>Create projects</source>
         <context-group purpose="location">
-          <context context-type="sourcefile">src/app/shared/permissions.ts</context>
-          <context context-type="linenumber">73</context>
+          <context context-type="sourcefile">src/app/shared/policy.ts</context>
+          <context context-type="linenumber">184</context>
         </context-group>
         <context-group purpose="location">
-          <context context-type="sourcefile">src/app/shared/permissions.ts</context>
-          <context context-type="linenumber">74</context>
+          <context context-type="sourcefile">src/app/shared/policy.ts</context>
+          <context context-type="linenumber">185</context>
         </context-group>
       </trans-unit>
-      <trans-unit id="iam.action.delete-envs" datatype="html">
-        <source>Delete environments</source>
+      <trans-unit id="iam.action.delete-projects" datatype="html">
+        <source>Delete projects</source>
         <context-group purpose="location">
-          <context context-type="sourcefile">src/app/shared/permissions.ts</context>
-          <context context-type="linenumber">81</context>
+          <context context-type="sourcefile">src/app/shared/policy.ts</context>
+          <context context-type="linenumber">193</context>
         </context-group>
         <context-group purpose="location">
-          <context context-type="sourcefile">src/app/shared/permissions.ts</context>
-          <context context-type="linenumber">82</context>
+          <context context-type="sourcefile">src/app/shared/policy.ts</context>
+          <context context-type="linenumber">194</context>
         </context-group>
       </trans-unit>
-      <trans-unit id="iam.action.update-env-settings" datatype="html">
-        <source>Update environment settings</source>
+      <trans-unit id="iam.action.update-project-settings" datatype="html">
+        <source>Update project settings</source>
         <context-group purpose="location">
-          <context context-type="sourcefile">src/app/shared/permissions.ts</context>
-          <context context-type="linenumber">89</context>
+          <context context-type="sourcefile">src/app/shared/policy.ts</context>
+          <context context-type="linenumber">202</context>
         </context-group>
         <context-group purpose="location">
-          <context context-type="sourcefile">src/app/shared/permissions.ts</context>
-          <context context-type="linenumber">90</context>
+          <context context-type="sourcefile">src/app/shared/policy.ts</context>
+          <context context-type="linenumber">203</context>
         </context-group>
       </trans-unit>
-      <trans-unit id="iam.action.delete-env-secret" datatype="html">
-        <source>Delete environment secret</source>
+      <trans-unit id="iam.action.list-envs" datatype="html">
+        <source>List environments</source>
         <context-group purpose="location">
-          <context context-type="sourcefile">src/app/shared/permissions.ts</context>
-          <context context-type="linenumber">97</context>
+          <context context-type="sourcefile">src/app/shared/policy.ts</context>
+          <context context-type="linenumber">211</context>
         </context-group>
         <context-group purpose="location">
-          <context context-type="sourcefile">src/app/shared/permissions.ts</context>
-          <context context-type="linenumber">98</context>
+          <context context-type="sourcefile">src/app/shared/policy.ts</context>
+          <context context-type="linenumber">212</context>
         </context-group>
       </trans-unit>
-      <trans-unit id="iam.action.create-env-secret" datatype="html">
-        <source>Create environment secret</source>
+      <trans-unit id="iam.action.create-env" datatype="html">
+        <source>Create environment</source>
         <context-group purpose="location">
-          <context context-type="sourcefile">src/app/shared/permissions.ts</context>
-          <context context-type="linenumber">105</context>
+          <context context-type="sourcefile">src/app/shared/policy.ts</context>
+          <context context-type="linenumber">220</context>
         </context-group>
         <context-group purpose="location">
-          <context context-type="sourcefile">src/app/shared/permissions.ts</context>
-          <context context-type="linenumber">106</context>
+          <context context-type="sourcefile">src/app/shared/policy.ts</context>
+          <context context-type="linenumber">221</context>
         </context-group>
       </trans-unit>
-      <trans-unit id="iam.action.update-env-secret" datatype="html">
-        <source>Update environment secret</source>
+      <trans-unit id="iam.action.access-envs" datatype="html">
+        <source>Access environments</source>
         <context-group purpose="location">
-          <context context-type="sourcefile">src/app/shared/permissions.ts</context>
-          <context context-type="linenumber">113</context>
+          <context context-type="sourcefile">src/app/shared/policy.ts</context>
+          <context context-type="linenumber">229</context>
         </context-group>
         <context-group purpose="location">
-          <context context-type="sourcefile">src/app/shared/permissions.ts</context>
-          <context context-type="linenumber">114</context>
+          <context context-type="sourcefile">src/app/shared/policy.ts</context>
+          <context context-type="linenumber">230</context>
         </context-group>
       </trans-unit>
-      <trans-unit id="iam.action.update-org-name" datatype="html">
-        <source>Update org name</source>
+      <trans-unit id="iam.action.delete-envs" datatype="html">
+        <source>Delete environments</source>
         <context-group purpose="location">
-          <context context-type="sourcefile">src/app/shared/permissions.ts</context>
-          <context context-type="linenumber">123</context>
+          <context context-type="sourcefile">src/app/shared/policy.ts</context>
+          <context context-type="linenumber">238</context>
         </context-group>
         <context-group purpose="location">
-          <context context-type="sourcefile">src/app/shared/permissions.ts</context>
-          <context context-type="linenumber">124</context>
+          <context context-type="sourcefile">src/app/shared/policy.ts</context>
+          <context context-type="linenumber">239</context>
         </context-group>
       </trans-unit>
-      <trans-unit id="iam.action.iam" datatype="html">
-        <source>IAM</source>
+      <trans-unit id="iam.action.update-env-settings" datatype="html">
+        <source>Update environment settings</source>
         <context-group purpose="location">
-          <context context-type="sourcefile">src/app/shared/permissions.ts</context>
-          <context context-type="linenumber">133</context>
+          <context context-type="sourcefile">src/app/shared/policy.ts</context>
+          <context context-type="linenumber">247</context>
         </context-group>
         <context-group purpose="location">
-          <context context-type="sourcefile">src/app/shared/permissions.ts</context>
-          <context context-type="linenumber">134</context>
+          <context context-type="sourcefile">src/app/shared/policy.ts</context>
+          <context context-type="linenumber">248</context>
         </context-group>
       </trans-unit>
-      <trans-unit id="iam.action.list-access-tokens" datatype="html">
-        <source>List access tokens</source>
+      <trans-unit id="iam.action.delete-env-secret" datatype="html">
+        <source>Delete environment secret</source>
         <context-group purpose="location">
-          <context context-type="sourcefile">src/app/shared/permissions.ts</context>
-          <context context-type="linenumber">143</context>
+          <context context-type="sourcefile">src/app/shared/policy.ts</context>
+          <context context-type="linenumber">256</context>
         </context-group>
         <context-group purpose="location">
-          <context context-type="sourcefile">src/app/shared/permissions.ts</context>
-          <context context-type="linenumber">144</context>
+          <context context-type="sourcefile">src/app/shared/policy.ts</context>
+          <context context-type="linenumber">257</context>
         </context-group>
       </trans-unit>
-      <trans-unit id="iam.action.manage-service-access-tokens" datatype="html">
-        <source>Manage service access tokens</source>
+      <trans-unit id="iam.action.create-env-secret" datatype="html">
+        <source>Create environment secret</source>
         <context-group purpose="location">
-          <context context-type="sourcefile">src/app/shared/permissions.ts</context>
-          <context context-type="linenumber">151</context>
+          <context context-type="sourcefile">src/app/shared/policy.ts</context>
+          <context context-type="linenumber">265</context>
         </context-group>
         <context-group purpose="location">
-          <context context-type="sourcefile">src/app/shared/permissions.ts</context>
-          <context context-type="linenumber">152</context>
+          <context context-type="sourcefile">src/app/shared/policy.ts</context>
+          <context context-type="linenumber">266</context>
         </context-group>
       </trans-unit>
-      <trans-unit id="iam.action.manage-personal-access-tokens" datatype="html">
-        <source>Manage personal access tokens</source>
+      <trans-unit id="iam.action.update-env-secret" datatype="html">
+        <source>Update environment secret</source>
         <context-group purpose="location">
-          <context context-type="sourcefile">src/app/shared/permissions.ts</context>
-          <context context-type="linenumber">159</context>
+          <context context-type="sourcefile">src/app/shared/policy.ts</context>
+          <context context-type="linenumber">274</context>
         </context-group>
         <context-group purpose="location">
-          <context context-type="sourcefile">src/app/shared/permissions.ts</context>
-          <context context-type="linenumber">160</context>
+          <context context-type="sourcefile">src/app/shared/policy.ts</context>
+          <context context-type="linenumber">275</context>
         </context-group>
       </trans-unit>
-      <trans-unit id="iam.rsc-type.all" datatype="html">
-        <source>All</source>
+      <trans-unit id="iam.action.update-org-name" datatype="html">
+        <source>Update org name</source>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/shared/policy.ts</context>
-          <context context-type="linenumber">61</context>
+          <context context-type="linenumber">285</context>
         </context-group>
-      </trans-unit>
-      <trans-unit id="iam.rsc-type.account" datatype="html">
-        <source>Account</source>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/shared/policy.ts</context>
-          <context context-type="linenumber">67</context>
+          <context context-type="linenumber">286</context>
         </context-group>
       </trans-unit>
-      <trans-unit id="iam.rsc-type.iam" datatype="html">
+      <trans-unit id="iam.action.iam" datatype="html">
         <source>IAM</source>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/shared/policy.ts</context>
-          <context context-type="linenumber">73</context>
+          <context context-type="linenumber">296</context>
         </context-group>
-      </trans-unit>
-      <trans-unit id="iam.rsc-type.access-token" datatype="html">
-        <source>Access token</source>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/shared/policy.ts</context>
-          <context context-type="linenumber">79</context>
+          <context context-type="linenumber">297</context>
         </context-group>
       </trans-unit>
-      <trans-unit id="iam.rsc-type.project" datatype="html">
-        <source>Project</source>
+      <trans-unit id="iam.action.list-access-tokens" datatype="html">
+        <source>List access tokens</source>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/shared/policy.ts</context>
-          <context context-type="linenumber">84</context>
+          <context context-type="linenumber">307</context>
         </context-group>
-      </trans-unit>
-      <trans-unit id="iam.rsc-type.env" datatype="html">
-        <source>Environment</source>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/shared/policy.ts</context>
-          <context context-type="linenumber">90</context>
+          <context context-type="linenumber">308</context>
         </context-group>
       </trans-unit>
-      <trans-unit id="iam.policy.project" datatype="html">
-        <source>Project</source>
+      <trans-unit id="iam.action.manage-service-access-tokens" datatype="html">
+        <source>Manage service access tokens</source>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/shared/policy.ts</context>
-          <context context-type="linenumber">121</context>
+          <context context-type="linenumber">316</context>
         </context-group>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/shared/policy.ts</context>
-          <context context-type="linenumber">133</context>
+          <context context-type="linenumber">317</context>
         </context-group>
       </trans-unit>
-      <trans-unit id="iam.policy.environment" datatype="html">
-        <source>Environment</source>
+      <trans-unit id="iam.action.manage-personal-access-tokens" datatype="html">
+        <source>Manage personal access tokens</source>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/shared/policy.ts</context>
-          <context context-type="linenumber">143</context>
+          <context context-type="linenumber">325</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/shared/policy.ts</context>
+          <context context-type="linenumber">326</context>
         </context-group>
       </trans-unit>
     </body>
diff --git a/modules/front-end/src/locale/messages.zh.xlf b/modules/front-end/src/locale/messages.zh.xlf
index 76092a4aa..2740acee4 100644
--- a/modules/front-end/src/locale/messages.zh.xlf
+++ b/modules/front-end/src/locale/messages.zh.xlf
@@ -405,7 +405,7 @@
         <source>You don&apos;t have permissions to take this action, please contact the admin to grant you the necessary permissions</source>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/core/components/access-token-drawer/access-token-drawer.component.ts</context>
-          <context context-type="linenumber">198</context>
+          <context context-type="linenumber">202</context>
         </context-group>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/core/services/permissions.service.ts</context>
@@ -417,11 +417,11 @@
         <source>Operation succeeded</source>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/core/components/access-token-drawer/access-token-drawer.component.ts</context>
-          <context context-type="linenumber">208</context>
+          <context context-type="linenumber">212</context>
         </context-group>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/core/components/access-token-drawer/access-token-drawer.component.ts</context>
-          <context context-type="linenumber">223</context>
+          <context context-type="linenumber">227</context>
         </context-group>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/core/components/expt-rules-drawer/expt-rules-drawer.component.ts</context>
@@ -633,7 +633,7 @@
         <source>Operation failed, please try again</source>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/core/components/access-token-drawer/access-token-drawer.component.ts</context>
-          <context context-type="linenumber">211</context>
+          <context context-type="linenumber">215</context>
         </context-group>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/core/components/metric-drawer/metric-drawer.component.ts</context>
@@ -681,15 +681,15 @@
         </context-group>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/features/safe/organizations/project/project.component.ts</context>
-          <context context-type="linenumber">253</context>
+          <context context-type="linenumber">252</context>
         </context-group>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/features/safe/organizations/project/project.component.ts</context>
-          <context context-type="linenumber">287</context>
+          <context context-type="linenumber">286</context>
         </context-group>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/features/safe/organizations/project/project.component.ts</context>
-          <context context-type="linenumber">303</context>
+          <context context-type="linenumber">302</context>
         </context-group>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/features/safe/segments/index/index.component.ts</context>
@@ -701,7 +701,7 @@
         <source>Policies are mandatory for service type access tokens</source>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/core/components/access-token-drawer/access-token-drawer.component.ts</context>
-          <context context-type="linenumber">232</context>
+          <context context-type="linenumber">236</context>
         </context-group>
         <target>策略不能为空</target>
       </trans-unit>
@@ -709,7 +709,7 @@
         <source>Copied</source>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/core/components/access-token-drawer/access-token-drawer.component.ts</context>
-          <context context-type="linenumber">242</context>
+          <context context-type="linenumber">246</context>
         </context-group>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/core/components/header/header.component.ts</context>
@@ -765,7 +765,7 @@
         </context-group>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/features/safe/organizations/project/project.component.ts</context>
-          <context context-type="linenumber">181</context>
+          <context context-type="linenumber">180</context>
         </context-group>
         <target>复制成功</target>
       </trans-unit>
@@ -2661,7 +2661,7 @@
         <source>Edit project</source>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/core/components/project-drawer/project-drawer.component.ts</context>
-          <context context-type="linenumber">30</context>
+          <context context-type="linenumber">29</context>
         </context-group>
         <target>编辑项目</target>
       </trans-unit>
@@ -2669,7 +2669,7 @@
         <source>Add project</source>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/core/components/project-drawer/project-drawer.component.ts</context>
-          <context context-type="linenumber">33</context>
+          <context context-type="linenumber">32</context>
         </context-group>
         <target>添加项目</target>
       </trans-unit>
@@ -2677,7 +2677,7 @@
         <source>Project successfully updated</source>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/core/components/project-drawer/project-drawer.component.ts</context>
-          <context context-type="linenumber">113</context>
+          <context context-type="linenumber">112</context>
         </context-group>
         <target>项目更新成功</target>
       </trans-unit>
@@ -2685,7 +2685,7 @@
         <source>Project successfully created</source>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/core/components/project-drawer/project-drawer.component.ts</context>
-          <context context-type="linenumber">126</context>
+          <context context-type="linenumber">125</context>
         </context-group>
         <target>项目创建成功</target>
       </trans-unit>
@@ -6513,7 +6513,7 @@
         <source>Environment successfully removed</source>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/features/safe/organizations/project/project.component.ts</context>
-          <context context-type="linenumber">106</context>
+          <context context-type="linenumber">105</context>
         </context-group>
         <target>环境创建成功</target>
       </trans-unit>
@@ -6521,7 +6521,7 @@
         <source>Project successfully removed</source>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/features/safe/organizations/project/project.component.ts</context>
-          <context context-type="linenumber">122</context>
+          <context context-type="linenumber">121</context>
         </context-group>
         <target>项目删除成功</target>
       </trans-unit>
@@ -6529,7 +6529,7 @@
         <source>Add secret</source>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/features/safe/organizations/project/project.component.ts</context>
-          <context context-type="linenumber">205</context>
+          <context context-type="linenumber">204</context>
         </context-group>
         <target>添加秘钥</target>
       </trans-unit>
@@ -6537,7 +6537,7 @@
         <source>Edit secret: <x id="PH" equiv-text="secret.name"/></source>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/features/safe/organizations/project/project.component.ts</context>
-          <context context-type="linenumber">230</context>
+          <context context-type="linenumber">229</context>
         </context-group>
         <target>编辑：<x id="PH" equiv-text="secret.name"/></target>
       </trans-unit>
@@ -7029,289 +7029,289 @@
         </context-group>
         <target>不包含用户</target>
       </trans-unit>
+      <trans-unit id="iam.rsc-type.all" datatype="html">
+        <source>All</source>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/shared/policy.ts</context>
+          <context context-type="linenumber">71</context>
+        </context-group>
+        <target>全部</target>
+      </trans-unit>
+      <trans-unit id="iam.rsc-type.account" datatype="html">
+        <source>Account</source>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/shared/policy.ts</context>
+          <context context-type="linenumber">77</context>
+        </context-group>
+        <target>账户管理</target>
+      </trans-unit>
+      <trans-unit id="iam.rsc-type.iam" datatype="html">
+        <source>IAM</source>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/shared/policy.ts</context>
+          <context context-type="linenumber">83</context>
+        </context-group>
+        <target>权限管理</target>
+      </trans-unit>
+      <trans-unit id="iam.rsc-type.access-token" datatype="html">
+        <source>Access token</source>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/shared/policy.ts</context>
+          <context context-type="linenumber">89</context>
+        </context-group>
+        <target>访问策略</target>
+      </trans-unit>
+      <trans-unit id="iam.rsc-type.project" datatype="html">
+        <source>Project</source>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/shared/policy.ts</context>
+          <context context-type="linenumber">94</context>
+        </context-group>
+        <target>项目</target>
+      </trans-unit>
+      <trans-unit id="iam.rsc-type.env" datatype="html">
+        <source>Environment</source>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/shared/policy.ts</context>
+          <context context-type="linenumber">100</context>
+        </context-group>
+        <target>环境</target>
+      </trans-unit>
+      <trans-unit id="iam.policy.project" datatype="html">
+        <source>Project</source>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/shared/policy.ts</context>
+          <context context-type="linenumber">131</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/shared/policy.ts</context>
+          <context context-type="linenumber">143</context>
+        </context-group>
+        <target>项目</target>
+      </trans-unit>
+      <trans-unit id="iam.policy.environment" datatype="html">
+        <source>Environment</source>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/shared/policy.ts</context>
+          <context context-type="linenumber">153</context>
+        </context-group>
+        <target>环境</target>
+      </trans-unit>
       <trans-unit id="iam.action.all" datatype="html">
         <source>All</source>
         <context-group purpose="location">
-          <context context-type="sourcefile">src/app/shared/permissions.ts</context>
-          <context context-type="linenumber">17</context>
+          <context context-type="sourcefile">src/app/shared/policy.ts</context>
+          <context context-type="linenumber">166</context>
         </context-group>
         <context-group purpose="location">
-          <context context-type="sourcefile">src/app/shared/permissions.ts</context>
-          <context context-type="linenumber">18</context>
+          <context context-type="sourcefile">src/app/shared/policy.ts</context>
+          <context context-type="linenumber">167</context>
         </context-group>
         <target>全部操作</target>
       </trans-unit>
       <trans-unit id="iam.action.list-projects" datatype="html">
         <source>List projects</source>
         <context-group purpose="location">
-          <context context-type="sourcefile">src/app/shared/permissions.ts</context>
-          <context context-type="linenumber">25</context>
+          <context context-type="sourcefile">src/app/shared/policy.ts</context>
+          <context context-type="linenumber">175</context>
         </context-group>
         <context-group purpose="location">
-          <context context-type="sourcefile">src/app/shared/permissions.ts</context>
-          <context context-type="linenumber">26</context>
+          <context context-type="sourcefile">src/app/shared/policy.ts</context>
+          <context context-type="linenumber">176</context>
         </context-group>
         <target>查看项目列表</target>
       </trans-unit>
       <trans-unit id="iam.action.create-projects" datatype="html">
         <source>Create projects</source>
         <context-group purpose="location">
-          <context context-type="sourcefile">src/app/shared/permissions.ts</context>
-          <context context-type="linenumber">33</context>
+          <context context-type="sourcefile">src/app/shared/policy.ts</context>
+          <context context-type="linenumber">184</context>
         </context-group>
         <context-group purpose="location">
-          <context context-type="sourcefile">src/app/shared/permissions.ts</context>
-          <context context-type="linenumber">34</context>
+          <context context-type="sourcefile">src/app/shared/policy.ts</context>
+          <context context-type="linenumber">185</context>
         </context-group>
         <target>创建项目</target>
       </trans-unit>
       <trans-unit id="iam.action.delete-projects" datatype="html">
         <source>Delete projects</source>
         <context-group purpose="location">
-          <context context-type="sourcefile">src/app/shared/permissions.ts</context>
-          <context context-type="linenumber">41</context>
+          <context context-type="sourcefile">src/app/shared/policy.ts</context>
+          <context context-type="linenumber">193</context>
         </context-group>
         <context-group purpose="location">
-          <context context-type="sourcefile">src/app/shared/permissions.ts</context>
-          <context context-type="linenumber">42</context>
+          <context context-type="sourcefile">src/app/shared/policy.ts</context>
+          <context context-type="linenumber">194</context>
         </context-group>
         <target>删除项目</target>
       </trans-unit>
-      <trans-unit id="iam.action.access-envs" datatype="html">
-        <source>Access environments</source>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/shared/permissions.ts</context>
-          <context context-type="linenumber">49</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/shared/permissions.ts</context>
-          <context context-type="linenumber">50</context>
-        </context-group>
-        <target>进入环境</target>
-      </trans-unit>
       <trans-unit id="iam.action.update-project-settings" datatype="html">
         <source>Update project settings</source>
         <context-group purpose="location">
-          <context context-type="sourcefile">src/app/shared/permissions.ts</context>
-          <context context-type="linenumber">57</context>
+          <context context-type="sourcefile">src/app/shared/policy.ts</context>
+          <context context-type="linenumber">202</context>
         </context-group>
         <context-group purpose="location">
-          <context context-type="sourcefile">src/app/shared/permissions.ts</context>
-          <context context-type="linenumber">58</context>
+          <context context-type="sourcefile">src/app/shared/policy.ts</context>
+          <context context-type="linenumber">203</context>
         </context-group>
         <target>修改项目设置</target>
       </trans-unit>
       <trans-unit id="iam.action.list-envs" datatype="html">
         <source>List environments</source>
         <context-group purpose="location">
-          <context context-type="sourcefile">src/app/shared/permissions.ts</context>
-          <context context-type="linenumber">65</context>
+          <context context-type="sourcefile">src/app/shared/policy.ts</context>
+          <context context-type="linenumber">211</context>
         </context-group>
         <context-group purpose="location">
-          <context context-type="sourcefile">src/app/shared/permissions.ts</context>
-          <context context-type="linenumber">66</context>
+          <context context-type="sourcefile">src/app/shared/policy.ts</context>
+          <context context-type="linenumber">212</context>
         </context-group>
         <target>查看环境列表</target>
       </trans-unit>
       <trans-unit id="iam.action.create-env" datatype="html">
         <source>Create environment</source>
         <context-group purpose="location">
-          <context context-type="sourcefile">src/app/shared/permissions.ts</context>
-          <context context-type="linenumber">73</context>
+          <context context-type="sourcefile">src/app/shared/policy.ts</context>
+          <context context-type="linenumber">220</context>
         </context-group>
         <context-group purpose="location">
-          <context context-type="sourcefile">src/app/shared/permissions.ts</context>
-          <context context-type="linenumber">74</context>
+          <context context-type="sourcefile">src/app/shared/policy.ts</context>
+          <context context-type="linenumber">221</context>
         </context-group>
         <target>创建环境</target>
       </trans-unit>
+      <trans-unit id="iam.action.access-envs" datatype="html">
+        <source>Access environments</source>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/shared/policy.ts</context>
+          <context context-type="linenumber">229</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/shared/policy.ts</context>
+          <context context-type="linenumber">230</context>
+        </context-group>
+        <target>进入环境</target>
+      </trans-unit>
       <trans-unit id="iam.action.delete-envs" datatype="html">
         <source>Delete environments</source>
         <context-group purpose="location">
-          <context context-type="sourcefile">src/app/shared/permissions.ts</context>
-          <context context-type="linenumber">81</context>
+          <context context-type="sourcefile">src/app/shared/policy.ts</context>
+          <context context-type="linenumber">238</context>
         </context-group>
         <context-group purpose="location">
-          <context context-type="sourcefile">src/app/shared/permissions.ts</context>
-          <context context-type="linenumber">82</context>
+          <context context-type="sourcefile">src/app/shared/policy.ts</context>
+          <context context-type="linenumber">239</context>
         </context-group>
         <target>删除环境</target>
       </trans-unit>
       <trans-unit id="iam.action.update-env-settings" datatype="html">
         <source>Update environment settings</source>
         <context-group purpose="location">
-          <context context-type="sourcefile">src/app/shared/permissions.ts</context>
-          <context context-type="linenumber">89</context>
+          <context context-type="sourcefile">src/app/shared/policy.ts</context>
+          <context context-type="linenumber">247</context>
         </context-group>
         <context-group purpose="location">
-          <context context-type="sourcefile">src/app/shared/permissions.ts</context>
-          <context context-type="linenumber">90</context>
+          <context context-type="sourcefile">src/app/shared/policy.ts</context>
+          <context context-type="linenumber">248</context>
         </context-group>
         <target>修改环境设置</target>
       </trans-unit>
       <trans-unit id="iam.action.delete-env-secret" datatype="html">
         <source>Delete environment secret</source>
         <context-group purpose="location">
-          <context context-type="sourcefile">src/app/shared/permissions.ts</context>
-          <context context-type="linenumber">97</context>
+          <context context-type="sourcefile">src/app/shared/policy.ts</context>
+          <context context-type="linenumber">256</context>
         </context-group>
         <context-group purpose="location">
-          <context context-type="sourcefile">src/app/shared/permissions.ts</context>
-          <context context-type="linenumber">98</context>
+          <context context-type="sourcefile">src/app/shared/policy.ts</context>
+          <context context-type="linenumber">257</context>
         </context-group>
         <target>删除环境秘钥</target>
       </trans-unit>
       <trans-unit id="iam.action.create-env-secret" datatype="html">
         <source>Create environment secret</source>
         <context-group purpose="location">
-          <context context-type="sourcefile">src/app/shared/permissions.ts</context>
-          <context context-type="linenumber">105</context>
+          <context context-type="sourcefile">src/app/shared/policy.ts</context>
+          <context context-type="linenumber">265</context>
         </context-group>
         <context-group purpose="location">
-          <context context-type="sourcefile">src/app/shared/permissions.ts</context>
-          <context context-type="linenumber">106</context>
+          <context context-type="sourcefile">src/app/shared/policy.ts</context>
+          <context context-type="linenumber">266</context>
         </context-group>
         <target>创建环境秘钥</target>
       </trans-unit>
       <trans-unit id="iam.action.update-env-secret" datatype="html">
         <source>Update environment secret</source>
         <context-group purpose="location">
-          <context context-type="sourcefile">src/app/shared/permissions.ts</context>
-          <context context-type="linenumber">113</context>
+          <context context-type="sourcefile">src/app/shared/policy.ts</context>
+          <context context-type="linenumber">274</context>
         </context-group>
         <context-group purpose="location">
-          <context context-type="sourcefile">src/app/shared/permissions.ts</context>
-          <context context-type="linenumber">114</context>
+          <context context-type="sourcefile">src/app/shared/policy.ts</context>
+          <context context-type="linenumber">275</context>
         </context-group>
         <target>修改环境秘钥</target>
       </trans-unit>
       <trans-unit id="iam.action.update-org-name" datatype="html">
         <source>Update org name</source>
         <context-group purpose="location">
-          <context context-type="sourcefile">src/app/shared/permissions.ts</context>
-          <context context-type="linenumber">123</context>
+          <context context-type="sourcefile">src/app/shared/policy.ts</context>
+          <context context-type="linenumber">285</context>
         </context-group>
         <context-group purpose="location">
-          <context context-type="sourcefile">src/app/shared/permissions.ts</context>
-          <context context-type="linenumber">124</context>
+          <context context-type="sourcefile">src/app/shared/policy.ts</context>
+          <context context-type="linenumber">286</context>
         </context-group>
         <target>修改机构名称</target>
       </trans-unit>
       <trans-unit id="iam.action.iam" datatype="html">
         <source>IAM</source>
         <context-group purpose="location">
-          <context context-type="sourcefile">src/app/shared/permissions.ts</context>
-          <context context-type="linenumber">133</context>
+          <context context-type="sourcefile">src/app/shared/policy.ts</context>
+          <context context-type="linenumber">296</context>
         </context-group>
         <context-group purpose="location">
-          <context context-type="sourcefile">src/app/shared/permissions.ts</context>
-          <context context-type="linenumber">134</context>
+          <context context-type="sourcefile">src/app/shared/policy.ts</context>
+          <context context-type="linenumber">297</context>
         </context-group>
         <target>权限管理</target>
       </trans-unit>
       <trans-unit id="iam.action.list-access-tokens" datatype="html">
         <source>List access tokens</source>
         <context-group purpose="location">
-          <context context-type="sourcefile">src/app/shared/permissions.ts</context>
-          <context context-type="linenumber">143</context>
+          <context context-type="sourcefile">src/app/shared/policy.ts</context>
+          <context context-type="linenumber">307</context>
         </context-group>
         <context-group purpose="location">
-          <context context-type="sourcefile">src/app/shared/permissions.ts</context>
-          <context context-type="linenumber">144</context>
+          <context context-type="sourcefile">src/app/shared/policy.ts</context>
+          <context context-type="linenumber">308</context>
         </context-group>
         <target>查看访问策略列表</target>
       </trans-unit>
       <trans-unit id="iam.action.manage-service-access-tokens" datatype="html">
         <source>Manage service access tokens</source>
         <context-group purpose="location">
-          <context context-type="sourcefile">src/app/shared/permissions.ts</context>
-          <context context-type="linenumber">151</context>
+          <context context-type="sourcefile">src/app/shared/policy.ts</context>
+          <context context-type="linenumber">316</context>
         </context-group>
         <context-group purpose="location">
-          <context context-type="sourcefile">src/app/shared/permissions.ts</context>
-          <context context-type="linenumber">152</context>
+          <context context-type="sourcefile">src/app/shared/policy.ts</context>
+          <context context-type="linenumber">317</context>
         </context-group>
         <target>管理 Service 访问策略</target>
       </trans-unit>
       <trans-unit id="iam.action.manage-personal-access-tokens" datatype="html">
         <source>Manage personal access tokens</source>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/shared/permissions.ts</context>
-          <context context-type="linenumber">159</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/shared/permissions.ts</context>
-          <context context-type="linenumber">160</context>
-        </context-group>
-        <target>管理 Personal 访问策略</target>
-      </trans-unit>
-      <trans-unit id="iam.rsc-type.all" datatype="html">
-        <source>All</source>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/shared/policy.ts</context>
-          <context context-type="linenumber">61</context>
+          <context context-type="linenumber">325</context>
         </context-group>
-        <target>全部</target>
-      </trans-unit>
-      <trans-unit id="iam.rsc-type.account" datatype="html">
-        <source>Account</source>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/shared/policy.ts</context>
-          <context context-type="linenumber">67</context>
-        </context-group>
-        <target>账户管理</target>
-      </trans-unit>
-      <trans-unit id="iam.rsc-type.iam" datatype="html">
-        <source>IAM</source>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/shared/policy.ts</context>
-          <context context-type="linenumber">73</context>
-        </context-group>
-        <target>权限管理</target>
-      </trans-unit>
-      <trans-unit id="iam.rsc-type.access-token" datatype="html">
-        <source>Access token</source>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/shared/policy.ts</context>
-          <context context-type="linenumber">79</context>
-        </context-group>
-        <target>访问策略</target>
-      </trans-unit>
-      <trans-unit id="iam.rsc-type.project" datatype="html">
-        <source>Project</source>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/shared/policy.ts</context>
-          <context context-type="linenumber">84</context>
-        </context-group>
-        <target>项目</target>
-      </trans-unit>
-      <trans-unit id="iam.rsc-type.env" datatype="html">
-        <source>Environment</source>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/shared/policy.ts</context>
-          <context context-type="linenumber">90</context>
-        </context-group>
-        <target>环境</target>
-      </trans-unit>
-      <trans-unit id="iam.policy.project" datatype="html">
-        <source>Project</source>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/shared/policy.ts</context>
-          <context context-type="linenumber">121</context>
-        </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/shared/policy.ts</context>
-          <context context-type="linenumber">133</context>
-        </context-group>
-        <target>项目</target>
-      </trans-unit>
-      <trans-unit id="iam.policy.environment" datatype="html">
-        <source>Environment</source>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/shared/policy.ts</context>
-          <context context-type="linenumber">143</context>
+          <context context-type="linenumber">326</context>
         </context-group>
-        <target>环境</target>
+        <target>管理 Personal 访问策略</target>
       </trans-unit>
     </body>
   </file>

From 2984fac7daf02464e56561383ce8529ac9859e74 Mon Sep 17 00:00:00 2001
From: cosmos-explorer <lian.yang.work@gmail.com>
Date: Thu, 16 Mar 2023 10:30:00 +0100
Subject: [PATCH 31/44] refactor

---
 .../policy-editor/policy-editor.component.ts  |  9 +++--
 modules/front-end/src/app/shared/policy.ts    | 33 -------------------
 modules/front-end/src/locale/messages.xlf     | 10 +++---
 modules/front-end/src/locale/messages.zh.xlf  | 10 +++---
 4 files changed, 14 insertions(+), 48 deletions(-)

diff --git a/modules/front-end/src/app/features/safe/iam/components/policy-editor/policy-editor.component.ts b/modules/front-end/src/app/features/safe/iam/components/policy-editor/policy-editor.component.ts
index b451dd2ca..5a3528719 100644
--- a/modules/front-end/src/app/features/safe/iam/components/policy-editor/policy-editor.component.ts
+++ b/modules/front-end/src/app/features/safe/iam/components/policy-editor/policy-editor.component.ts
@@ -3,9 +3,8 @@ import {
   EffectEnum,
   IamPolicyAction,
   IPolicyStatement,
-  isResourceGeneral,
+  isResourceGeneral, permissionActions,
   Resource,
-  resourceActionsDict,
   resourcesTypes,
   ResourceType
 } from "@shared/policy";
@@ -32,7 +31,7 @@ class PolicyStatementViewModel {
       this.resourceType = resourcesTypes.find(rt => rt.type === statement.resourceType) || null;
       this.effect = statement.effect === 'allow' ? EffectEnum.Allow : EffectEnum.Deny;
 
-      const allActions = Object.keys(resourceActionsDict).flatMap(p => resourceActionsDict[p]);
+      const allActions = [...Object.values(permissionActions)];
       this.selectedActions = statement.actions.map(act => {
         const find = allActions.find(a => act === a.name);
         return find || act as unknown as IamPolicyAction;
@@ -42,7 +41,7 @@ class PolicyStatementViewModel {
 
       // All the resources here are the same type, and if it's general type, resources only contains one element
       const isGeneralResource = isResourceGeneral(this.resourceType?.type, statement.resources[0]);
-      this.availableActions = resourceActionsDict[this.resourceType?.type].filter((rs) => isGeneralResource || rs.isSpecificApplicable);
+      this.availableActions = [...Object.values(permissionActions)].filter((rs) => rs.resourceType === this.resourceType?.type && (isGeneralResource || rs.isSpecificApplicable));
     } else {
       this.id = uuidv4();
       this.effect = EffectEnum.Allow;
@@ -69,7 +68,7 @@ class PolicyStatementViewModel {
     // All the resources here are the same type, and if it's general type, resources only contains one element
     const isGeneralResource = isResourceGeneral(resources[0].type, resources[0].rn);
 
-    this.availableActions = resourceActionsDict[this.resourceType?.type].filter((rs) => isGeneralResource || rs.isSpecificApplicable);
+    this.availableActions = [...Object.values(permissionActions)].filter((rs) => rs.resourceType === this.resourceType?.type && (isGeneralResource || rs.isSpecificApplicable));
   }
 
   getOutput(): IPolicyStatement {
diff --git a/modules/front-end/src/app/shared/policy.ts b/modules/front-end/src/app/shared/policy.ts
index e80ecd4c0..42a9acec9 100644
--- a/modules/front-end/src/app/shared/policy.ts
+++ b/modules/front-end/src/app/shared/policy.ts
@@ -329,39 +329,6 @@ export const permissionActions: {[key: string]: IamPolicyAction} = {
   },
 }
 
-export const resourceActionsDict: {[key: string]: IamPolicyAction[]} = {
-  [ResourceTypeEnum.All]: [
-    permissionActions.All,
-  ],
-  [ResourceTypeEnum.Account]: [
-    permissionActions.UpdateOrgName
-  ],
-  [ResourceTypeEnum.IAM]: [
-    permissionActions.CanManageIAM,
-  ],
-  [ResourceTypeEnum.AccessToken]: [
-    permissionActions.ListAccessTokens,
-    permissionActions.ManageServiceAccessTokens,
-    permissionActions.ManagePersonalAccessTokens,
-  ],
-  [ResourceTypeEnum.Project]: [
-    permissionActions.ListProjects,
-    permissionActions.CreateProject,
-    permissionActions.DeleteProject,
-    permissionActions.UpdateProjectSettings,
-    permissionActions.ListEnvs,
-    permissionActions.CreateEnv,
-  ],
-  [ResourceTypeEnum.Env]: [
-    permissionActions.AccessEnvs,
-    permissionActions.DeleteEnv,
-    permissionActions.UpdateEnvSettings,
-    permissionActions.DeleteEnvSecret,
-    permissionActions.CreateEnvSecret,
-    permissionActions.UpdateEnvSecret,
-  ]
-}
-
 // check if the resource is a general resource
 // if returns false, that means the actions which cannot be applied to a specific resource should be hidden
 // ex: ListProjects should not be avaible for a specific project: project/abc
diff --git a/modules/front-end/src/locale/messages.xlf b/modules/front-end/src/locale/messages.xlf
index cc23986ae..a4911a949 100644
--- a/modules/front-end/src/locale/messages.xlf
+++ b/modules/front-end/src/locale/messages.xlf
@@ -722,7 +722,7 @@
         </context-group>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/features/safe/iam/components/policy-editor/policy-editor.component.ts</context>
-          <context context-type="linenumber">131</context>
+          <context context-type="linenumber">130</context>
         </context-group>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/features/safe/iam/groups/details/setting/setting.component.ts</context>
@@ -1421,11 +1421,11 @@
         </context-group>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/features/safe/iam/components/policy-editor/policy-editor.component.ts</context>
-          <context context-type="linenumber">133</context>
+          <context context-type="linenumber">132</context>
         </context-group>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/features/safe/iam/components/policy-editor/policy-editor.component.ts</context>
-          <context context-type="linenumber">136</context>
+          <context context-type="linenumber">135</context>
         </context-group>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/features/safe/iam/groups/details/policies/policies.component.ts</context>
@@ -4980,7 +4980,7 @@
         </context-group>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/features/safe/iam/components/policy-editor/policy-editor.component.ts</context>
-          <context context-type="linenumber">143</context>
+          <context context-type="linenumber">142</context>
         </context-group>
       </trans-unit>
       <trans-unit id="common.copy" datatype="html">
@@ -5012,7 +5012,7 @@
         <source>Make sure resource and operation are set for all permissions</source>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/features/safe/iam/components/policy-editor/policy-editor.component.ts</context>
-          <context context-type="linenumber">149</context>
+          <context context-type="linenumber">148</context>
         </context-group>
       </trans-unit>
       <trans-unit id="iam.policies.details.resource" datatype="html">
diff --git a/modules/front-end/src/locale/messages.zh.xlf b/modules/front-end/src/locale/messages.zh.xlf
index 2740acee4..5a2292d3f 100644
--- a/modules/front-end/src/locale/messages.zh.xlf
+++ b/modules/front-end/src/locale/messages.zh.xlf
@@ -737,7 +737,7 @@
         </context-group>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/features/safe/iam/components/policy-editor/policy-editor.component.ts</context>
-          <context context-type="linenumber">131</context>
+          <context context-type="linenumber">130</context>
         </context-group>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/features/safe/iam/groups/details/setting/setting.component.ts</context>
@@ -1497,11 +1497,11 @@
         </context-group>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/features/safe/iam/components/policy-editor/policy-editor.component.ts</context>
-          <context context-type="linenumber">133</context>
+          <context context-type="linenumber">132</context>
         </context-group>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/features/safe/iam/components/policy-editor/policy-editor.component.ts</context>
-          <context context-type="linenumber">136</context>
+          <context context-type="linenumber">135</context>
         </context-group>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/features/safe/iam/groups/details/policies/policies.component.ts</context>
@@ -5428,7 +5428,7 @@
         </context-group>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/features/safe/iam/components/policy-editor/policy-editor.component.ts</context>
-          <context context-type="linenumber">143</context>
+          <context context-type="linenumber">142</context>
         </context-group>
         <target>系统托管策略不允许被修改。 如确有需要，可以复制以后再根据需求进行修改。</target>
       </trans-unit>
@@ -5464,7 +5464,7 @@
         <source>Make sure resource and operation are set for all permissions</source>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/features/safe/iam/components/policy-editor/policy-editor.component.ts</context>
-          <context context-type="linenumber">149</context>
+          <context context-type="linenumber">148</context>
         </context-group>
         <target>请确保已设置所有权限的资源和操作</target>
       </trans-unit>

From ee542fe00e2e5f53c23b69b53d27d89fd6a4c1de Mon Sep 17 00:00:00 2001
From: cosmos-explorer <lian.yang.work@gmail.com>
Date: Thu, 16 Mar 2023 12:33:32 +0100
Subject: [PATCH 32/44] check permissions when creating access token

---
 .../AccessTokens/CreateAccessToken.cs         | 46 +++++++++++++++++--
 .../src/Application/Bases/ErrorCodes.cs       |  1 +
 .../app/core/services/permissions.service.ts  |  2 +-
 3 files changed, 43 insertions(+), 6 deletions(-)

diff --git a/modules/back-end/src/Application/AccessTokens/CreateAccessToken.cs b/modules/back-end/src/Application/AccessTokens/CreateAccessToken.cs
index c16d491cc..04c80f83a 100644
--- a/modules/back-end/src/Application/AccessTokens/CreateAccessToken.cs
+++ b/modules/back-end/src/Application/AccessTokens/CreateAccessToken.cs
@@ -1,5 +1,6 @@
+using System.Text.RegularExpressions;
 using Application.Bases;
-using Application.Policies;
+using Application.Bases.Exceptions;
 using Application.Users;
 using Domain.AccessTokens;
 using Domain.Policies;
@@ -36,16 +37,16 @@ public CreateAccessTokenValidator()
 
 public class CreateAccessTokenHandler : IRequestHandler<CreateAccessToken, AccessTokenVm>
 {
-    private readonly IPolicyService _policyService;
+    private readonly IMemberService _memberService;
     private readonly ICurrentUser _currentUser;
     private readonly IAccessTokenService _service;
     private readonly IMapper _mapper;
 
-    public CreateAccessTokenHandler(IAccessTokenService service, IPolicyService policyService, ICurrentUser currentUser, IMapper mapper)
+    public CreateAccessTokenHandler(IAccessTokenService service, IMemberService memberService, ICurrentUser currentUser, IMapper mapper)
     {
         _service = service;
         _currentUser = currentUser;
-        _policyService = policyService;
+        _memberService = memberService;
         _mapper = mapper;
     }
 
@@ -54,7 +55,30 @@ public async Task<AccessTokenVm> Handle(CreateAccessToken request, CancellationT
         var permissions = request.Permissions;
         if (request.Type == AccessTokenTypes.Service)
         {
-            // TODO check currentUser has all the permissions
+            var authorizedPolices = await _memberService.GetPoliciesAsync(request.OrganizationId, _currentUser.Id);
+            var ownerPolicy = authorizedPolices.FirstOrDefault((x) => x.Name == "Owner");
+            if (ownerPolicy != null)
+            {
+                permissions = request.Permissions;
+            }
+            else
+            {
+                var haveUnauthorizedPermissions = request.Permissions.Any(x =>
+                {
+                    var matchedPolicy = authorizedPolices.FirstOrDefault(policy =>
+                        policy.Statements.Any(statement =>
+                            statement.ResourceType == x.ResourceType && statement.Effect == "allow" &&
+                            x.Resources.All(rsc => statement.Resources.Any(resource => MatchRule(rsc, resource))) &&
+                            x.Actions.All(act => statement.Actions.Any(action => MatchRule(act, action)))));
+                    
+                    return matchedPolicy == null;
+                });
+
+                if (haveUnauthorizedPermissions)
+                {
+                    throw new BusinessException(ErrorCodes.Forbidden);
+                }
+            }
         }
         
         var accessToken = new AccessToken(request.OrganizationId, _currentUser.Id, request.Name, request.Type, permissions);
@@ -63,4 +87,16 @@ public async Task<AccessTokenVm> Handle(CreateAccessToken request, CancellationT
 
         return _mapper.Map<AccessTokenVm>(accessToken);
     }
+
+    // use "*" (star) as a wildcard for example:
+    // "a*b" => everything that starts with "a" and ends with "b"
+    // "a*" => everything that starts with "a"
+    // "*b" => everything that ends with "b"
+    // "*a*" => everything that has an "a" in it
+    // "*a*b*"=> everything that has an "a" in it, followed by anything, followed by a "b", followed by anything
+    private bool MatchRule(string str, string rule)
+    {
+        Func<string, string> escapeRegex = (s) => Regex.Replace(s, "([.*+?^=!:${}()|\\[\\]\\\\/])", "\\$1");
+        return new Regex("^" + rule.Split('*').Select(escapeRegex).Aggregate((x, y) => x + ".*" + y) + "$").IsMatch(str);
+    }
 }
\ No newline at end of file
diff --git a/modules/back-end/src/Application/Bases/ErrorCodes.cs b/modules/back-end/src/Application/Bases/ErrorCodes.cs
index 581e2af2d..2fe1a370f 100644
--- a/modules/back-end/src/Application/Bases/ErrorCodes.cs
+++ b/modules/back-end/src/Application/Bases/ErrorCodes.cs
@@ -5,6 +5,7 @@ public static class ErrorCodes
     // general
     public const string InternalServerError = nameof(InternalServerError);
     public const string Unauthorized = nameof(Unauthorized);
+    public const string Forbidden = nameof(Forbidden);
 
     // application
     public const string ResourceNotFound = nameof(ResourceNotFound);
diff --git a/modules/front-end/src/app/core/services/permissions.service.ts b/modules/front-end/src/app/core/services/permissions.service.ts
index 58a7b52bb..8ffe78fc2 100644
--- a/modules/front-end/src/app/core/services/permissions.service.ts
+++ b/modules/front-end/src/app/core/services/permissions.service.ts
@@ -28,7 +28,7 @@ export class PermissionsService {
   // "*b" => everything that ends with "b"
   // "*a*" => everything that has an "a" in it
   // "*a*b*"=> everything that has an "a" in it, followed by anything, followed by a "b", followed by anything
-  private matchRule(str, rule) {
+  private matchRule(str: string, rule: string): boolean {
     var escapeRegex = (s) => s.replace(/([.*+?^=!:${}()|\[\]\/\\])/g, "\\$1");
     return new RegExp("^" + rule.split("*").map(escapeRegex).join(".*") + "$").test(str);
   }

From 115e7f50d634cd07be3693dce6e04c96d1ea5cf1 Mon Sep 17 00:00:00 2001
From: cosmos-explorer <lian.yang.work@gmail.com>
Date: Thu, 16 Mar 2023 12:46:36 +0100
Subject: [PATCH 33/44] prevent creating access tokens with the same name &&
 ignore case when checking if name is used

---
 .../src/Application/AccessTokens/CreateAccessToken.cs    | 9 ++++++++-
 .../Application/AccessTokens/IsAccessTokenNameUsed.cs    | 2 +-
 modules/back-end/src/Application/Bases/ErrorCodes.cs     | 1 +
 .../back-end/src/Application/Groups/IsGroupNameUsed.cs   | 2 +-
 .../src/Application/Policies/IsPolicyNameUsed.cs         | 2 +-
 .../src/Application/Segments/IsSegmentNameUsed.cs        | 2 +-
 6 files changed, 13 insertions(+), 5 deletions(-)

diff --git a/modules/back-end/src/Application/AccessTokens/CreateAccessToken.cs b/modules/back-end/src/Application/AccessTokens/CreateAccessToken.cs
index 04c80f83a..c76ab8086 100644
--- a/modules/back-end/src/Application/AccessTokens/CreateAccessToken.cs
+++ b/modules/back-end/src/Application/AccessTokens/CreateAccessToken.cs
@@ -80,7 +80,14 @@ public async Task<AccessTokenVm> Handle(CreateAccessToken request, CancellationT
                 }
             }
         }
-        
+
+        var existingAt = await _service.FindOneAsync(at => string.Equals(at.Name, request.Name, StringComparison.OrdinalIgnoreCase));
+
+        if (existingAt != null)
+        {
+            throw new BusinessException(ErrorCodes.EntityExistsAlready);
+        }
+
         var accessToken = new AccessToken(request.OrganizationId, _currentUser.Id, request.Name, request.Type, permissions);
 
         await _service.AddOneAsync(accessToken);
diff --git a/modules/back-end/src/Application/AccessTokens/IsAccessTokenNameUsed.cs b/modules/back-end/src/Application/AccessTokens/IsAccessTokenNameUsed.cs
index 3dfaf7f46..e90a63487 100644
--- a/modules/back-end/src/Application/AccessTokens/IsAccessTokenNameUsed.cs
+++ b/modules/back-end/src/Application/AccessTokens/IsAccessTokenNameUsed.cs
@@ -19,7 +19,7 @@ public IsAccessTokenNameUsedHandler(IAccessTokenService service)
     public async Task<bool> Handle(IsAccessTokenNameUsed request, CancellationToken cancellationToken)
     {
         var isNameUsed =
-            await _service.AnyAsync(x => x.OrganizationId == request.OrganizationId && x.Name == request.Name);
+            await _service.AnyAsync(x => x.OrganizationId == request.OrganizationId && string.Equals(x.Name, request.Name, StringComparison.OrdinalIgnoreCase));
 
         return isNameUsed;
     }
diff --git a/modules/back-end/src/Application/Bases/ErrorCodes.cs b/modules/back-end/src/Application/Bases/ErrorCodes.cs
index 2fe1a370f..c02a72951 100644
--- a/modules/back-end/src/Application/Bases/ErrorCodes.cs
+++ b/modules/back-end/src/Application/Bases/ErrorCodes.cs
@@ -10,6 +10,7 @@ public static class ErrorCodes
     // application
     public const string ResourceNotFound = nameof(ResourceNotFound);
     public const string InvalidJson = nameof(InvalidJson);
+    public const string EntityExistsAlready = nameof(EntityExistsAlready);
 
     // identity error codes
     public const string MethodIsRequired = nameof(MethodIsRequired);
diff --git a/modules/back-end/src/Application/Groups/IsGroupNameUsed.cs b/modules/back-end/src/Application/Groups/IsGroupNameUsed.cs
index 5a123d0fe..a1b187f28 100644
--- a/modules/back-end/src/Application/Groups/IsGroupNameUsed.cs
+++ b/modules/back-end/src/Application/Groups/IsGroupNameUsed.cs
@@ -19,7 +19,7 @@ public IsGroupNameUsedHandler(IGroupService service)
     public async Task<bool> Handle(IsGroupNameUsed request, CancellationToken cancellationToken)
     {
         var isNameUsed =
-            await _service.AnyAsync(x => x.OrganizationId == request.OrganizationId && x.Name == request.Name);
+            await _service.AnyAsync(x => x.OrganizationId == request.OrganizationId && string.Equals(x.Name, request.Name, StringComparison.OrdinalIgnoreCase));
 
         return isNameUsed;
     }
diff --git a/modules/back-end/src/Application/Policies/IsPolicyNameUsed.cs b/modules/back-end/src/Application/Policies/IsPolicyNameUsed.cs
index 9d28da1f0..1ca097a9f 100644
--- a/modules/back-end/src/Application/Policies/IsPolicyNameUsed.cs
+++ b/modules/back-end/src/Application/Policies/IsPolicyNameUsed.cs
@@ -19,7 +19,7 @@ public IsPolicyNameUsedHandler(IPolicyService service)
     public async Task<bool> Handle(IsPolicyNameUsed request, CancellationToken cancellationToken)
     {
         var isNameUsed =
-            await _service.AnyAsync(x => x.OrganizationId == request.OrganizationId && x.Name == request.Name);
+            await _service.AnyAsync(x => x.OrganizationId == request.OrganizationId && string.Equals(x.Name, request.Name, StringComparison.OrdinalIgnoreCase));
 
         return isNameUsed;
     }
diff --git a/modules/back-end/src/Application/Segments/IsSegmentNameUsed.cs b/modules/back-end/src/Application/Segments/IsSegmentNameUsed.cs
index 50109f8d7..cb3e819f5 100644
--- a/modules/back-end/src/Application/Segments/IsSegmentNameUsed.cs
+++ b/modules/back-end/src/Application/Segments/IsSegmentNameUsed.cs
@@ -18,6 +18,6 @@ public IsSegmentNameUsedHandler(ISegmentService service)
 
     public async Task<bool> Handle(IsSegmentNameUsed request, CancellationToken cancellationToken)
     {
-        return await _service.AnyAsync(x => !x.IsArchived && x.EnvId == request.EnvId && x.Name == request.Name);
+        return await _service.AnyAsync(x => !x.IsArchived && x.EnvId == request.EnvId && string.Equals(x.Name, request.Name, StringComparison.OrdinalIgnoreCase));
     }
 }
\ No newline at end of file

From 81297a4b577545798462db5a8bdb030d42ceedb6 Mon Sep 17 00:00:00 2001
From: cosmos-explorer <lian.yang.work@gmail.com>
Date: Thu, 16 Mar 2023 12:52:22 +0100
Subject: [PATCH 34/44] fixed bug

---
 .../back-end/src/Application/AccessTokens/CreateAccessToken.cs  | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/modules/back-end/src/Application/AccessTokens/CreateAccessToken.cs b/modules/back-end/src/Application/AccessTokens/CreateAccessToken.cs
index c76ab8086..d2df3cfdf 100644
--- a/modules/back-end/src/Application/AccessTokens/CreateAccessToken.cs
+++ b/modules/back-end/src/Application/AccessTokens/CreateAccessToken.cs
@@ -52,7 +52,7 @@ public CreateAccessTokenHandler(IAccessTokenService service, IMemberService memb
 
     public async Task<AccessTokenVm> Handle(CreateAccessToken request, CancellationToken cancellationToken)
     {
-        var permissions = request.Permissions;
+        IEnumerable<PolicyStatement> permissions = new List<PolicyStatement>();
         if (request.Type == AccessTokenTypes.Service)
         {
             var authorizedPolices = await _memberService.GetPoliciesAsync(request.OrganizationId, _currentUser.Id);

From 9d975a1fa1b21247da4970d4c3ec05671fedfba0 Mon Sep 17 00:00:00 2001
From: cosmos-explorer <lian.yang.work@gmail.com>
Date: Fri, 17 Mar 2023 09:23:08 +0100
Subject: [PATCH 35/44] environment ajustement

---
 .../project/project.component.html            | 10 ++--
 modules/front-end/src/locale/messages.xlf     | 43 ++++++++---------
 modules/front-end/src/locale/messages.zh.xlf  | 46 +++++++++----------
 modules/front-end/src/styles-common.less      |  8 ++++
 4 files changed, 60 insertions(+), 47 deletions(-)

diff --git a/modules/front-end/src/app/features/safe/organizations/project/project.component.html b/modules/front-end/src/app/features/safe/organizations/project/project.component.html
index 9fc0332c9..defa22bc2 100644
--- a/modules/front-end/src/app/features/safe/organizations/project/project.component.html
+++ b/modules/front-end/src/app/features/safe/organizations/project/project.component.html
@@ -15,7 +15,7 @@
     <div class="project-list">
       <div *ngFor="let project of projects | projectFilter: searchValue" class="project">
         <nz-card nzBorderless>
-          <nz-descriptions nzTitle="{{project.name}}" [nzExtra]="extraTemplate"></nz-descriptions>
+          <nz-descriptions [nzTitle]="titleTemplate" [nzExtra]="extraTemplate"></nz-descriptions>
           <permission-check [rn]="permissionsService.getResourceRN('project', project)" [action]="permissionActions.ListEnvs" i18n-messageIfDeny="@@org.project.envListPermissionDenied" [messageIfDeny]="'You don\'t have permissions to read env list, please contact the admin to grant you the necessary permissions'">
             <div class="env-list">
               <div *ngFor="let env of project.environments">
@@ -23,7 +23,7 @@
                   <div class="env-basis">
                     <div>
                       <div class="desc-name">
-                        <span i18n="@@org.project.envName">Environment name</span>
+                        <span i18n="@@commoname">Name</span>
                         <nz-tag nzColor="green" *ngIf="isCurrentEnv(env)" i18n="@@common.current">Current</nz-tag>
                       </div>
                       <div class="desc-content">{{env.name}}</div>
@@ -33,7 +33,7 @@
                       <div class="desc-content">{{env.key}}</div>
                     </div>
                     <div>
-                      <div class="desc-name" i18n="@@org.project.description">Description</div>
+                      <div class="desc-name" i18n="@@common.description">Description</div>
                       <div class="desc-content">{{env.description}}</div>
                     </div>
                   </div>
@@ -91,6 +91,10 @@
             </div>
           </permission-check>
         </nz-card>
+        <ng-template #titleTemplate>
+          <span>{{project.name}}</span>
+          <nz-tag nzColor="green" *ngIf="isCurrentProject(project)" i18n="@@common.current">Current</nz-tag>
+        </ng-template>
         <ng-template #extraTemplate>
           <nz-tag nzColor="green" *ngIf="isCurrentProject(project)" i18n="@@common.current">Current</nz-tag>
           <button class="action-btn" nz-button nzType="default" nzSize="small" permission-check [rn]="permissionsService.getResourceRN('project', project)" [action]="permissionActions.UpdateProjectSettings" (actionIfAllow)="onEditProjectClick(project)">
diff --git a/modules/front-end/src/locale/messages.xlf b/modules/front-end/src/locale/messages.xlf
index 0f9b83be4..6df40f8d4 100644
--- a/modules/front-end/src/locale/messages.xlf
+++ b/modules/front-end/src/locale/messages.xlf
@@ -177,7 +177,7 @@
         </context-group>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/features/safe/organizations/project/project.component.html</context>
-          <context context-type="linenumber">128</context>
+          <context context-type="linenumber">132</context>
         </context-group>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/features/safe/segments/details/setting/setting.component.html</context>
@@ -1221,7 +1221,7 @@
         </context-group>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/features/safe/organizations/project/project.component.html</context>
-          <context context-type="linenumber">113</context>
+          <context context-type="linenumber">117</context>
         </context-group>
       </trans-unit>
       <trans-unit id="org.project.envUpdateSuccess" datatype="html">
@@ -1940,6 +1940,10 @@
           <context context-type="sourcefile">src/app/features/safe/iam/team/details/inherited-policies/inherited-policies.component.html</context>
           <context context-type="linenumber">26</context>
         </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/features/safe/organizations/project/project.component.html</context>
+          <context context-type="linenumber">36</context>
+        </context-group>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/features/safe/segments/details/setting/setting.component.html</context>
           <context context-type="linenumber">25</context>
@@ -2093,7 +2097,11 @@
         </context-group>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/features/safe/organizations/project/project.component.html</context>
-          <context context-type="linenumber">95</context>
+          <context context-type="linenumber">96</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/features/safe/organizations/project/project.component.html</context>
+          <context context-type="linenumber">99</context>
         </context-group>
       </trans-unit>
       <trans-unit id="common.projects" datatype="html">
@@ -2844,7 +2852,7 @@
         </context-group>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/features/safe/organizations/project/project.component.html</context>
-          <context context-type="linenumber">103</context>
+          <context context-type="linenumber">107</context>
         </context-group>
       </trans-unit>
       <trans-unit id="common.remove" datatype="html">
@@ -2931,7 +2939,7 @@
         </context-group>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/features/safe/organizations/project/project.component.html</context>
-          <context context-type="linenumber">107</context>
+          <context context-type="linenumber">111</context>
         </context-group>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/features/safe/segments/index/index.component.html</context>
@@ -4864,7 +4872,7 @@
         </context-group>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/features/safe/organizations/project/project.component.html</context>
-          <context context-type="linenumber">129</context>
+          <context context-type="linenumber">133</context>
         </context-group>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/features/safe/segments/index/index.component.html</context>
@@ -5896,20 +5904,13 @@
           <context context-type="linenumber">5</context>
         </context-group>
       </trans-unit>
-      <trans-unit id="org.project.envName" datatype="html">
-        <source>Environment name</source>
+      <trans-unit id="commoname" datatype="html">
+        <source>Name</source>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/features/safe/organizations/project/project.component.html</context>
           <context context-type="linenumber">26</context>
         </context-group>
       </trans-unit>
-      <trans-unit id="org.project.description" datatype="html">
-        <source>Description</source>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/organizations/project/project.component.html</context>
-          <context context-type="linenumber">36</context>
-        </context-group>
-      </trans-unit>
       <trans-unit id="org.project.secrets" datatype="html">
         <source>Secrets</source>
         <context-group purpose="location">
@@ -5946,42 +5947,42 @@
         </context-group>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/features/safe/organizations/project/project.component.html</context>
-          <context context-type="linenumber">98</context>
+          <context context-type="linenumber">102</context>
         </context-group>
       </trans-unit>
       <trans-unit id="org.project.secret-name" datatype="html">
         <source>The name of the secret</source>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/features/safe/organizations/project/project.component.html</context>
-          <context context-type="linenumber">133</context>
+          <context context-type="linenumber">137</context>
         </context-group>
       </trans-unit>
       <trans-unit id="org.project.type-description" datatype="html">
         <source>The secret would be used by a client side or server side SDK</source>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/features/safe/organizations/project/project.component.html</context>
-          <context context-type="linenumber">143</context>
+          <context context-type="linenumber">147</context>
         </context-group>
       </trans-unit>
       <trans-unit id="org.project.secret-type" datatype="html">
         <source>Type</source>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/features/safe/organizations/project/project.component.html</context>
-          <context context-type="linenumber">143</context>
+          <context context-type="linenumber">147</context>
         </context-group>
       </trans-unit>
       <trans-unit id="org.project.secret-type-client-side-sdk" datatype="html">
         <source>Client Side SDK</source>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/features/safe/organizations/project/project.component.html</context>
-          <context context-type="linenumber">146</context>
+          <context context-type="linenumber">150</context>
         </context-group>
       </trans-unit>
       <trans-unit id="org.project.secret-type-server-side-sdk" datatype="html">
         <source>Server Side SDK</source>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/features/safe/organizations/project/project.component.html</context>
-          <context context-type="linenumber">147</context>
+          <context context-type="linenumber">151</context>
         </context-group>
       </trans-unit>
       <trans-unit id="org.project.env-remove-success" datatype="html">
diff --git a/modules/front-end/src/locale/messages.zh.xlf b/modules/front-end/src/locale/messages.zh.xlf
index a9a3ad686..80dcf7dee 100644
--- a/modules/front-end/src/locale/messages.zh.xlf
+++ b/modules/front-end/src/locale/messages.zh.xlf
@@ -177,7 +177,7 @@
         </context-group>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/features/safe/organizations/project/project.component.html</context>
-          <context context-type="linenumber">128</context>
+          <context context-type="linenumber">132</context>
         </context-group>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/features/safe/segments/details/setting/setting.component.html</context>
@@ -1281,7 +1281,7 @@
         </context-group>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/features/safe/organizations/project/project.component.html</context>
-          <context context-type="linenumber">113</context>
+          <context context-type="linenumber">117</context>
         </context-group>
         <target>添加环境</target>
       </trans-unit>
@@ -2059,6 +2059,10 @@
           <context context-type="sourcefile">src/app/features/safe/iam/team/details/inherited-policies/inherited-policies.component.html</context>
           <context context-type="linenumber">26</context>
         </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/features/safe/organizations/project/project.component.html</context>
+          <context context-type="linenumber">36</context>
+        </context-group>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/features/safe/segments/details/setting/setting.component.html</context>
           <context context-type="linenumber">25</context>
@@ -2229,7 +2233,11 @@
         </context-group>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/features/safe/organizations/project/project.component.html</context>
-          <context context-type="linenumber">95</context>
+          <context context-type="linenumber">96</context>
+        </context-group>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/features/safe/organizations/project/project.component.html</context>
+          <context context-type="linenumber">99</context>
         </context-group>
         <target>当前选项</target>
       </trans-unit>
@@ -3045,7 +3053,7 @@
         </context-group>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/features/safe/organizations/project/project.component.html</context>
-          <context context-type="linenumber">103</context>
+          <context context-type="linenumber">107</context>
         </context-group>
         <target>删除后不可恢复，确定要删除么？</target>
       </trans-unit>
@@ -3133,7 +3141,7 @@
         </context-group>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/features/safe/organizations/project/project.component.html</context>
-          <context context-type="linenumber">107</context>
+          <context context-type="linenumber">111</context>
         </context-group>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/features/safe/segments/index/index.component.html</context>
@@ -5293,7 +5301,7 @@
         </context-group>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/features/safe/organizations/project/project.component.html</context>
-          <context context-type="linenumber">129</context>
+          <context context-type="linenumber">133</context>
         </context-group>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/features/safe/segments/index/index.component.html</context>
@@ -6461,21 +6469,13 @@
         </context-group>
         <target>按名称查找</target>
       </trans-unit>
-      <trans-unit id="org.project.envName" datatype="html">
-        <source>Environment name</source>
+      <trans-unit id="commoname" datatype="html">
+        <source>Name</source>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/features/safe/organizations/project/project.component.html</context>
           <context context-type="linenumber">26</context>
         </context-group>
-        <target>环境名称</target>
-      </trans-unit>
-      <trans-unit id="org.project.description" datatype="html">
-        <source>Description</source>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/organizations/project/project.component.html</context>
-          <context context-type="linenumber">36</context>
-        </context-group>
-        <target>描述</target>
+        <target>名称</target>
       </trans-unit>
       <trans-unit id="org.project.secrets" datatype="html">
         <source>Secrets</source>
@@ -6517,7 +6517,7 @@
         </context-group>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/features/safe/organizations/project/project.component.html</context>
-          <context context-type="linenumber">98</context>
+          <context context-type="linenumber">102</context>
         </context-group>
         <target>编辑</target>
       </trans-unit>
@@ -6525,7 +6525,7 @@
         <source>The name of the secret</source>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/features/safe/organizations/project/project.component.html</context>
-          <context context-type="linenumber">133</context>
+          <context context-type="linenumber">137</context>
         </context-group>
         <target>秘钥名称</target>
       </trans-unit>
@@ -6533,7 +6533,7 @@
         <source>The secret would be used by a client side or server side SDK</source>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/features/safe/organizations/project/project.component.html</context>
-          <context context-type="linenumber">143</context>
+          <context context-type="linenumber">147</context>
         </context-group>
         <target>该秘钥将被用于客户端还是服务端 SDK</target>
       </trans-unit>
@@ -6541,7 +6541,7 @@
         <source>Type</source>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/features/safe/organizations/project/project.component.html</context>
-          <context context-type="linenumber">143</context>
+          <context context-type="linenumber">147</context>
         </context-group>
         <target>类型</target>
       </trans-unit>
@@ -6549,7 +6549,7 @@
         <source>Client Side SDK</source>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/features/safe/organizations/project/project.component.html</context>
-          <context context-type="linenumber">146</context>
+          <context context-type="linenumber">150</context>
         </context-group>
         <target>客户端 SDK</target>
       </trans-unit>
@@ -6557,7 +6557,7 @@
         <source>Server Side SDK</source>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/features/safe/organizations/project/project.component.html</context>
-          <context context-type="linenumber">147</context>
+          <context context-type="linenumber">151</context>
         </context-group>
         <target>服务端 SDK</target>
       </trans-unit>
diff --git a/modules/front-end/src/styles-common.less b/modules/front-end/src/styles-common.less
index 50b6a3b5a..357f8cc92 100644
--- a/modules/front-end/src/styles-common.less
+++ b/modules/front-end/src/styles-common.less
@@ -552,10 +552,18 @@ app-root {
 
 // custom card style
 .ant-descriptions-title {
+  display:flex;
+  align-items: center;
+  gap: 8px;
   color: @grey70-color;
   font-weight: 700;
   font-size: 18px;
   line-height: 150%;
+
+  .ant-tag {
+    margin-top: 4px;
+    font-weight: 500;
+  }
 }
 
 .ant-descriptions-extra {

From 6d9228e6198ed32a80b5dad2f0b6cb1f22b5b4b1 Mon Sep 17 00:00:00 2001
From: deleteLater <mikcczhang@gmail.com>
Date: Sat, 18 Mar 2023 00:29:45 +0800
Subject: [PATCH 36/44] refactor

---
 .../Api/Controllers/AccessTokenController.cs  | 20 +++--
 .../AccessTokens/AccessTokenFilter.cs         |  2 +
 .../Application/AccessTokens/AccessTokenVm.cs | 12 +--
 .../AccessTokens/CreateAccessToken.cs         | 73 ++++++++++---------
 .../AccessTokens/GetAccessTokenList.cs        | 27 ++++---
 .../AccessTokens/IsAccessTokenNameUsed.cs     | 26 -------
 .../Application/AccessTokens/IsNameUsed.cs    | 28 +++++++
 .../AccessTokens/ToggleAccessTokenStatus.cs   |  5 +-
 .../AccessTokens/UpdateAccessToken.cs         | 26 ++-----
 .../Services/IAccessTokenService.cs           |  1 +
 .../Application/Services/IMemberService.cs    |  1 -
 .../src/Application/Users/MapperProfile.cs    | 11 +++
 .../back-end/src/Application/Users/UserVm.cs  | 10 +++
 .../src/Domain/AccessTokens/AccessToken.cs    | 39 ++++------
 .../Domain/AccessTokens/AccessTokenStatus.cs  |  4 +-
 .../Domain/AccessTokens/AccessTokenTypes.cs   |  4 +-
 .../back-end/src/Domain/Triggers/Trigger.cs   | 21 +-----
 .../back-end/src/Domain/Utils/TokenHelper.cs  | 22 ++++++
 .../AccessTokens/AccessTokenService.cs        | 13 ++--
 .../Infrastructure/Members/MemberService.cs   | 13 ----
 20 files changed, 181 insertions(+), 177 deletions(-)
 delete mode 100644 modules/back-end/src/Application/AccessTokens/IsAccessTokenNameUsed.cs
 create mode 100644 modules/back-end/src/Application/AccessTokens/IsNameUsed.cs
 create mode 100644 modules/back-end/src/Application/Users/MapperProfile.cs
 create mode 100644 modules/back-end/src/Application/Users/UserVm.cs
 create mode 100644 modules/back-end/src/Domain/Utils/TokenHelper.cs

diff --git a/modules/back-end/src/Api/Controllers/AccessTokenController.cs b/modules/back-end/src/Api/Controllers/AccessTokenController.cs
index 35104be3d..fb9fcc9e6 100644
--- a/modules/back-end/src/Api/Controllers/AccessTokenController.cs
+++ b/modules/back-end/src/Api/Controllers/AccessTokenController.cs
@@ -1,7 +1,5 @@
 using Application.AccessTokens;
 using Application.Bases.Models;
-using Application.FeatureFlags;
-using Application.Policies;
 
 namespace Api.Controllers;
 
@@ -18,15 +16,15 @@ public async Task<ApiResponse<PagedResult<AccessTokenVm>>> GetListAsync(
             OrganizationId = organizationId,
             Filter = filter
         };
-    
+
         var accessTokens = await Mediator.Send(request);
         return Ok(accessTokens);
     }
-    
+
     [HttpGet("is-name-used")]
     public async Task<ApiResponse<bool>> IsNameUsedAsync(Guid organizationId, string name)
     {
-        var request = new IsAccessTokenNameUsed
+        var request = new IsNameUsed
         {
             OrganizationId = organizationId,
             Name = name
@@ -35,7 +33,7 @@ public async Task<ApiResponse<bool>> IsNameUsedAsync(Guid organizationId, string
         var isNameUsed = await Mediator.Send(request);
         return Ok(isNameUsed);
     }
-    
+
     [HttpPost]
     public async Task<ApiResponse<AccessTokenVm>> CreateAsync(Guid organizationId, CreateAccessToken request)
     {
@@ -44,7 +42,7 @@ public async Task<ApiResponse<AccessTokenVm>> CreateAsync(Guid organizationId, C
         var accessToken = await Mediator.Send(request);
         return Ok(accessToken);
     }
-    
+
     [HttpPut("{id:guid}/toggle")]
     public async Task<ApiResponse<bool>> ToggleAsync(Guid id)
     {
@@ -56,11 +54,11 @@ public async Task<ApiResponse<bool>> ToggleAsync(Guid id)
         var success = await Mediator.Send(request);
         return Ok(success);
     }
-    
+
     [HttpDelete("{id:guid}")]
     public async Task<ApiResponse<bool>> DeleteAsync(Guid id)
     {
-        var request = new DeleteAccessToken()
+        var request = new DeleteAccessToken
         {
             Id = id
         };
@@ -68,9 +66,9 @@ public async Task<ApiResponse<bool>> DeleteAsync(Guid id)
         var success = await Mediator.Send(request);
         return Ok(success);
     }
-    
+
     [HttpPut("{id:guid}")]
-    public async Task<ApiResponse<AccessTokenVm>> UpdateAsync(Guid id, UpdateAccessToken request)
+    public async Task<ApiResponse<bool>> UpdateAsync(Guid id, UpdateAccessToken request)
     {
         request.Id = id;
 
diff --git a/modules/back-end/src/Application/AccessTokens/AccessTokenFilter.cs b/modules/back-end/src/Application/AccessTokens/AccessTokenFilter.cs
index 8505a5da1..d01b6980d 100644
--- a/modules/back-end/src/Application/AccessTokens/AccessTokenFilter.cs
+++ b/modules/back-end/src/Application/AccessTokens/AccessTokenFilter.cs
@@ -5,6 +5,8 @@ namespace Application.AccessTokens;
 public class AccessTokenFilter : PagedRequest
 {
     public string Name { get; set; }
+
     public Guid? CreatorId { get; set; }
+
     public string Type { get; set; }
 }
\ No newline at end of file
diff --git a/modules/back-end/src/Application/AccessTokens/AccessTokenVm.cs b/modules/back-end/src/Application/AccessTokens/AccessTokenVm.cs
index fdaa4bfb8..94505a311 100644
--- a/modules/back-end/src/Application/AccessTokens/AccessTokenVm.cs
+++ b/modules/back-end/src/Application/AccessTokens/AccessTokenVm.cs
@@ -1,4 +1,4 @@
-using Application.Members;
+using Application.Users;
 using Domain.Policies;
 
 namespace Application.AccessTokens;
@@ -8,14 +8,16 @@ public class AccessTokenVm
     public Guid Id { get; set; }
 
     public string Name { get; set; }
-        
+
     public string Type { get; set; }
-    
+
     public string Status { get; set; }
+
     public string Token { get; set; }
-    public MemberVm Creator { get; set; }
 
     public IEnumerable<PolicyStatement> Permissions { get; set; }
-    
+
     public DateTime? LastUsedAt { get; set; }
+
+    public UserVm Creator { get; set; }
 }
\ No newline at end of file
diff --git a/modules/back-end/src/Application/AccessTokens/CreateAccessToken.cs b/modules/back-end/src/Application/AccessTokens/CreateAccessToken.cs
index d2df3cfdf..44fd539f8 100644
--- a/modules/back-end/src/Application/AccessTokens/CreateAccessToken.cs
+++ b/modules/back-end/src/Application/AccessTokens/CreateAccessToken.cs
@@ -24,12 +24,12 @@ public CreateAccessTokenValidator()
     {
         RuleFor(x => x.Name)
             .NotEmpty().WithErrorCode(ErrorCodes.NameIsRequired);
-        
+
         RuleFor(x => x.Type)
             .Must(AccessTokenTypes.IsDefined).WithErrorCode(ErrorCodes.InvalidAccessTokenType);
-        
+
         RuleFor(x => x.Permissions)
-            .Must(Permissions => Permissions.Any())
+            .Must(permissions => permissions.Any())
             .Unless(x => x.Type == AccessTokenTypes.Personal)
             .WithErrorCode(ErrorCodes.ServiceAccessTokenMustDefinePolicies);
     }
@@ -42,7 +42,11 @@ public class CreateAccessTokenHandler : IRequestHandler<CreateAccessToken, Acces
     private readonly IAccessTokenService _service;
     private readonly IMapper _mapper;
 
-    public CreateAccessTokenHandler(IAccessTokenService service, IMemberService memberService, ICurrentUser currentUser, IMapper mapper)
+    public CreateAccessTokenHandler(
+        IAccessTokenService service,
+        IMemberService memberService,
+        ICurrentUser currentUser,
+        IMapper mapper)
     {
         _service = service;
         _currentUser = currentUser;
@@ -52,43 +56,39 @@ public CreateAccessTokenHandler(IAccessTokenService service, IMemberService memb
 
     public async Task<AccessTokenVm> Handle(CreateAccessToken request, CancellationToken cancellationToken)
     {
-        IEnumerable<PolicyStatement> permissions = new List<PolicyStatement>();
         if (request.Type == AccessTokenTypes.Service)
         {
-            var authorizedPolices = await _memberService.GetPoliciesAsync(request.OrganizationId, _currentUser.Id);
-            var ownerPolicy = authorizedPolices.FirstOrDefault((x) => x.Name == "Owner");
-            if (ownerPolicy != null)
+            var authorizedPolices =
+                await _memberService.GetPoliciesAsync(request.OrganizationId, _currentUser.Id);
+
+            var haveUnauthorizedPermissions = request.Permissions.Any(x =>
             {
-                permissions = request.Permissions;
-            }
-            else
+                var matchedPolicy = authorizedPolices.FirstOrDefault(policy =>
+                    policy.Statements.Any(statement =>
+                        (statement.ResourceType == x.ResourceType || statement.ResourceType == "*") &&
+                        statement.Effect == "allow" &&
+                        x.Resources.All(rsc => statement.Resources.Any(resource => MatchRule(rsc, resource))) &&
+                        x.Actions.All(act => statement.Actions.Any(action => MatchRule(act, action))))
+                );
+
+                return matchedPolicy == null;
+            });
+
+            if (haveUnauthorizedPermissions)
             {
-                var haveUnauthorizedPermissions = request.Permissions.Any(x =>
-                {
-                    var matchedPolicy = authorizedPolices.FirstOrDefault(policy =>
-                        policy.Statements.Any(statement =>
-                            statement.ResourceType == x.ResourceType && statement.Effect == "allow" &&
-                            x.Resources.All(rsc => statement.Resources.Any(resource => MatchRule(rsc, resource))) &&
-                            x.Actions.All(act => statement.Actions.Any(action => MatchRule(act, action)))));
-                    
-                    return matchedPolicy == null;
-                });
-
-                if (haveUnauthorizedPermissions)
-                {
-                    throw new BusinessException(ErrorCodes.Forbidden);
-                }
+                throw new BusinessException(ErrorCodes.Forbidden);
             }
         }
 
-        var existingAt = await _service.FindOneAsync(at => string.Equals(at.Name, request.Name, StringComparison.OrdinalIgnoreCase));
-
-        if (existingAt != null)
+        var existed =
+            await _service.FindOneAsync(at => string.Equals(at.Name, request.Name, StringComparison.OrdinalIgnoreCase));
+        if (existed != null)
         {
             throw new BusinessException(ErrorCodes.EntityExistsAlready);
         }
 
-        var accessToken = new AccessToken(request.OrganizationId, _currentUser.Id, request.Name, request.Type, permissions);
+        var accessToken =
+            new AccessToken(request.OrganizationId, _currentUser.Id, request.Name, request.Type, request.Permissions);
 
         await _service.AddOneAsync(accessToken);
 
@@ -101,9 +101,16 @@ public async Task<AccessTokenVm> Handle(CreateAccessToken request, CancellationT
     // "*b" => everything that ends with "b"
     // "*a*" => everything that has an "a" in it
     // "*a*b*"=> everything that has an "a" in it, followed by anything, followed by a "b", followed by anything
-    private bool MatchRule(string str, string rule)
+    private static bool MatchRule(string str, string rule)
     {
-        Func<string, string> escapeRegex = (s) => Regex.Replace(s, "([.*+?^=!:${}()|\\[\\]\\\\/])", "\\$1");
-        return new Regex("^" + rule.Split('*').Select(escapeRegex).Aggregate((x, y) => x + ".*" + y) + "$").IsMatch(str);
+        string EscapeRegex(string s) => Regex.Replace(s, "([.*+?^=!:${}()|\\[\\]\\\\/])", "\\$1");
+
+        var matchPattern = rule
+            .Split('*')
+            .Select(EscapeRegex)
+            .Aggregate((x, y) => $"{x}.*{y}");
+
+        var regex = new Regex($"^{matchPattern}$");
+        return regex.IsMatch(str);
     }
 }
\ No newline at end of file
diff --git a/modules/back-end/src/Application/AccessTokens/GetAccessTokenList.cs b/modules/back-end/src/Application/AccessTokens/GetAccessTokenList.cs
index 6c815fe88..8dd4fb77f 100644
--- a/modules/back-end/src/Application/AccessTokens/GetAccessTokenList.cs
+++ b/modules/back-end/src/Application/AccessTokens/GetAccessTokenList.cs
@@ -1,5 +1,5 @@
 using Application.Bases.Models;
-using Application.Members;
+using Application.Users;
 
 namespace Application.AccessTokens;
 
@@ -12,27 +12,30 @@ public class GetAccessTokenList : IRequest<PagedResult<AccessTokenVm>>
 
 public class GetAccessTokenListHandler : IRequestHandler<GetAccessTokenList, PagedResult<AccessTokenVm>>
 {
-    private readonly IMemberService _memberService;
-    private readonly IAccessTokenService _service;
+    private readonly IAccessTokenService _accessTokenService;
+    private readonly IUserService _userService;
     private readonly IMapper _mapper;
 
-    public GetAccessTokenListHandler(IAccessTokenService service, IMemberService memberService, IMapper mapper)
+    public GetAccessTokenListHandler(IAccessTokenService accessTokenService, IUserService userService, IMapper mapper)
     {
-        _service = service;
-        _memberService = memberService;
+        _accessTokenService = accessTokenService;
+        _userService = userService;
         _mapper = mapper;
     }
-    
+
     public async Task<PagedResult<AccessTokenVm>> Handle(GetAccessTokenList request, CancellationToken cancellationToken)
     {
-        var accessTokens = await _service.GetListAsync(request.OrganizationId, request.Filter);
+        var accessTokens =
+            await _accessTokenService.GetListAsync(request.OrganizationId, request.Filter);
+
         var creatorIds = accessTokens.Items.Select(x => x.CreatorId);
-        var creators = await _memberService.GetListByIds(creatorIds);
+        var creators = await _userService.GetListAsync(creatorIds);
+
         var accessTokenVms = _mapper.Map<PagedResult<AccessTokenVm>>(accessTokens);
-        foreach (var accessTokenItem in accessTokens.Items)
+        foreach (var accessToken in accessTokens.Items)
         {
-            var accessTokenVm = accessTokenVms.Items.First(x => x.Id == accessTokenItem.Id);
-            accessTokenVm.Creator = _mapper.Map<MemberVm>(creators.First(x => x.Id == accessTokenItem.CreatorId));
+            var accessTokenVm = accessTokenVms.Items.First(x => x.Id == accessToken.Id);
+            accessTokenVm.Creator = _mapper.Map<UserVm>(creators.FirstOrDefault(x => x.Id == accessToken.CreatorId));
             accessTokenVm.Token = accessTokenVm.Token[..15] + "**************";
         }
 
diff --git a/modules/back-end/src/Application/AccessTokens/IsAccessTokenNameUsed.cs b/modules/back-end/src/Application/AccessTokens/IsAccessTokenNameUsed.cs
deleted file mode 100644
index e90a63487..000000000
--- a/modules/back-end/src/Application/AccessTokens/IsAccessTokenNameUsed.cs
+++ /dev/null
@@ -1,26 +0,0 @@
-namespace Application.AccessTokens;
-
-public class IsAccessTokenNameUsed : IRequest<bool>
-{
-    public Guid OrganizationId { get; set; }
-
-    public string Name { get; set; }
-}
-
-public class IsAccessTokenNameUsedHandler : IRequestHandler<IsAccessTokenNameUsed, bool>
-{
-    private readonly IAccessTokenService _service;
-
-    public IsAccessTokenNameUsedHandler(IAccessTokenService service)
-    {
-        _service = service;
-    }
-
-    public async Task<bool> Handle(IsAccessTokenNameUsed request, CancellationToken cancellationToken)
-    {
-        var isNameUsed =
-            await _service.AnyAsync(x => x.OrganizationId == request.OrganizationId && string.Equals(x.Name, request.Name, StringComparison.OrdinalIgnoreCase));
-
-        return isNameUsed;
-    }
-}
\ No newline at end of file
diff --git a/modules/back-end/src/Application/AccessTokens/IsNameUsed.cs b/modules/back-end/src/Application/AccessTokens/IsNameUsed.cs
new file mode 100644
index 000000000..1f9bcaad1
--- /dev/null
+++ b/modules/back-end/src/Application/AccessTokens/IsNameUsed.cs
@@ -0,0 +1,28 @@
+namespace Application.AccessTokens;
+
+public class IsNameUsed : IRequest<bool>
+{
+    public Guid OrganizationId { get; set; }
+
+    public string Name { get; set; }
+}
+
+public class IsNameUsedHandler : IRequestHandler<IsNameUsed, bool>
+{
+    private readonly IAccessTokenService _service;
+
+    public IsNameUsedHandler(IAccessTokenService service)
+    {
+        _service = service;
+    }
+
+    public async Task<bool> Handle(IsNameUsed request, CancellationToken cancellationToken)
+    {
+        var isNameUsed = await _service.AnyAsync(x =>
+            x.OrganizationId == request.OrganizationId &&
+            string.Equals(x.Name, request.Name, StringComparison.OrdinalIgnoreCase)
+        );
+
+        return isNameUsed;
+    }
+}
\ No newline at end of file
diff --git a/modules/back-end/src/Application/AccessTokens/ToggleAccessTokenStatus.cs b/modules/back-end/src/Application/AccessTokens/ToggleAccessTokenStatus.cs
index 1c135c909..e860e2902 100644
--- a/modules/back-end/src/Application/AccessTokens/ToggleAccessTokenStatus.cs
+++ b/modules/back-end/src/Application/AccessTokens/ToggleAccessTokenStatus.cs
@@ -1,6 +1,3 @@
-using Application.Users;
-using Domain.AuditLogs;
-
 namespace Application.AccessTokens;
 
 public class ToggleAccessTokenStatus : IRequest<bool>
@@ -21,7 +18,9 @@ public async Task<bool> Handle(ToggleAccessTokenStatus request, CancellationToke
     {
         var accessToken = await _service.GetAsync(request.Id);
         accessToken.ToggleStatus();
+
         await _service.UpdateAsync(accessToken);
+
         return true;
     }
 }
\ No newline at end of file
diff --git a/modules/back-end/src/Application/AccessTokens/UpdateAccessToken.cs b/modules/back-end/src/Application/AccessTokens/UpdateAccessToken.cs
index 9c446d516..47ed1c46a 100644
--- a/modules/back-end/src/Application/AccessTokens/UpdateAccessToken.cs
+++ b/modules/back-end/src/Application/AccessTokens/UpdateAccessToken.cs
@@ -1,12 +1,11 @@
 using Application.Bases;
-using Application.Members;
-using Domain.ExperimentMetrics;
 
 namespace Application.AccessTokens;
 
-public class UpdateAccessToken : IRequest<AccessTokenVm>
+public class UpdateAccessToken : IRequest<bool>
 {
     public Guid Id { get; set; }
+
     public string Name { get; set; }
 }
 
@@ -19,33 +18,22 @@ public UpdateAccessTokenValidator()
     }
 }
 
-public class UpdateAccessTokenHandler : IRequestHandler<UpdateAccessToken, AccessTokenVm>
+public class UpdateAccessTokenHandler : IRequestHandler<UpdateAccessToken, bool>
 {
     private readonly IAccessTokenService _service;
-    private readonly IMemberService _memberService;
-    private readonly IMapper _mapper;
 
-    public UpdateAccessTokenHandler(
-        IAccessTokenService service,
-        IMemberService memberService,
-        IMapper mapper)
+    public UpdateAccessTokenHandler(IAccessTokenService service)
     {
         _service = service;
-        _memberService = memberService;
-        _mapper = mapper;
     }
 
-    public async Task<AccessTokenVm> Handle(UpdateAccessToken request, CancellationToken cancellationToken)
+    public async Task<bool> Handle(UpdateAccessToken request, CancellationToken cancellationToken)
     {
         var accessToken = await _service.GetAsync(request.Id);
         accessToken.UpdateName(request.Name);
-        
-        await _service.UpdateAsync(accessToken);
 
-        var creators = await _memberService.GetListByIds(new List<Guid>() { accessToken.CreatorId });
-        var accessTokenVm = _mapper.Map<AccessTokenVm>(accessToken);
-        accessTokenVm.Creator = _mapper.Map<MemberVm>(creators.First());
+        await _service.UpdateAsync(accessToken);
 
-        return accessTokenVm;
+        return true;
     }
 }
\ No newline at end of file
diff --git a/modules/back-end/src/Application/Services/IAccessTokenService.cs b/modules/back-end/src/Application/Services/IAccessTokenService.cs
index bf47c59db..d2557372d 100644
--- a/modules/back-end/src/Application/Services/IAccessTokenService.cs
+++ b/modules/back-end/src/Application/Services/IAccessTokenService.cs
@@ -7,5 +7,6 @@ namespace Application.Services;
 public interface IAccessTokenService : IService<AccessToken>
 {
     Task<PagedResult<AccessToken>> GetListAsync(Guid organizationId, AccessTokenFilter filter);
+
     Task DeleteAsync(Guid id);
 }
\ No newline at end of file
diff --git a/modules/back-end/src/Application/Services/IMemberService.cs b/modules/back-end/src/Application/Services/IMemberService.cs
index a529dd72c..a83520627 100644
--- a/modules/back-end/src/Application/Services/IMemberService.cs
+++ b/modules/back-end/src/Application/Services/IMemberService.cs
@@ -8,7 +8,6 @@ namespace Application.Services;
 public interface IMemberService
 {
     Task<Member> GetAsync(Guid organizationId, Guid memberId);
-    Task<IEnumerable<Member>> GetListByIds(IEnumerable<Guid> ids);
 
     Task DeleteAsync(Guid organizationId, Guid memberId);
 
diff --git a/modules/back-end/src/Application/Users/MapperProfile.cs b/modules/back-end/src/Application/Users/MapperProfile.cs
new file mode 100644
index 000000000..25cab8b93
--- /dev/null
+++ b/modules/back-end/src/Application/Users/MapperProfile.cs
@@ -0,0 +1,11 @@
+using Domain.Users;
+
+namespace Application.Users;
+
+public class MapperProfile : AutoMapper.Profile
+{
+    public MapperProfile()
+    {
+        CreateMap<User, UserVm>();
+    }
+}
\ No newline at end of file
diff --git a/modules/back-end/src/Application/Users/UserVm.cs b/modules/back-end/src/Application/Users/UserVm.cs
new file mode 100644
index 000000000..fa57e8a68
--- /dev/null
+++ b/modules/back-end/src/Application/Users/UserVm.cs
@@ -0,0 +1,10 @@
+namespace Application.Users;
+
+public class UserVm
+{
+    public string Id { get; set; }
+
+    public string Name { get; set; }
+
+    public string Email { get; set; }
+}
\ No newline at end of file
diff --git a/modules/back-end/src/Domain/AccessTokens/AccessToken.cs b/modules/back-end/src/Domain/AccessTokens/AccessToken.cs
index 5759e5814..d0d69a425 100644
--- a/modules/back-end/src/Domain/AccessTokens/AccessToken.cs
+++ b/modules/back-end/src/Domain/AccessTokens/AccessToken.cs
@@ -1,57 +1,48 @@
-using System.Text;
 using Domain.Policies;
 
 namespace Domain.AccessTokens;
 
 public class AccessToken : AuditedEntity
 {
-    public Guid? OrganizationId { get; set; }
+    public Guid OrganizationId { get; set; }
 
     public string Name { get; set; }
 
     public string Type { get; set; }
+
     public string Status { get; set; }
+
     public string Token { get; set; }
+
     public Guid CreatorId { get; set; }
 
     public IEnumerable<PolicyStatement> Permissions { get; set; }
-    
-    public DateTime? LastUsedAt { get; set; }
-
-    private string NewToken()
-    {
-        // timestamp in millis, length is 13
-        var reversedTimestamp =
-            new string(DateTimeOffset.UtcNow.ToUnixTimeMilliseconds().ToString().Reverse().ToArray());
 
-        // header length is (13 + 2) * 4/3 = 20, we trim '=' character, so got 18 chars
-        var header = Convert.ToBase64String(Encoding.UTF8.GetBytes(reversedTimestamp)).TrimEnd('=');
-
-        // 22 chars
-        var guid = GuidHelper.Encode(Guid.NewGuid());
+    public DateTime? LastUsedAt { get; set; }
 
-        // 4 + 18 + 22 = 44 chars
-        return $"api-{header}{guid}";
-    }
-    
-    public AccessToken(Guid organizationId, Guid creatorId, string name, string type, IEnumerable<PolicyStatement> permissions)
+    public AccessToken(
+        Guid organizationId,
+        Guid creatorId,
+        string name,
+        string type,
+        IEnumerable<PolicyStatement> permissions)
     {
         OrganizationId = organizationId;
         CreatorId = creatorId;
         Name = name;
-        
+
         Status = AccessTokenStatus.Active;
         Type = type;
         Permissions = permissions;
 
-        Token = NewToken();
+        Token = $"api-{TokenHelper.New(Guid.NewGuid())}";
     }
-    
+
     public void RefreshLastUsedAt()
     {
         LastUsedAt = DateTime.UtcNow;
     }
-    
+
     public void ToggleStatus()
     {
         Status = Status == AccessTokenStatus.Active ? AccessTokenStatus.Inactive : AccessTokenStatus.Active;
diff --git a/modules/back-end/src/Domain/AccessTokens/AccessTokenStatus.cs b/modules/back-end/src/Domain/AccessTokens/AccessTokenStatus.cs
index 8c8922473..cefd171c0 100644
--- a/modules/back-end/src/Domain/AccessTokens/AccessTokenStatus.cs
+++ b/modules/back-end/src/Domain/AccessTokens/AccessTokenStatus.cs
@@ -5,9 +5,9 @@ public class AccessTokenStatus
     public const string Active = "Active";
 
     public const string Inactive = "Inactive";
-    
+
     public static readonly string[] All = { Active, Inactive };
-    
+
     public static bool IsDefined(string type)
     {
         return All.Contains(type);
diff --git a/modules/back-end/src/Domain/AccessTokens/AccessTokenTypes.cs b/modules/back-end/src/Domain/AccessTokens/AccessTokenTypes.cs
index 5422dfd12..1f4f1adaf 100644
--- a/modules/back-end/src/Domain/AccessTokens/AccessTokenTypes.cs
+++ b/modules/back-end/src/Domain/AccessTokens/AccessTokenTypes.cs
@@ -5,9 +5,9 @@ public class AccessTokenTypes
     public const string Personal = "Personal";
 
     public const string Service = "Service";
-    
+
     public static readonly string[] All = { Personal, Service };
-    
+
     public static bool IsDefined(string type)
     {
         return All.Contains(type);
diff --git a/modules/back-end/src/Domain/Triggers/Trigger.cs b/modules/back-end/src/Domain/Triggers/Trigger.cs
index 9e65ceee3..b1c05dc29 100644
--- a/modules/back-end/src/Domain/Triggers/Trigger.cs
+++ b/modules/back-end/src/Domain/Triggers/Trigger.cs
@@ -1,4 +1,3 @@
-using System.Text;
 using Domain.FeatureFlags;
 
 namespace Domain.Triggers;
@@ -28,7 +27,7 @@ public Trigger(Guid id, Guid targetId, string type, string action, string descri
         TargetId = targetId;
         Type = type;
         Action = action;
-        Token = NewToken();
+        Token = TokenHelper.New(Id);
         Description = description ?? string.Empty;
         IsEnabled = true;
 
@@ -38,27 +37,11 @@ public Trigger(Guid id, Guid targetId, string type, string action, string descri
 
     public void ResetToken()
     {
-        Token = NewToken();
+        Token = TokenHelper.New(Id);
 
         UpdatedAt = DateTime.UtcNow;
     }
 
-    private string NewToken()
-    {
-        // timestamp in millis, length is 13
-        var reversedTimestamp =
-            new string(DateTimeOffset.UtcNow.ToUnixTimeMilliseconds().ToString().Reverse().ToArray());
-
-        // header length is (13 + 2) * 4/3 = 20, we trim '=' character, so got 18 chars
-        var header = Convert.ToBase64String(Encoding.UTF8.GetBytes(reversedTimestamp)).TrimEnd('=');
-
-        // 22 chars
-        var guid = GuidHelper.Encode(Id);
-
-        // 18 + 22 = 40 chars
-        return $"{header}{guid}";
-    }
-
     public static bool TryParseToken(string token, out Guid id)
     {
         id = Guid.Empty;
diff --git a/modules/back-end/src/Domain/Utils/TokenHelper.cs b/modules/back-end/src/Domain/Utils/TokenHelper.cs
new file mode 100644
index 000000000..17725331c
--- /dev/null
+++ b/modules/back-end/src/Domain/Utils/TokenHelper.cs
@@ -0,0 +1,22 @@
+using System.Text;
+
+namespace Domain.Utils;
+
+public static class TokenHelper
+{
+    public static string New(Guid id)
+    {
+        // timestamp in millis, length is 13
+        var reversedTimestamp =
+            new string(DateTimeOffset.UtcNow.ToUnixTimeMilliseconds().ToString().Reverse().ToArray());
+
+        // header length is (13 + 2) * 4/3 = 20, we trim '=' character, so got 18 chars
+        var header = Convert.ToBase64String(Encoding.UTF8.GetBytes(reversedTimestamp)).TrimEnd('=');
+
+        // 22 chars
+        var guid = GuidHelper.Encode(id);
+
+        // 18 + 22 = 40 chars
+        return $"{header}{guid}";
+    }
+}
\ No newline at end of file
diff --git a/modules/back-end/src/Infrastructure/AccessTokens/AccessTokenService.cs b/modules/back-end/src/Infrastructure/AccessTokens/AccessTokenService.cs
index 3546711c5..543719da3 100644
--- a/modules/back-end/src/Infrastructure/AccessTokens/AccessTokenService.cs
+++ b/modules/back-end/src/Infrastructure/AccessTokens/AccessTokenService.cs
@@ -11,24 +11,23 @@ public class AccessTokenService : MongoDbService<AccessToken>, IAccessTokenServi
     public AccessTokenService(MongoDbClient mongoDb) : base(mongoDb)
     {
     }
-    
+
     public async Task<PagedResult<AccessToken>> GetListAsync(Guid organizationId, AccessTokenFilter filter)
     {
-        var query = MongoDb.QueryableOf<AccessToken>()
-            .Where(x => x.OrganizationId == organizationId);
+        var query = Queryable.Where(x => x.OrganizationId == organizationId);
 
         var name = filter.Name;
         if (!string.IsNullOrWhiteSpace(name))
         {
             query = query.Where(x => x.Name.Contains(name, StringComparison.CurrentCultureIgnoreCase));
         }
-        
+
         var type = filter.Type;
         if (!string.IsNullOrWhiteSpace(type))
         {
             query = query.Where(x => x.Type == type);
         }
-        
+
         var creatorId = filter.CreatorId;
         if (creatorId.HasValue)
         {
@@ -44,9 +43,9 @@ public async Task<PagedResult<AccessToken>> GetListAsync(Guid organizationId, Ac
 
         return new PagedResult<AccessToken>(totalCount, items);
     }
-    
+
     public async Task DeleteAsync(Guid id)
     {
-        await MongoDb.CollectionOf<AccessToken>().DeleteOneAsync(x => x.Id == id);
+        await Collection.DeleteOneAsync(x => x.Id == id);
     }
 }
\ No newline at end of file
diff --git a/modules/back-end/src/Infrastructure/Members/MemberService.cs b/modules/back-end/src/Infrastructure/Members/MemberService.cs
index ee7f627f1..cebf68233 100644
--- a/modules/back-end/src/Infrastructure/Members/MemberService.cs
+++ b/modules/back-end/src/Infrastructure/Members/MemberService.cs
@@ -66,19 +66,6 @@ await _mongoDb.CollectionOf<MemberPolicy>()
             .DeleteManyAsync(x => x.OrganizationId == organizationId && x.MemberId == memberId);
     }
 
-    public async Task<IEnumerable<Member>> GetListByIds(IEnumerable<Guid> ids)
-    {
-        var query = _mongoDb.QueryableOf<User>()
-            .Where(x => ids.Contains(x.Id));
-        
-        return await query.Select(x => new Member
-        {
-            Id = x.Id,
-            Email = x.Email,
-            Name = x.Name,
-        }).ToListAsync();;
-    }
-
     public async Task<PagedResult<Member>> GetListAsync(Guid organizationId, MemberFilter filter)
     {
         var users = _mongoDb.QueryableOf<User>();

From fe5471c07eae1b8e943f0055878ea949a522379f Mon Sep 17 00:00:00 2001
From: deleteLater <mikcczhang@gmail.com>
Date: Sat, 18 Mar 2023 00:53:51 +0800
Subject: [PATCH 37/44] fix

---
 .../access-token-drawer.component.html        |  3 +-
 .../access-token-drawer.component.ts          | 33 +++-------
 .../app/core/services/access-token.service.ts |  5 +-
 modules/front-end/src/locale/messages.xlf     | 57 ++++++++++--------
 modules/front-end/src/locale/messages.zh.xlf  | 60 +++++++++++--------
 5 files changed, 77 insertions(+), 81 deletions(-)

diff --git a/modules/front-end/src/app/core/components/access-token-drawer/access-token-drawer.component.html b/modules/front-end/src/app/core/components/access-token-drawer/access-token-drawer.component.html
index ff4281e52..edf5beb13 100644
--- a/modules/front-end/src/app/core/components/access-token-drawer/access-token-drawer.component.html
+++ b/modules/front-end/src/app/core/components/access-token-drawer/access-token-drawer.component.html
@@ -3,8 +3,7 @@
   [nzExtra]="extra"
   [nzVisible]="visible"
   nzPlacement="right"
-  i18n-nzTitle="@@integrations.access-token.access-token-drawer.title"
-  nzTitle="Add access token"
+  [nzTitle]="title"
   [nzWidth]="700"
   (nzOnClose)="onClose()"
   [nzFooter]="footer">
diff --git a/modules/front-end/src/app/core/components/access-token-drawer/access-token-drawer.component.ts b/modules/front-end/src/app/core/components/access-token-drawer/access-token-drawer.component.ts
index 58d8885c3..00b447ce4 100644
--- a/modules/front-end/src/app/core/components/access-token-drawer/access-token-drawer.component.ts
+++ b/modules/front-end/src/app/core/components/access-token-drawer/access-token-drawer.component.ts
@@ -1,4 +1,4 @@
-import { Component, OnInit, Input, Output, EventEmitter, ViewChild } from '@angular/core';
+import { Component, Input, Output, EventEmitter } from '@angular/core';
 import { FormBuilder, FormControl, FormGroup, Validators } from '@angular/forms';
 import { NzMessageService } from 'ng-zorro-antd/message';
 import { debounceTime, first, map, switchMap } from "rxjs/operators";
@@ -7,11 +7,9 @@ import {
   AccessTokenTypeEnum,
   IAccessToken,
 } from "@features/safe/integrations/access-tokens/types/access-token";
-import { NzSelectComponent } from "ng-zorro-antd/select";
 import { AccessTokenService } from "@services/access-token.service";
 import { PermissionsService } from "@services/permissions.service";
 import { EffectEnum, generalResourceRNPattern, permissionActions } from "@shared/policy";
-import { PolicyFilter } from "@features/safe/iam/types/policy";
 import { NzModalService } from "ng-zorro-antd/modal";
 import { copyToClipboard, uuidv4 } from "@utils/index";
 import {
@@ -41,9 +39,11 @@ export class AccessTokenDrawerComponent {
     this.isEditing = accessToken && !!accessToken.id;
     if (this.isEditing) {
       this.permissions = preProcessPermissions(accessToken.permissions);
+      this.title = $localize`:@@integrations.access-token.access-token-drawer.edit-title:Edit Access Token`;
     } else {
-      accessToken = { name: null, type: AccessTokenTypeEnum.Personal};
+      accessToken = { name: null, type: AccessTokenTypeEnum.Personal };
       this.setAuthorizedPermissions();
+      this.title = $localize`:@@integrations.access-token.access-token-drawer.add-title:Add Access Token`;
     }
 
     this.isServiceAccessToken = accessToken.type === AccessTokenTypeEnum.Service;
@@ -54,6 +54,7 @@ export class AccessTokenDrawerComponent {
 
   @Input() visible: boolean = false;
   @Output() close: EventEmitter<any> = new EventEmitter();
+  title: string = '';
 
   canTakeActionOnPersonalAccessToken = false;
   canTakeActionOnServiceAccessToken = false;
@@ -76,44 +77,26 @@ export class AccessTokenDrawerComponent {
 
   isServiceAccessToken: boolean = false
 
-  @ViewChild("policyNodeSelector", {static: false}) policySelectNode: NzSelectComponent;
   form: FormGroup;
 
   get accessToken() {
     return this._accessToken;
   }
 
-  resetForm() {
-    this.form && this.form.reset();
-  }
-
   patchForm(accessToken: Partial<IAccessToken>) {
     this.form.patchValue({
       name: accessToken.name,
       type: accessToken.type,
-      policy: {},
-    });
-  }
-
-  resetPolicy() {
-    this.form.patchValue({
-      policy: {},
     });
   }
 
   onClose() {
-    this.reset();
     this.close.emit();
   }
 
-  private reset() {
-    this.form.reset();
-  }
-
   onTypeChange() {
     const {type} = this.form.value;
     this.isServiceAccessToken = type === AccessTokenTypeEnum.Service;
-    this.resetPolicy();
   }
 
   setAuthorizedPermissions() {
@@ -206,7 +189,7 @@ export class AccessTokenDrawerComponent {
     this.isLoading = true;
     if (this.isEditing) {
       this.accessTokenService.update(this.accessToken.id, name).subscribe({
-          next: res => {
+          next: _ => {
             this.isLoading = false;
             this.close.emit({ isEditing: true, id: this.accessToken.id, name: name });
             this.message.success($localize`:@@common.operation-success:Operation succeeded`);
@@ -221,11 +204,11 @@ export class AccessTokenDrawerComponent {
       const policies = this.isServiceAccessToken ? postProcessPermissions(this.permissions) : [];
 
       this.accessTokenService.create(name, type, policies).subscribe({
-          next: ({id, name, token}) => {
+          next: ({name, token}) => {
             this.isLoading = false;
             this.close.emit({ isEditing: false });
             this.message.success($localize`:@@common.operation-success:Operation succeeded`);
-            this.reset();
+            this.form.reset();
             this.tokenName = name;
             this.tokenValue = token;
             this.isCreationConfirmModalVisible = true;
diff --git a/modules/front-end/src/app/core/services/access-token.service.ts b/modules/front-end/src/app/core/services/access-token.service.ts
index 2383568d5..006fc2c33 100644
--- a/modules/front-end/src/app/core/services/access-token.service.ts
+++ b/modules/front-end/src/app/core/services/access-token.service.ts
@@ -9,7 +9,6 @@ import {
   IAccessToken,
   IPagedAccessToken
 } from "@features/safe/integrations/access-tokens/types/access-token";
-import { IMetric } from "@features/safe/experiments/types";
 import { IPolicyStatement } from "@shared/policy";
 
 @Injectable({
@@ -56,8 +55,8 @@ export class AccessTokenService {
     return this.http.put(`${this.baseUrl}/${id}/toggle`, {});
   }
 
-  update(id: string, name: string): Observable<any> {
+  update(id: string, name: string): Observable<boolean> {
     const url = this.baseUrl;
-    return this.http.put(url + `/${id}`, { name });
+    return this.http.put<boolean>(url + `/${id}`, { name });
   }
 }
diff --git a/modules/front-end/src/locale/messages.xlf b/modules/front-end/src/locale/messages.xlf
index 6df40f8d4..b328d920f 100644
--- a/modules/front-end/src/locale/messages.xlf
+++ b/modules/front-end/src/locale/messages.xlf
@@ -2,22 +2,15 @@
 <xliff version="1.2" xmlns="urn:oasis:names:tc:xliff:document:1.2">
   <file source-language="en" datatype="plaintext" original="ng2.template">
     <body>
-      <trans-unit id="integrations.access-token.access-token-drawer.title" datatype="html">
-        <source>Add access token</source>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/core/components/access-token-drawer/access-token-drawer.component.html</context>
-          <context context-type="linenumber">7</context>
-        </context-group>
-      </trans-unit>
       <trans-unit id="common.name" datatype="html">
         <source>Name</source>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/core/components/access-token-drawer/access-token-drawer.component.html</context>
-          <context context-type="linenumber">15</context>
+          <context context-type="linenumber">14</context>
         </context-group>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/core/components/access-token-drawer/access-token-drawer.component.html</context>
-          <context context-type="linenumber">17</context>
+          <context context-type="linenumber">16</context>
         </context-group>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/core/components/env-drawer/env-drawer.component.html</context>
@@ -196,7 +189,7 @@
         <source>Validating...</source>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/core/components/access-token-drawer/access-token-drawer.component.html</context>
-          <context context-type="linenumber">16</context>
+          <context context-type="linenumber">15</context>
         </context-group>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/core/components/env-drawer/env-drawer.component.html</context>
@@ -223,21 +216,21 @@
         <source>Access token name cannot be empty</source>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/core/components/access-token-drawer/access-token-drawer.component.html</context>
-          <context context-type="linenumber">20</context>
+          <context context-type="linenumber">19</context>
         </context-group>
       </trans-unit>
       <trans-unit id="integrations.access-token.access-token-drawer.name-unavailable" datatype="html">
         <source>This access token name is not available</source>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/core/components/access-token-drawer/access-token-drawer.component.html</context>
-          <context context-type="linenumber">21</context>
+          <context context-type="linenumber">20</context>
         </context-group>
       </trans-unit>
       <trans-unit id="common.type" datatype="html">
         <source>Type</source>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/core/components/access-token-drawer/access-token-drawer.component.html</context>
-          <context context-type="linenumber">27</context>
+          <context context-type="linenumber">26</context>
         </context-group>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/features/safe/data-sync/remote-sync/remote-sync.component.html</context>
@@ -268,7 +261,7 @@
         <source>Permissions</source>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/core/components/access-token-drawer/access-token-drawer.component.html</context>
-          <context context-type="linenumber">45</context>
+          <context context-type="linenumber">44</context>
         </context-group>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/features/safe/iam/components/policy-editor/policy-editor.component.html</context>
@@ -283,7 +276,7 @@
         <source>All</source>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/core/components/access-token-drawer/access-token-drawer.component.html</context>
-          <context context-type="linenumber">60</context>
+          <context context-type="linenumber">59</context>
         </context-group>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/features/safe/experiments/metrics/metrics.component.html</context>
@@ -298,7 +291,7 @@
         <source>Save</source>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/core/components/access-token-drawer/access-token-drawer.component.html</context>
-          <context context-type="linenumber">85</context>
+          <context context-type="linenumber">84</context>
         </context-group>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/core/components/change-review/change-review.component.html</context>
@@ -377,28 +370,42 @@
         <source>Access token created</source>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/core/components/access-token-drawer/access-token-drawer.component.html</context>
-          <context context-type="linenumber">93</context>
+          <context context-type="linenumber">92</context>
         </context-group>
       </trans-unit>
       <trans-unit id="integrations.access-token.copy-token-warning" datatype="html">
         <source>Copy and save this token now, the token value will be masked once you leave the page.</source>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/core/components/access-token-drawer/access-token-drawer.component.html</context>
-          <context context-type="linenumber">102</context>
+          <context context-type="linenumber">101</context>
         </context-group>
       </trans-unit>
       <trans-unit id="common.ok" datatype="html">
         <source>OK</source>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/core/components/access-token-drawer/access-token-drawer.component.html</context>
-          <context context-type="linenumber">117</context>
+          <context context-type="linenumber">116</context>
+        </context-group>
+      </trans-unit>
+      <trans-unit id="integrations.access-token.access-token-drawer.edit-title" datatype="html">
+        <source>Edit Access Token</source>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/core/components/access-token-drawer/access-token-drawer.component.ts</context>
+          <context context-type="linenumber">42</context>
+        </context-group>
+      </trans-unit>
+      <trans-unit id="integrations.access-token.access-token-drawer.add-title" datatype="html">
+        <source>Add Access Token</source>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/core/components/access-token-drawer/access-token-drawer.component.ts</context>
+          <context context-type="linenumber">46</context>
         </context-group>
       </trans-unit>
       <trans-unit id="permissions.need-permissions-to-operate" datatype="html">
         <source>You don&apos;t have permissions to take this action, please contact the admin to grant you the necessary permissions</source>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/core/components/access-token-drawer/access-token-drawer.component.ts</context>
-          <context context-type="linenumber">202</context>
+          <context context-type="linenumber">185</context>
         </context-group>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/core/services/permissions.service.ts</context>
@@ -409,11 +416,11 @@
         <source>Operation succeeded</source>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/core/components/access-token-drawer/access-token-drawer.component.ts</context>
-          <context context-type="linenumber">212</context>
+          <context context-type="linenumber">195</context>
         </context-group>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/core/components/access-token-drawer/access-token-drawer.component.ts</context>
-          <context context-type="linenumber">227</context>
+          <context context-type="linenumber">210</context>
         </context-group>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/core/components/expt-rules-drawer/expt-rules-drawer.component.ts</context>
@@ -624,7 +631,7 @@
         <source>Operation failed, please try again</source>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/core/components/access-token-drawer/access-token-drawer.component.ts</context>
-          <context context-type="linenumber">215</context>
+          <context context-type="linenumber">198</context>
         </context-group>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/core/components/metric-drawer/metric-drawer.component.ts</context>
@@ -691,14 +698,14 @@
         <source>Policies are mandatory for service type access tokens</source>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/core/components/access-token-drawer/access-token-drawer.component.ts</context>
-          <context context-type="linenumber">236</context>
+          <context context-type="linenumber">219</context>
         </context-group>
       </trans-unit>
       <trans-unit id="common.copy-success" datatype="html">
         <source>Copied</source>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/core/components/access-token-drawer/access-token-drawer.component.ts</context>
-          <context context-type="linenumber">246</context>
+          <context context-type="linenumber">229</context>
         </context-group>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/core/components/header/header.component.ts</context>
diff --git a/modules/front-end/src/locale/messages.zh.xlf b/modules/front-end/src/locale/messages.zh.xlf
index 80dcf7dee..86805eacb 100644
--- a/modules/front-end/src/locale/messages.zh.xlf
+++ b/modules/front-end/src/locale/messages.zh.xlf
@@ -1,23 +1,15 @@
 <?xml version="1.0" encoding="UTF-8"?><xliff version="1.2" xmlns="urn:oasis:names:tc:xliff:document:1.2">
   <file source-language="zh" datatype="plaintext" original="ng2.template">
     <body>
-      <trans-unit id="integrations.access-token.access-token-drawer.title" datatype="html">
-        <source>Add access token</source>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/core/components/access-token-drawer/access-token-drawer.component.html</context>
-          <context context-type="linenumber">7</context>
-        </context-group>
-        <target>添加访问密钥</target>
-      </trans-unit>
       <trans-unit id="common.name" datatype="html">
         <source>Name</source>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/core/components/access-token-drawer/access-token-drawer.component.html</context>
-          <context context-type="linenumber">15</context>
+          <context context-type="linenumber">14</context>
         </context-group>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/core/components/access-token-drawer/access-token-drawer.component.html</context>
-          <context context-type="linenumber">17</context>
+          <context context-type="linenumber">16</context>
         </context-group>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/core/components/env-drawer/env-drawer.component.html</context>
@@ -197,7 +189,7 @@
         <source>Validating...</source>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/core/components/access-token-drawer/access-token-drawer.component.html</context>
-          <context context-type="linenumber">16</context>
+          <context context-type="linenumber">15</context>
         </context-group>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/core/components/env-drawer/env-drawer.component.html</context>
@@ -225,7 +217,7 @@
         <source>Access token name cannot be empty</source>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/core/components/access-token-drawer/access-token-drawer.component.html</context>
-          <context context-type="linenumber">20</context>
+          <context context-type="linenumber">19</context>
         </context-group>
         <target>访问密钥名称不能为空</target>
       </trans-unit>
@@ -233,7 +225,7 @@
         <source>This access token name is not available</source>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/core/components/access-token-drawer/access-token-drawer.component.html</context>
-          <context context-type="linenumber">21</context>
+          <context context-type="linenumber">20</context>
         </context-group>
         <target>该名称已被使用</target>
       </trans-unit>
@@ -241,7 +233,7 @@
         <source>Type</source>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/core/components/access-token-drawer/access-token-drawer.component.html</context>
-          <context context-type="linenumber">27</context>
+          <context context-type="linenumber">26</context>
         </context-group>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/features/safe/data-sync/remote-sync/remote-sync.component.html</context>
@@ -273,7 +265,7 @@
         <source>Permissions</source>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/core/components/access-token-drawer/access-token-drawer.component.html</context>
-          <context context-type="linenumber">45</context>
+          <context context-type="linenumber">44</context>
         </context-group>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/features/safe/iam/components/policy-editor/policy-editor.component.html</context>
@@ -289,7 +281,7 @@
         <source>All</source>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/core/components/access-token-drawer/access-token-drawer.component.html</context>
-          <context context-type="linenumber">60</context>
+          <context context-type="linenumber">59</context>
         </context-group>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/features/safe/experiments/metrics/metrics.component.html</context>
@@ -305,7 +297,7 @@
         <source>Save</source>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/core/components/access-token-drawer/access-token-drawer.component.html</context>
-          <context context-type="linenumber">85</context>
+          <context context-type="linenumber">84</context>
         </context-group>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/core/components/change-review/change-review.component.html</context>
@@ -385,7 +377,7 @@
         <source>Access token created</source>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/core/components/access-token-drawer/access-token-drawer.component.html</context>
-          <context context-type="linenumber">93</context>
+          <context context-type="linenumber">92</context>
         </context-group>
         <target>成功创建访问秘钥</target>
       </trans-unit>
@@ -393,7 +385,7 @@
         <source>Copy and save this token now, the token value will be masked once you leave the page.</source>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/core/components/access-token-drawer/access-token-drawer.component.html</context>
-          <context context-type="linenumber">102</context>
+          <context context-type="linenumber">101</context>
         </context-group>
         <target>请复制并保存 Token，一旦离开该页面后，该 Token 将会被隐藏。</target>
       </trans-unit>
@@ -401,15 +393,31 @@
         <source>OK</source>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/core/components/access-token-drawer/access-token-drawer.component.html</context>
-          <context context-type="linenumber">117</context>
+          <context context-type="linenumber">116</context>
         </context-group>
         <target>OK</target>
       </trans-unit>
+      <trans-unit id="integrations.access-token.access-token-drawer.edit-title" datatype="html">
+        <source>Edit Access Token</source>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/core/components/access-token-drawer/access-token-drawer.component.ts</context>
+          <context context-type="linenumber">42</context>
+        </context-group>
+        <target>添加访问令牌</target>
+      </trans-unit>
+      <trans-unit id="integrations.access-token.access-token-drawer.add-title" datatype="html">
+        <source>Add Access Token</source>
+        <context-group purpose="location">
+          <context context-type="sourcefile">src/app/core/components/access-token-drawer/access-token-drawer.component.ts</context>
+          <context context-type="linenumber">46</context>
+        </context-group>
+        <target>编辑访问令牌</target>
+      </trans-unit>
       <trans-unit id="permissions.need-permissions-to-operate" datatype="html">
         <source>You don&apos;t have permissions to take this action, please contact the admin to grant you the necessary permissions</source>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/core/components/access-token-drawer/access-token-drawer.component.ts</context>
-          <context context-type="linenumber">202</context>
+          <context context-type="linenumber">185</context>
         </context-group>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/core/services/permissions.service.ts</context>
@@ -421,11 +429,11 @@
         <source>Operation succeeded</source>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/core/components/access-token-drawer/access-token-drawer.component.ts</context>
-          <context context-type="linenumber">212</context>
+          <context context-type="linenumber">195</context>
         </context-group>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/core/components/access-token-drawer/access-token-drawer.component.ts</context>
-          <context context-type="linenumber">227</context>
+          <context context-type="linenumber">210</context>
         </context-group>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/core/components/expt-rules-drawer/expt-rules-drawer.component.ts</context>
@@ -637,7 +645,7 @@
         <source>Operation failed, please try again</source>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/core/components/access-token-drawer/access-token-drawer.component.ts</context>
-          <context context-type="linenumber">215</context>
+          <context context-type="linenumber">198</context>
         </context-group>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/core/components/metric-drawer/metric-drawer.component.ts</context>
@@ -705,7 +713,7 @@
         <source>Policies are mandatory for service type access tokens</source>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/core/components/access-token-drawer/access-token-drawer.component.ts</context>
-          <context context-type="linenumber">236</context>
+          <context context-type="linenumber">219</context>
         </context-group>
         <target>策略不能为空</target>
       </trans-unit>
@@ -713,7 +721,7 @@
         <source>Copied</source>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/core/components/access-token-drawer/access-token-drawer.component.ts</context>
-          <context context-type="linenumber">246</context>
+          <context context-type="linenumber">229</context>
         </context-group>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/core/components/header/header.component.ts</context>

From b6c6f9f74a3c251633d5588139967aa750c0714b Mon Sep 17 00:00:00 2001
From: deleteLater <mikcczhang@gmail.com>
Date: Sat, 18 Mar 2023 01:04:00 +0800
Subject: [PATCH 38/44] rename

---
 .../back-end/src/Api/Controllers/AccessTokenController.cs | 2 +-
 .../{IsNameUsed.cs => IsAccessTokenNameUsed.cs}           | 8 ++++----
 2 files changed, 5 insertions(+), 5 deletions(-)
 rename modules/back-end/src/Application/AccessTokens/{IsNameUsed.cs => IsAccessTokenNameUsed.cs} (59%)

diff --git a/modules/back-end/src/Api/Controllers/AccessTokenController.cs b/modules/back-end/src/Api/Controllers/AccessTokenController.cs
index fb9fcc9e6..e0fce8d55 100644
--- a/modules/back-end/src/Api/Controllers/AccessTokenController.cs
+++ b/modules/back-end/src/Api/Controllers/AccessTokenController.cs
@@ -24,7 +24,7 @@ public async Task<ApiResponse<PagedResult<AccessTokenVm>>> GetListAsync(
     [HttpGet("is-name-used")]
     public async Task<ApiResponse<bool>> IsNameUsedAsync(Guid organizationId, string name)
     {
-        var request = new IsNameUsed
+        var request = new IsAccessTokenNameUsed
         {
             OrganizationId = organizationId,
             Name = name
diff --git a/modules/back-end/src/Application/AccessTokens/IsNameUsed.cs b/modules/back-end/src/Application/AccessTokens/IsAccessTokenNameUsed.cs
similarity index 59%
rename from modules/back-end/src/Application/AccessTokens/IsNameUsed.cs
rename to modules/back-end/src/Application/AccessTokens/IsAccessTokenNameUsed.cs
index 1f9bcaad1..b4d72fc58 100644
--- a/modules/back-end/src/Application/AccessTokens/IsNameUsed.cs
+++ b/modules/back-end/src/Application/AccessTokens/IsAccessTokenNameUsed.cs
@@ -1,22 +1,22 @@
 namespace Application.AccessTokens;
 
-public class IsNameUsed : IRequest<bool>
+public class IsAccessTokenNameUsed : IRequest<bool>
 {
     public Guid OrganizationId { get; set; }
 
     public string Name { get; set; }
 }
 
-public class IsNameUsedHandler : IRequestHandler<IsNameUsed, bool>
+public class IsAccessTokenNameUsedHandler : IRequestHandler<IsAccessTokenNameUsed, bool>
 {
     private readonly IAccessTokenService _service;
 
-    public IsNameUsedHandler(IAccessTokenService service)
+    public IsAccessTokenNameUsedHandler(IAccessTokenService service)
     {
         _service = service;
     }
 
-    public async Task<bool> Handle(IsNameUsed request, CancellationToken cancellationToken)
+    public async Task<bool> Handle(IsAccessTokenNameUsed request, CancellationToken cancellationToken)
     {
         var isNameUsed = await _service.AnyAsync(x =>
             x.OrganizationId == request.OrganizationId &&

From 4fbea5369a3ea356b6e166b6b7634a4d83bb7b8f Mon Sep 17 00:00:00 2001
From: deleteLater <mikcczhang@gmail.com>
Date: Sat, 18 Mar 2023 01:16:43 +0800
Subject: [PATCH 39/44] refactor ResourceService

---
 .../back-end/src/Domain/Resources/Resource.cs | 48 ++++++++++
 .../Resources/ResourceService.cs              | 95 ++-----------------
 2 files changed, 55 insertions(+), 88 deletions(-)

diff --git a/modules/back-end/src/Domain/Resources/Resource.cs b/modules/back-end/src/Domain/Resources/Resource.cs
index 926de1d1d..8cb1f455a 100644
--- a/modules/back-end/src/Domain/Resources/Resource.cs
+++ b/modules/back-end/src/Domain/Resources/Resource.cs
@@ -9,4 +9,52 @@ public class Resource
     public string Rn { get; set; }
 
     public string Type { get; set; }
+
+    public static readonly Resource All = new()
+    {
+        Id = new Guid("2bdcb290-2e1b-40d7-bdd1-697fb2193292"),
+        Name = "All",
+        Rn = "*",
+        Type = ResourceType.All
+    };
+
+    public static readonly Resource AllAccount = new()
+    {
+        Id = new Guid("e394832e-bd98-43de-b174-e0c98e03d19d"),
+        Name = "Account",
+        Rn = "account/*",
+        Type = ResourceType.Account
+    };
+
+    public static readonly Resource AllIam = new()
+    {
+        Id = new Guid("d8791bd2-ca85-4629-a439-1dce20764211"),
+        Name = "IAM",
+        Rn = "iam/*",
+        Type = ResourceType.IAM
+    };
+
+    public static readonly Resource AllAccessToken = new()
+    {
+        Id = new Guid("150083da-e20f-4670-948c-b842cf8a91a4"),
+        Name = "Access token",
+        Rn = "access-token/*",
+        Type = ResourceType.AccessToken
+    };
+
+    public static readonly Resource AllProject = new()
+    {
+        Id = new Guid("e77679a2-e79b-43e5-aa9f-fd6c980239be"),
+        Name = "project",
+        Rn = "project/*",
+        Type = ResourceType.Project
+    };
+
+    public static readonly Resource AllProjectEnv = new()
+    {
+        Id = new Guid("c62ed37a-74a9-4987-8ef4-b5a16127f307"),
+        Name = "env",
+        Rn = "project/*:env/*",
+        Type = ResourceType.Env
+    };
 }
\ No newline at end of file
diff --git a/modules/back-end/src/Infrastructure/Resources/ResourceService.cs b/modules/back-end/src/Infrastructure/Resources/ResourceService.cs
index d0cc83a53..7d54fc633 100644
--- a/modules/back-end/src/Infrastructure/Resources/ResourceService.cs
+++ b/modules/back-end/src/Infrastructure/Resources/ResourceService.cs
@@ -1,5 +1,4 @@
 using Application.Resources;
-using Application.Services;
 using Domain.Organizations;
 using Domain.Projects;
 using Domain.Resources;
@@ -24,81 +23,16 @@ public async Task<IEnumerable<Resource>> GetResourcesAsync(Guid organizationId,
 
         return filter.Type switch
         {
-            ResourceType.All => GetAll(name),
-            ResourceType.Account => GetGeneral(ResourceType.Account, name),
-            ResourceType.IAM => GetGeneral(ResourceType.IAM, name),
-            ResourceType.AccessToken => GetGeneral(ResourceType.AccessToken, name),
+            ResourceType.All => new[] { Resource.All },
+            ResourceType.Account => new[] { Resource.AllAccount },
+            ResourceType.IAM => new[] { Resource.AllIam },
+            ResourceType.AccessToken => new[] { Resource.AllAccessToken },
             ResourceType.Env => await GetEnvsAsync(organizationId, name),
             ResourceType.Project => await GetProjectsAsync(organizationId, name),
             _ => Array.Empty<Resource>()
         };
     }
 
-    private IEnumerable<Resource> GetAll(string name)
-    {
-        var resources = new List<Resource>
-        {
-            new()
-            {
-                Id = new Guid("2bdcb290-2e1b-40d7-bdd1-697fb2193292"),
-                Name = "All",
-                Rn = "*",
-                Type = ResourceType.All
-            }
-        };
-
-        if (!string.IsNullOrWhiteSpace(name))
-        {
-            resources = resources.Where(x => x.Name.Contains(name, StringComparison.OrdinalIgnoreCase)).ToList();
-        }
-
-        return resources;
-    }
-
-    private IEnumerable<Resource> GetGeneral(string resourceType, string name)
-    {
-        
-        var resource = resourceType switch
-        {
-           
-            ResourceType.Account => new Resource
-            {
-                Id = new Guid("e394832e-bd98-43de-b174-e0c98e03d19d"),
-                Name = "Account",
-                Rn = "account/*",
-                Type = ResourceType.Account
-            },
-            ResourceType.IAM => new Resource
-            {
-                Id = new Guid("d8791bd2-ca85-4629-a439-1dce20764211"),
-                Name = "IAM",
-                Rn = "iam/*",
-                Type = ResourceType.IAM
-            },
-            ResourceType.AccessToken => new Resource
-            {
-                Id = new Guid("150083da-e20f-4670-948c-b842cf8a91a4"),
-                Name = "Access token",
-                Rn = "access-token/*",
-                Type = ResourceType.AccessToken
-            },
-            _ => null
-        };
-
-        if (resource == null)
-        {
-            return new List<Resource>();
-        }
-
-        var resources =  new List<Resource> { resource };
-        if (!string.IsNullOrWhiteSpace(name))
-        {
-            resources = resources.Where(x => x.Name.Contains(name, StringComparison.OrdinalIgnoreCase)).ToList();
-        }
-
-        return resources.ToList();
-    }
-
     public async Task<IEnumerable<Resource>> GetProjectsAsync(Guid organizationId, string name)
     {
         var query = MongoDb.QueryableOf<Project>()
@@ -123,15 +57,8 @@ public async Task<IEnumerable<Resource>> GetProjectsAsync(Guid organizationId, s
             Rn = x.Rn,
             Type = ResourceType.Project
         }).ToList();
-        
-        resources.Insert(0, new Resource
-        {
-            Id = new Guid("e77679a2-e79b-43e5-aa9f-fd6c980239be"),
-            Name = "project",
-            Rn = "project/*",
-            Type = ResourceType.Project
-        });
 
+        resources.Insert(0, Resource.AllProject);
         return resources;
     }
 
@@ -167,16 +94,8 @@ join organization in organizations on project.OrganizationId equals organization
             Rn = x.Rn,
             Type = ResourceType.Env
         }).ToList();
-        
-        resources.Insert(0, new Resource
-        {
-            Id = new Guid("c62ed37a-74a9-4987-8ef4-b5a16127f307"),
-            Name = "env",
-            Rn = "project/*:env/*",
-            Type = ResourceType.Env
-        });
-        
-        
+
+        resources.Insert(0, Resource.AllProjectEnv);
         return resources;
     }
 }
\ No newline at end of file

From d44f3c397770ba91308075c22ef79bf69181cd9d Mon Sep 17 00:00:00 2001
From: cosmos-explorer <lian.yang.work@gmail.com>
Date: Fri, 17 Mar 2023 20:47:22 +0100
Subject: [PATCH 40/44] fixed bugs

---
 .../access-token-drawer.component.ts          | 48 +++++++++++++------
 modules/front-end/src/app/shared/policy.ts    |  7 +--
 2 files changed, 38 insertions(+), 17 deletions(-)

diff --git a/modules/front-end/src/app/core/components/access-token-drawer/access-token-drawer.component.ts b/modules/front-end/src/app/core/components/access-token-drawer/access-token-drawer.component.ts
index 00b447ce4..c24e30c82 100644
--- a/modules/front-end/src/app/core/components/access-token-drawer/access-token-drawer.component.ts
+++ b/modules/front-end/src/app/core/components/access-token-drawer/access-token-drawer.component.ts
@@ -9,7 +9,13 @@ import {
 } from "@features/safe/integrations/access-tokens/types/access-token";
 import { AccessTokenService } from "@services/access-token.service";
 import { PermissionsService } from "@services/permissions.service";
-import { EffectEnum, generalResourceRNPattern, permissionActions } from "@shared/policy";
+import {
+  EffectEnum,
+  generalResourceRNPattern,
+  permissionActions,
+  ResourceTypeAccount,
+  ResourceTypeIAM
+} from "@shared/policy";
 import { NzModalService } from "ng-zorro-antd/modal";
 import { copyToClipboard, uuidv4 } from "@utils/index";
 import {
@@ -31,9 +37,19 @@ export class AccessTokenDrawerComponent {
   private _accessToken: IAccessToken;
   isEditing: boolean = false;
 
-  resourceTypes: ResourceType[] = [ResourceTypeAccessToken, ResourceTypeProject, ResourceTypeEnv]; // TODO replace with real open API resource types
+  // This property is used to define the order of displaying the resource types, it also defines the resource types applicable to OPEN API
+  // TODO replace with real open API resource types
+  resourceTypes: ResourceType[] = [
+    ResourceTypeAccount,
+    ResourceTypeIAM,
+    ResourceTypeAccessToken,
+    ResourceTypeProject,
+    ResourceTypeEnv
+  ];
+
   authorizedResourceTypes: ResourceType[] = [];
   permissions: { [key: string]: IPermissionStatementGroup };
+
   @Input()
   set accessToken(accessToken: IAccessToken) {
     this.isEditing = accessToken && !!accessToken.id;
@@ -41,7 +57,7 @@ export class AccessTokenDrawerComponent {
       this.permissions = preProcessPermissions(accessToken.permissions);
       this.title = $localize`:@@integrations.access-token.access-token-drawer.edit-title:Edit Access Token`;
     } else {
-      accessToken = { name: null, type: AccessTokenTypeEnum.Personal };
+      accessToken = {name: null, type: AccessTokenTypeEnum.Personal};
       this.setAuthorizedPermissions();
       this.title = $localize`:@@integrations.access-token.access-token-drawer.add-title:Add Access Token`;
     }
@@ -58,6 +74,7 @@ export class AccessTokenDrawerComponent {
 
   canTakeActionOnPersonalAccessToken = false;
   canTakeActionOnServiceAccessToken = false;
+
   constructor(
     private fb: FormBuilder,
     private policyService: PolicyService,
@@ -102,11 +119,11 @@ export class AccessTokenDrawerComponent {
   setAuthorizedPermissions() {
     const hasOwnerPolicy = this.permissionsService.policies.some((policy) => policy.name === 'Owner' && policy.type === 'SysManaged');
 
+    let permissions = [];
     if (hasOwnerPolicy) {
-      const permissions = Object.keys(permissionActions)
-        .filter((property) => permissionActions[property].isOpenAPIApplicable)
+      permissions = Object.keys(permissionActions)
         .map((property) => {
-          const { resourceType, name } = permissionActions[property];
+          const {resourceType, name} = permissionActions[property];
           return {
             id: uuidv4(),
             resourceType,
@@ -114,11 +131,13 @@ export class AccessTokenDrawerComponent {
             actions: [name],
             resources: [generalResourceRNPattern[resourceType]]
           }
-        });
-      this.permissions = preProcessPermissions(permissions);
+        })
     } else {
-      this.permissions = preProcessPermissions(this.permissionsService.permissions);
+      permissions = this.permissionsService.permissions;
     }
+
+    permissions = permissions.filter((permission) => this.resourceTypes.some((rt) => rt.type === permission.resourceType));
+    this.permissions = preProcessPermissions(permissions);
   }
 
   nameAsyncValidator = (control: FormControl) => control.valueChanges.pipe(
@@ -152,7 +171,7 @@ export class AccessTokenDrawerComponent {
     }
   }
 
-  updatePermissionSingleChecked(statementGroup: IPermissionStatementGroup){
+  updatePermissionSingleChecked(statementGroup: IPermissionStatementGroup) {
     if (statementGroup.statements.every(item => !item.checked)) {
       statementGroup.allChecked = false;
       statementGroup.indeterminate = false;
@@ -169,6 +188,7 @@ export class AccessTokenDrawerComponent {
   tokenName = '';
   tokenValue = '';
   isCreationConfirmModalVisible = false;
+
   doSubmit() {
     if (this.form.invalid) {
       for (const i in this.form.controls) {
@@ -182,7 +202,7 @@ export class AccessTokenDrawerComponent {
     const {name, type} = this.form.value;
 
     if ((type === AccessTokenTypeEnum.Personal && !this.canTakeActionOnPersonalAccessToken) || (type === AccessTokenTypeEnum.Service && !this.canTakeActionOnServiceAccessToken)) {
-      this.message.warning($localize `:@@permissions.need-permissions-to-operate:You don't have permissions to take this action, please contact the admin to grant you the necessary permissions`);
+      this.message.warning($localize`:@@permissions.need-permissions-to-operate:You don't have permissions to take this action, please contact the admin to grant you the necessary permissions`);
       return;
     }
 
@@ -191,7 +211,7 @@ export class AccessTokenDrawerComponent {
       this.accessTokenService.update(this.accessToken.id, name).subscribe({
           next: _ => {
             this.isLoading = false;
-            this.close.emit({ isEditing: true, id: this.accessToken.id, name: name });
+            this.close.emit({isEditing: true, id: this.accessToken.id, name: name});
             this.message.success($localize`:@@common.operation-success:Operation succeeded`);
           },
           error: _ => {
@@ -206,7 +226,7 @@ export class AccessTokenDrawerComponent {
       this.accessTokenService.create(name, type, policies).subscribe({
           next: ({name, token}) => {
             this.isLoading = false;
-            this.close.emit({ isEditing: false });
+            this.close.emit({isEditing: false});
             this.message.success($localize`:@@common.operation-success:Operation succeeded`);
             this.form.reset();
             this.tokenName = name;
@@ -226,7 +246,7 @@ export class AccessTokenDrawerComponent {
 
   copyText(event, text: string) {
     copyToClipboard(text).then(
-      () => this.message.success($localize `:@@common.copy-success:Copied`)
+      () => this.message.success($localize`:@@common.copy-success:Copied`)
     );
   }
 
diff --git a/modules/front-end/src/app/shared/policy.ts b/modules/front-end/src/app/shared/policy.ts
index 42a9acec9..37a01394f 100644
--- a/modules/front-end/src/app/shared/policy.ts
+++ b/modules/front-end/src/app/shared/policy.ts
@@ -61,6 +61,7 @@ export const generalResourceRNPattern = {
   account: 'account/*',
   iam: 'iam/*',
   accessToken: 'access-token/*',
+  "access-token": 'access-token/*', // this duplicated property is necessary for resource types consisting of multiple words because of access-token-drawer.component.ts line 132
   project: 'project/*',
   env: 'project/*:env/*'
 };
@@ -117,7 +118,7 @@ export interface ResourceParamViewModel {
   isInvalid: boolean
 }
 
-export const rscParamsDict: {[key in ResourceTypeEnum]: ResourceParamViewModel[]} = {
+export const rscParamsDict: { [key in ResourceTypeEnum]: ResourceParamViewModel[] } = {
   [ResourceTypeEnum.All]: [],
   [ResourceTypeEnum.Account]: [],
   [ResourceTypeEnum.IAM]: [],
@@ -158,7 +159,7 @@ export const rscParamsDict: {[key in ResourceTypeEnum]: ResourceParamViewModel[]
   ],
 };
 
-export const permissionActions: {[key: string]: IamPolicyAction} = {
+export const permissionActions: { [key: string]: IamPolicyAction } = {
   All: {
     id: uuidv4(),
     name: '*',
@@ -213,7 +214,7 @@ export const permissionActions: {[key: string]: IamPolicyAction} = {
     isOpenAPIApplicable: true,
     isSpecificApplicable: true
   },
-  CreateEnv:  {
+  CreateEnv: {
     id: uuidv4(),
     name: 'CreateEnv',
     resourceType: ResourceTypeEnum.Project,

From 86adc303dffc28fcc8523c91818bbc638e6410e6 Mon Sep 17 00:00:00 2001
From: cosmos-explorer <lian.yang.work@gmail.com>
Date: Fri, 17 Mar 2023 21:00:53 +0100
Subject: [PATCH 41/44] translations

---
 modules/front-end/src/locale/messages.xlf    | 106 +++++++++----------
 modules/front-end/src/locale/messages.zh.xlf | 106 +++++++++----------
 2 files changed, 106 insertions(+), 106 deletions(-)

diff --git a/modules/front-end/src/locale/messages.xlf b/modules/front-end/src/locale/messages.xlf
index b328d920f..b3d58ed9d 100644
--- a/modules/front-end/src/locale/messages.xlf
+++ b/modules/front-end/src/locale/messages.xlf
@@ -391,21 +391,21 @@
         <source>Edit Access Token</source>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/core/components/access-token-drawer/access-token-drawer.component.ts</context>
-          <context context-type="linenumber">42</context>
+          <context context-type="linenumber">58</context>
         </context-group>
       </trans-unit>
       <trans-unit id="integrations.access-token.access-token-drawer.add-title" datatype="html">
         <source>Add Access Token</source>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/core/components/access-token-drawer/access-token-drawer.component.ts</context>
-          <context context-type="linenumber">46</context>
+          <context context-type="linenumber">62</context>
         </context-group>
       </trans-unit>
       <trans-unit id="permissions.need-permissions-to-operate" datatype="html">
         <source>You don&apos;t have permissions to take this action, please contact the admin to grant you the necessary permissions</source>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/core/components/access-token-drawer/access-token-drawer.component.ts</context>
-          <context context-type="linenumber">185</context>
+          <context context-type="linenumber">205</context>
         </context-group>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/core/services/permissions.service.ts</context>
@@ -416,11 +416,11 @@
         <source>Operation succeeded</source>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/core/components/access-token-drawer/access-token-drawer.component.ts</context>
-          <context context-type="linenumber">195</context>
+          <context context-type="linenumber">215</context>
         </context-group>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/core/components/access-token-drawer/access-token-drawer.component.ts</context>
-          <context context-type="linenumber">210</context>
+          <context context-type="linenumber">230</context>
         </context-group>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/core/components/expt-rules-drawer/expt-rules-drawer.component.ts</context>
@@ -631,7 +631,7 @@
         <source>Operation failed, please try again</source>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/core/components/access-token-drawer/access-token-drawer.component.ts</context>
-          <context context-type="linenumber">198</context>
+          <context context-type="linenumber">218</context>
         </context-group>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/core/components/metric-drawer/metric-drawer.component.ts</context>
@@ -698,14 +698,14 @@
         <source>Policies are mandatory for service type access tokens</source>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/core/components/access-token-drawer/access-token-drawer.component.ts</context>
-          <context context-type="linenumber">219</context>
+          <context context-type="linenumber">239</context>
         </context-group>
       </trans-unit>
       <trans-unit id="common.copy-success" datatype="html">
         <source>Copied</source>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/core/components/access-token-drawer/access-token-drawer.component.ts</context>
-          <context context-type="linenumber">229</context>
+          <context context-type="linenumber">249</context>
         </context-group>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/core/components/header/header.component.ts</context>
@@ -6456,258 +6456,258 @@
         <source>All</source>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/shared/policy.ts</context>
-          <context context-type="linenumber">71</context>
+          <context context-type="linenumber">72</context>
         </context-group>
       </trans-unit>
       <trans-unit id="iam.rsc-type.account" datatype="html">
         <source>Account</source>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/shared/policy.ts</context>
-          <context context-type="linenumber">77</context>
+          <context context-type="linenumber">78</context>
         </context-group>
       </trans-unit>
       <trans-unit id="iam.rsc-type.iam" datatype="html">
         <source>IAM</source>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/shared/policy.ts</context>
-          <context context-type="linenumber">83</context>
+          <context context-type="linenumber">84</context>
         </context-group>
       </trans-unit>
       <trans-unit id="iam.rsc-type.access-token" datatype="html">
         <source>Access token</source>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/shared/policy.ts</context>
-          <context context-type="linenumber">89</context>
+          <context context-type="linenumber">90</context>
         </context-group>
       </trans-unit>
       <trans-unit id="iam.rsc-type.project" datatype="html">
         <source>Project</source>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/shared/policy.ts</context>
-          <context context-type="linenumber">94</context>
+          <context context-type="linenumber">95</context>
         </context-group>
       </trans-unit>
       <trans-unit id="iam.rsc-type.env" datatype="html">
         <source>Environment</source>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/shared/policy.ts</context>
-          <context context-type="linenumber">100</context>
+          <context context-type="linenumber">101</context>
         </context-group>
       </trans-unit>
       <trans-unit id="iam.policy.project" datatype="html">
         <source>Project</source>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/shared/policy.ts</context>
-          <context context-type="linenumber">131</context>
+          <context context-type="linenumber">132</context>
         </context-group>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/shared/policy.ts</context>
-          <context context-type="linenumber">143</context>
+          <context context-type="linenumber">144</context>
         </context-group>
       </trans-unit>
       <trans-unit id="iam.policy.environment" datatype="html">
         <source>Environment</source>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/shared/policy.ts</context>
-          <context context-type="linenumber">153</context>
+          <context context-type="linenumber">154</context>
         </context-group>
       </trans-unit>
       <trans-unit id="iam.action.all" datatype="html">
         <source>All</source>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/shared/policy.ts</context>
-          <context context-type="linenumber">166</context>
+          <context context-type="linenumber">167</context>
         </context-group>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/shared/policy.ts</context>
-          <context context-type="linenumber">167</context>
+          <context context-type="linenumber">168</context>
         </context-group>
       </trans-unit>
       <trans-unit id="iam.action.list-projects" datatype="html">
         <source>List projects</source>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/shared/policy.ts</context>
-          <context context-type="linenumber">175</context>
+          <context context-type="linenumber">176</context>
         </context-group>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/shared/policy.ts</context>
-          <context context-type="linenumber">176</context>
+          <context context-type="linenumber">177</context>
         </context-group>
       </trans-unit>
       <trans-unit id="iam.action.create-projects" datatype="html">
         <source>Create projects</source>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/shared/policy.ts</context>
-          <context context-type="linenumber">184</context>
+          <context context-type="linenumber">185</context>
         </context-group>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/shared/policy.ts</context>
-          <context context-type="linenumber">185</context>
+          <context context-type="linenumber">186</context>
         </context-group>
       </trans-unit>
       <trans-unit id="iam.action.delete-projects" datatype="html">
         <source>Delete projects</source>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/shared/policy.ts</context>
-          <context context-type="linenumber">193</context>
+          <context context-type="linenumber">194</context>
         </context-group>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/shared/policy.ts</context>
-          <context context-type="linenumber">194</context>
+          <context context-type="linenumber">195</context>
         </context-group>
       </trans-unit>
       <trans-unit id="iam.action.update-project-settings" datatype="html">
         <source>Update project settings</source>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/shared/policy.ts</context>
-          <context context-type="linenumber">202</context>
+          <context context-type="linenumber">203</context>
         </context-group>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/shared/policy.ts</context>
-          <context context-type="linenumber">203</context>
+          <context context-type="linenumber">204</context>
         </context-group>
       </trans-unit>
       <trans-unit id="iam.action.list-envs" datatype="html">
         <source>List environments</source>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/shared/policy.ts</context>
-          <context context-type="linenumber">211</context>
+          <context context-type="linenumber">212</context>
         </context-group>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/shared/policy.ts</context>
-          <context context-type="linenumber">212</context>
+          <context context-type="linenumber">213</context>
         </context-group>
       </trans-unit>
       <trans-unit id="iam.action.create-env" datatype="html">
         <source>Create environment</source>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/shared/policy.ts</context>
-          <context context-type="linenumber">220</context>
+          <context context-type="linenumber">221</context>
         </context-group>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/shared/policy.ts</context>
-          <context context-type="linenumber">221</context>
+          <context context-type="linenumber">222</context>
         </context-group>
       </trans-unit>
       <trans-unit id="iam.action.access-envs" datatype="html">
         <source>Access environments</source>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/shared/policy.ts</context>
-          <context context-type="linenumber">229</context>
+          <context context-type="linenumber">230</context>
         </context-group>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/shared/policy.ts</context>
-          <context context-type="linenumber">230</context>
+          <context context-type="linenumber">231</context>
         </context-group>
       </trans-unit>
       <trans-unit id="iam.action.delete-envs" datatype="html">
         <source>Delete environments</source>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/shared/policy.ts</context>
-          <context context-type="linenumber">238</context>
+          <context context-type="linenumber">239</context>
         </context-group>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/shared/policy.ts</context>
-          <context context-type="linenumber">239</context>
+          <context context-type="linenumber">240</context>
         </context-group>
       </trans-unit>
       <trans-unit id="iam.action.update-env-settings" datatype="html">
         <source>Update environment settings</source>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/shared/policy.ts</context>
-          <context context-type="linenumber">247</context>
+          <context context-type="linenumber">248</context>
         </context-group>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/shared/policy.ts</context>
-          <context context-type="linenumber">248</context>
+          <context context-type="linenumber">249</context>
         </context-group>
       </trans-unit>
       <trans-unit id="iam.action.delete-env-secret" datatype="html">
         <source>Delete environment secret</source>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/shared/policy.ts</context>
-          <context context-type="linenumber">256</context>
+          <context context-type="linenumber">257</context>
         </context-group>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/shared/policy.ts</context>
-          <context context-type="linenumber">257</context>
+          <context context-type="linenumber">258</context>
         </context-group>
       </trans-unit>
       <trans-unit id="iam.action.create-env-secret" datatype="html">
         <source>Create environment secret</source>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/shared/policy.ts</context>
-          <context context-type="linenumber">265</context>
+          <context context-type="linenumber">266</context>
         </context-group>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/shared/policy.ts</context>
-          <context context-type="linenumber">266</context>
+          <context context-type="linenumber">267</context>
         </context-group>
       </trans-unit>
       <trans-unit id="iam.action.update-env-secret" datatype="html">
         <source>Update environment secret</source>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/shared/policy.ts</context>
-          <context context-type="linenumber">274</context>
+          <context context-type="linenumber">275</context>
         </context-group>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/shared/policy.ts</context>
-          <context context-type="linenumber">275</context>
+          <context context-type="linenumber">276</context>
         </context-group>
       </trans-unit>
       <trans-unit id="iam.action.update-org-name" datatype="html">
         <source>Update org name</source>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/shared/policy.ts</context>
-          <context context-type="linenumber">285</context>
+          <context context-type="linenumber">286</context>
         </context-group>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/shared/policy.ts</context>
-          <context context-type="linenumber">286</context>
+          <context context-type="linenumber">287</context>
         </context-group>
       </trans-unit>
       <trans-unit id="iam.action.iam" datatype="html">
         <source>IAM</source>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/shared/policy.ts</context>
-          <context context-type="linenumber">296</context>
+          <context context-type="linenumber">297</context>
         </context-group>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/shared/policy.ts</context>
-          <context context-type="linenumber">297</context>
+          <context context-type="linenumber">298</context>
         </context-group>
       </trans-unit>
       <trans-unit id="iam.action.list-access-tokens" datatype="html">
         <source>List access tokens</source>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/shared/policy.ts</context>
-          <context context-type="linenumber">307</context>
+          <context context-type="linenumber">308</context>
         </context-group>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/shared/policy.ts</context>
-          <context context-type="linenumber">308</context>
+          <context context-type="linenumber">309</context>
         </context-group>
       </trans-unit>
       <trans-unit id="iam.action.manage-service-access-tokens" datatype="html">
         <source>Manage service access tokens</source>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/shared/policy.ts</context>
-          <context context-type="linenumber">316</context>
+          <context context-type="linenumber">317</context>
         </context-group>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/shared/policy.ts</context>
-          <context context-type="linenumber">317</context>
+          <context context-type="linenumber">318</context>
         </context-group>
       </trans-unit>
       <trans-unit id="iam.action.manage-personal-access-tokens" datatype="html">
         <source>Manage personal access tokens</source>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/shared/policy.ts</context>
-          <context context-type="linenumber">325</context>
+          <context context-type="linenumber">326</context>
         </context-group>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/shared/policy.ts</context>
-          <context context-type="linenumber">326</context>
+          <context context-type="linenumber">327</context>
         </context-group>
       </trans-unit>
     </body>
diff --git a/modules/front-end/src/locale/messages.zh.xlf b/modules/front-end/src/locale/messages.zh.xlf
index 86805eacb..8d054c252 100644
--- a/modules/front-end/src/locale/messages.zh.xlf
+++ b/modules/front-end/src/locale/messages.zh.xlf
@@ -401,7 +401,7 @@
         <source>Edit Access Token</source>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/core/components/access-token-drawer/access-token-drawer.component.ts</context>
-          <context context-type="linenumber">42</context>
+          <context context-type="linenumber">58</context>
         </context-group>
         <target>添加访问令牌</target>
       </trans-unit>
@@ -409,7 +409,7 @@
         <source>Add Access Token</source>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/core/components/access-token-drawer/access-token-drawer.component.ts</context>
-          <context context-type="linenumber">46</context>
+          <context context-type="linenumber">62</context>
         </context-group>
         <target>编辑访问令牌</target>
       </trans-unit>
@@ -417,7 +417,7 @@
         <source>You don&apos;t have permissions to take this action, please contact the admin to grant you the necessary permissions</source>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/core/components/access-token-drawer/access-token-drawer.component.ts</context>
-          <context context-type="linenumber">185</context>
+          <context context-type="linenumber">205</context>
         </context-group>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/core/services/permissions.service.ts</context>
@@ -429,11 +429,11 @@
         <source>Operation succeeded</source>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/core/components/access-token-drawer/access-token-drawer.component.ts</context>
-          <context context-type="linenumber">195</context>
+          <context context-type="linenumber">215</context>
         </context-group>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/core/components/access-token-drawer/access-token-drawer.component.ts</context>
-          <context context-type="linenumber">210</context>
+          <context context-type="linenumber">230</context>
         </context-group>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/core/components/expt-rules-drawer/expt-rules-drawer.component.ts</context>
@@ -645,7 +645,7 @@
         <source>Operation failed, please try again</source>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/core/components/access-token-drawer/access-token-drawer.component.ts</context>
-          <context context-type="linenumber">198</context>
+          <context context-type="linenumber">218</context>
         </context-group>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/core/components/metric-drawer/metric-drawer.component.ts</context>
@@ -713,7 +713,7 @@
         <source>Policies are mandatory for service type access tokens</source>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/core/components/access-token-drawer/access-token-drawer.component.ts</context>
-          <context context-type="linenumber">219</context>
+          <context context-type="linenumber">239</context>
         </context-group>
         <target>策略不能为空</target>
       </trans-unit>
@@ -721,7 +721,7 @@
         <source>Copied</source>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/core/components/access-token-drawer/access-token-drawer.component.ts</context>
-          <context context-type="linenumber">229</context>
+          <context context-type="linenumber">249</context>
         </context-group>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/core/components/header/header.component.ts</context>
@@ -7093,7 +7093,7 @@
         <source>All</source>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/shared/policy.ts</context>
-          <context context-type="linenumber">71</context>
+          <context context-type="linenumber">72</context>
         </context-group>
         <target>全部</target>
       </trans-unit>
@@ -7101,7 +7101,7 @@
         <source>Account</source>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/shared/policy.ts</context>
-          <context context-type="linenumber">77</context>
+          <context context-type="linenumber">78</context>
         </context-group>
         <target>账户管理</target>
       </trans-unit>
@@ -7109,7 +7109,7 @@
         <source>IAM</source>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/shared/policy.ts</context>
-          <context context-type="linenumber">83</context>
+          <context context-type="linenumber">84</context>
         </context-group>
         <target>权限管理</target>
       </trans-unit>
@@ -7117,7 +7117,7 @@
         <source>Access token</source>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/shared/policy.ts</context>
-          <context context-type="linenumber">89</context>
+          <context context-type="linenumber">90</context>
         </context-group>
         <target>访问策略</target>
       </trans-unit>
@@ -7125,7 +7125,7 @@
         <source>Project</source>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/shared/policy.ts</context>
-          <context context-type="linenumber">94</context>
+          <context context-type="linenumber">95</context>
         </context-group>
         <target>项目</target>
       </trans-unit>
@@ -7133,7 +7133,7 @@
         <source>Environment</source>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/shared/policy.ts</context>
-          <context context-type="linenumber">100</context>
+          <context context-type="linenumber">101</context>
         </context-group>
         <target>环境</target>
       </trans-unit>
@@ -7141,11 +7141,11 @@
         <source>Project</source>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/shared/policy.ts</context>
-          <context context-type="linenumber">131</context>
+          <context context-type="linenumber">132</context>
         </context-group>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/shared/policy.ts</context>
-          <context context-type="linenumber">143</context>
+          <context context-type="linenumber">144</context>
         </context-group>
         <target>项目</target>
       </trans-unit>
@@ -7153,7 +7153,7 @@
         <source>Environment</source>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/shared/policy.ts</context>
-          <context context-type="linenumber">153</context>
+          <context context-type="linenumber">154</context>
         </context-group>
         <target>环境</target>
       </trans-unit>
@@ -7161,11 +7161,11 @@
         <source>All</source>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/shared/policy.ts</context>
-          <context context-type="linenumber">166</context>
+          <context context-type="linenumber">167</context>
         </context-group>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/shared/policy.ts</context>
-          <context context-type="linenumber">167</context>
+          <context context-type="linenumber">168</context>
         </context-group>
         <target>全部操作</target>
       </trans-unit>
@@ -7173,11 +7173,11 @@
         <source>List projects</source>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/shared/policy.ts</context>
-          <context context-type="linenumber">175</context>
+          <context context-type="linenumber">176</context>
         </context-group>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/shared/policy.ts</context>
-          <context context-type="linenumber">176</context>
+          <context context-type="linenumber">177</context>
         </context-group>
         <target>查看项目列表</target>
       </trans-unit>
@@ -7185,11 +7185,11 @@
         <source>Create projects</source>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/shared/policy.ts</context>
-          <context context-type="linenumber">184</context>
+          <context context-type="linenumber">185</context>
         </context-group>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/shared/policy.ts</context>
-          <context context-type="linenumber">185</context>
+          <context context-type="linenumber">186</context>
         </context-group>
         <target>创建项目</target>
       </trans-unit>
@@ -7197,11 +7197,11 @@
         <source>Delete projects</source>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/shared/policy.ts</context>
-          <context context-type="linenumber">193</context>
+          <context context-type="linenumber">194</context>
         </context-group>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/shared/policy.ts</context>
-          <context context-type="linenumber">194</context>
+          <context context-type="linenumber">195</context>
         </context-group>
         <target>删除项目</target>
       </trans-unit>
@@ -7209,11 +7209,11 @@
         <source>Update project settings</source>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/shared/policy.ts</context>
-          <context context-type="linenumber">202</context>
+          <context context-type="linenumber">203</context>
         </context-group>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/shared/policy.ts</context>
-          <context context-type="linenumber">203</context>
+          <context context-type="linenumber">204</context>
         </context-group>
         <target>修改项目设置</target>
       </trans-unit>
@@ -7221,11 +7221,11 @@
         <source>List environments</source>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/shared/policy.ts</context>
-          <context context-type="linenumber">211</context>
+          <context context-type="linenumber">212</context>
         </context-group>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/shared/policy.ts</context>
-          <context context-type="linenumber">212</context>
+          <context context-type="linenumber">213</context>
         </context-group>
         <target>查看环境列表</target>
       </trans-unit>
@@ -7233,11 +7233,11 @@
         <source>Create environment</source>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/shared/policy.ts</context>
-          <context context-type="linenumber">220</context>
+          <context context-type="linenumber">221</context>
         </context-group>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/shared/policy.ts</context>
-          <context context-type="linenumber">221</context>
+          <context context-type="linenumber">222</context>
         </context-group>
         <target>创建环境</target>
       </trans-unit>
@@ -7245,11 +7245,11 @@
         <source>Access environments</source>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/shared/policy.ts</context>
-          <context context-type="linenumber">229</context>
+          <context context-type="linenumber">230</context>
         </context-group>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/shared/policy.ts</context>
-          <context context-type="linenumber">230</context>
+          <context context-type="linenumber">231</context>
         </context-group>
         <target>进入环境</target>
       </trans-unit>
@@ -7257,11 +7257,11 @@
         <source>Delete environments</source>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/shared/policy.ts</context>
-          <context context-type="linenumber">238</context>
+          <context context-type="linenumber">239</context>
         </context-group>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/shared/policy.ts</context>
-          <context context-type="linenumber">239</context>
+          <context context-type="linenumber">240</context>
         </context-group>
         <target>删除环境</target>
       </trans-unit>
@@ -7269,11 +7269,11 @@
         <source>Update environment settings</source>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/shared/policy.ts</context>
-          <context context-type="linenumber">247</context>
+          <context context-type="linenumber">248</context>
         </context-group>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/shared/policy.ts</context>
-          <context context-type="linenumber">248</context>
+          <context context-type="linenumber">249</context>
         </context-group>
         <target>修改环境设置</target>
       </trans-unit>
@@ -7281,11 +7281,11 @@
         <source>Delete environment secret</source>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/shared/policy.ts</context>
-          <context context-type="linenumber">256</context>
+          <context context-type="linenumber">257</context>
         </context-group>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/shared/policy.ts</context>
-          <context context-type="linenumber">257</context>
+          <context context-type="linenumber">258</context>
         </context-group>
         <target>删除环境秘钥</target>
       </trans-unit>
@@ -7293,11 +7293,11 @@
         <source>Create environment secret</source>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/shared/policy.ts</context>
-          <context context-type="linenumber">265</context>
+          <context context-type="linenumber">266</context>
         </context-group>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/shared/policy.ts</context>
-          <context context-type="linenumber">266</context>
+          <context context-type="linenumber">267</context>
         </context-group>
         <target>创建环境秘钥</target>
       </trans-unit>
@@ -7305,11 +7305,11 @@
         <source>Update environment secret</source>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/shared/policy.ts</context>
-          <context context-type="linenumber">274</context>
+          <context context-type="linenumber">275</context>
         </context-group>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/shared/policy.ts</context>
-          <context context-type="linenumber">275</context>
+          <context context-type="linenumber">276</context>
         </context-group>
         <target>修改环境秘钥</target>
       </trans-unit>
@@ -7317,11 +7317,11 @@
         <source>Update org name</source>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/shared/policy.ts</context>
-          <context context-type="linenumber">285</context>
+          <context context-type="linenumber">286</context>
         </context-group>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/shared/policy.ts</context>
-          <context context-type="linenumber">286</context>
+          <context context-type="linenumber">287</context>
         </context-group>
         <target>修改机构名称</target>
       </trans-unit>
@@ -7329,11 +7329,11 @@
         <source>IAM</source>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/shared/policy.ts</context>
-          <context context-type="linenumber">296</context>
+          <context context-type="linenumber">297</context>
         </context-group>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/shared/policy.ts</context>
-          <context context-type="linenumber">297</context>
+          <context context-type="linenumber">298</context>
         </context-group>
         <target>权限管理</target>
       </trans-unit>
@@ -7341,11 +7341,11 @@
         <source>List access tokens</source>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/shared/policy.ts</context>
-          <context context-type="linenumber">307</context>
+          <context context-type="linenumber">308</context>
         </context-group>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/shared/policy.ts</context>
-          <context context-type="linenumber">308</context>
+          <context context-type="linenumber">309</context>
         </context-group>
         <target>查看访问策略列表</target>
       </trans-unit>
@@ -7353,11 +7353,11 @@
         <source>Manage service access tokens</source>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/shared/policy.ts</context>
-          <context context-type="linenumber">316</context>
+          <context context-type="linenumber">317</context>
         </context-group>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/shared/policy.ts</context>
-          <context context-type="linenumber">317</context>
+          <context context-type="linenumber">318</context>
         </context-group>
         <target>管理 Service 访问策略</target>
       </trans-unit>
@@ -7365,11 +7365,11 @@
         <source>Manage personal access tokens</source>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/shared/policy.ts</context>
-          <context context-type="linenumber">325</context>
+          <context context-type="linenumber">326</context>
         </context-group>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/shared/policy.ts</context>
-          <context context-type="linenumber">326</context>
+          <context context-type="linenumber">327</context>
         </context-group>
         <target>管理 Personal 访问策略</target>
       </trans-unit>

From a4d862ddcca437f4968ac311c8493ab9e5341a34 Mon Sep 17 00:00:00 2001
From: deleteLater <mikcczhang@gmail.com>
Date: Sat, 18 Mar 2023 11:07:24 +0800
Subject: [PATCH 42/44] code format

---
 modules/front-end/src/app/core/core.module.ts | 92 +++++++++----------
 1 file changed, 46 insertions(+), 46 deletions(-)

diff --git a/modules/front-end/src/app/core/core.module.ts b/modules/front-end/src/app/core/core.module.ts
index 950d75890..2588e5058 100644
--- a/modules/front-end/src/app/core/core.module.ts
+++ b/modules/front-end/src/app/core/core.module.ts
@@ -124,52 +124,52 @@ import { NzCollapseModule } from "ng-zorro-antd/collapse";
     ChangeReviewComponent,
     AccessTokenDrawerComponent
   ],
-    imports: [
-        CommonModule,
-        FormsModule,
-        OverlayModule,
-        ReactiveFormsModule,
-        RouterModule,
-        NzFormModule,
-        NzIconModule,
-        NzMenuModule,
-        NzModalModule,
-        NzInputModule,
-        NzOutletModule,
-        NzButtonModule,
-        NzDrawerModule,
-        NzMessageModule,
-        NzOverlayModule,
-        NzDropDownModule,
-        NzTableModule,
-        NzSelectModule,
-        NzDividerModule,
-        NzSpaceModule,
-        NzSpinModule,
-        NzRadioModule,
-        NzUploadModule,
-        NzTagModule,
-        NzToolTipModule,
-        NzListModule,
-        NzCheckboxModule,
-        NzTabsModule,
-        NzPopconfirmModule,
-        NzStepsModule,
-        NzAlertModule,
-        NzResultModule,
-        NzLayoutModule,
-        NzImageModule,
-        NzPopoverModule,
-        NzCodeEditorModule,
-        NzCardModule,
-        NzTypographyModule,
-        NzDatePickerModule,
-        NzEmptyModule,
-        NzTimelineModule,
-        NzBreadCrumbModule,
-        NzInputNumberModule,
-        NzCollapseModule
-    ],
+  imports: [
+    CommonModule,
+    FormsModule,
+    OverlayModule,
+    ReactiveFormsModule,
+    RouterModule,
+    NzFormModule,
+    NzIconModule,
+    NzMenuModule,
+    NzModalModule,
+    NzInputModule,
+    NzOutletModule,
+    NzButtonModule,
+    NzDrawerModule,
+    NzMessageModule,
+    NzOverlayModule,
+    NzDropDownModule,
+    NzTableModule,
+    NzSelectModule,
+    NzDividerModule,
+    NzSpaceModule,
+    NzSpinModule,
+    NzRadioModule,
+    NzUploadModule,
+    NzTagModule,
+    NzToolTipModule,
+    NzListModule,
+    NzCheckboxModule,
+    NzTabsModule,
+    NzPopconfirmModule,
+    NzStepsModule,
+    NzAlertModule,
+    NzResultModule,
+    NzLayoutModule,
+    NzImageModule,
+    NzPopoverModule,
+    NzCodeEditorModule,
+    NzCardModule,
+    NzTypographyModule,
+    NzDatePickerModule,
+    NzEmptyModule,
+    NzTimelineModule,
+    NzBreadCrumbModule,
+    NzInputNumberModule,
+    NzCollapseModule
+  ],
   exports: [
     CommonModule,
     ReactiveFormsModule,

From b15f343476d97054b9b3306370304b25cf7f1732 Mon Sep 17 00:00:00 2001
From: deleteLater <mikcczhang@gmail.com>
Date: Sat, 18 Mar 2023 13:34:42 +0800
Subject: [PATCH 43/44] fix

---
 .../project/project.component.html            |  1 -
 modules/front-end/src/locale/messages.xlf     | 26 ++++++++-----------
 modules/front-end/src/locale/messages.zh.xlf  | 26 ++++++++-----------
 3 files changed, 22 insertions(+), 31 deletions(-)

diff --git a/modules/front-end/src/app/features/safe/organizations/project/project.component.html b/modules/front-end/src/app/features/safe/organizations/project/project.component.html
index defa22bc2..bdb92a137 100644
--- a/modules/front-end/src/app/features/safe/organizations/project/project.component.html
+++ b/modules/front-end/src/app/features/safe/organizations/project/project.component.html
@@ -96,7 +96,6 @@
           <nz-tag nzColor="green" *ngIf="isCurrentProject(project)" i18n="@@common.current">Current</nz-tag>
         </ng-template>
         <ng-template #extraTemplate>
-          <nz-tag nzColor="green" *ngIf="isCurrentProject(project)" i18n="@@common.current">Current</nz-tag>
           <button class="action-btn" nz-button nzType="default" nzSize="small" permission-check [rn]="permissionsService.getResourceRN('project', project)" [action]="permissionActions.UpdateProjectSettings" (actionIfAllow)="onEditProjectClick(project)">
             <i nz-icon nzType="icons:icon-edit"></i>
             <ng-container i18n="@@org.project.edit">Edit</ng-container>
diff --git a/modules/front-end/src/locale/messages.xlf b/modules/front-end/src/locale/messages.xlf
index b3d58ed9d..c506d341c 100644
--- a/modules/front-end/src/locale/messages.xlf
+++ b/modules/front-end/src/locale/messages.xlf
@@ -170,7 +170,7 @@
         </context-group>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/features/safe/organizations/project/project.component.html</context>
-          <context context-type="linenumber">132</context>
+          <context context-type="linenumber">131</context>
         </context-group>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/features/safe/segments/details/setting/setting.component.html</context>
@@ -1228,7 +1228,7 @@
         </context-group>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/features/safe/organizations/project/project.component.html</context>
-          <context context-type="linenumber">117</context>
+          <context context-type="linenumber">116</context>
         </context-group>
       </trans-unit>
       <trans-unit id="org.project.envUpdateSuccess" datatype="html">
@@ -2106,10 +2106,6 @@
           <context context-type="sourcefile">src/app/features/safe/organizations/project/project.component.html</context>
           <context context-type="linenumber">96</context>
         </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/organizations/project/project.component.html</context>
-          <context context-type="linenumber">99</context>
-        </context-group>
       </trans-unit>
       <trans-unit id="common.projects" datatype="html">
         <source>Projects</source>
@@ -2859,7 +2855,7 @@
         </context-group>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/features/safe/organizations/project/project.component.html</context>
-          <context context-type="linenumber">107</context>
+          <context context-type="linenumber">106</context>
         </context-group>
       </trans-unit>
       <trans-unit id="common.remove" datatype="html">
@@ -2946,7 +2942,7 @@
         </context-group>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/features/safe/organizations/project/project.component.html</context>
-          <context context-type="linenumber">111</context>
+          <context context-type="linenumber">110</context>
         </context-group>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/features/safe/segments/index/index.component.html</context>
@@ -4879,7 +4875,7 @@
         </context-group>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/features/safe/organizations/project/project.component.html</context>
-          <context context-type="linenumber">133</context>
+          <context context-type="linenumber">132</context>
         </context-group>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/features/safe/segments/index/index.component.html</context>
@@ -5954,42 +5950,42 @@
         </context-group>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/features/safe/organizations/project/project.component.html</context>
-          <context context-type="linenumber">102</context>
+          <context context-type="linenumber">101</context>
         </context-group>
       </trans-unit>
       <trans-unit id="org.project.secret-name" datatype="html">
         <source>The name of the secret</source>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/features/safe/organizations/project/project.component.html</context>
-          <context context-type="linenumber">137</context>
+          <context context-type="linenumber">136</context>
         </context-group>
       </trans-unit>
       <trans-unit id="org.project.type-description" datatype="html">
         <source>The secret would be used by a client side or server side SDK</source>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/features/safe/organizations/project/project.component.html</context>
-          <context context-type="linenumber">147</context>
+          <context context-type="linenumber">146</context>
         </context-group>
       </trans-unit>
       <trans-unit id="org.project.secret-type" datatype="html">
         <source>Type</source>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/features/safe/organizations/project/project.component.html</context>
-          <context context-type="linenumber">147</context>
+          <context context-type="linenumber">146</context>
         </context-group>
       </trans-unit>
       <trans-unit id="org.project.secret-type-client-side-sdk" datatype="html">
         <source>Client Side SDK</source>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/features/safe/organizations/project/project.component.html</context>
-          <context context-type="linenumber">150</context>
+          <context context-type="linenumber">149</context>
         </context-group>
       </trans-unit>
       <trans-unit id="org.project.secret-type-server-side-sdk" datatype="html">
         <source>Server Side SDK</source>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/features/safe/organizations/project/project.component.html</context>
-          <context context-type="linenumber">151</context>
+          <context context-type="linenumber">150</context>
         </context-group>
       </trans-unit>
       <trans-unit id="org.project.env-remove-success" datatype="html">
diff --git a/modules/front-end/src/locale/messages.zh.xlf b/modules/front-end/src/locale/messages.zh.xlf
index 8d054c252..3313beaac 100644
--- a/modules/front-end/src/locale/messages.zh.xlf
+++ b/modules/front-end/src/locale/messages.zh.xlf
@@ -169,7 +169,7 @@
         </context-group>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/features/safe/organizations/project/project.component.html</context>
-          <context context-type="linenumber">132</context>
+          <context context-type="linenumber">131</context>
         </context-group>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/features/safe/segments/details/setting/setting.component.html</context>
@@ -1289,7 +1289,7 @@
         </context-group>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/features/safe/organizations/project/project.component.html</context>
-          <context context-type="linenumber">117</context>
+          <context context-type="linenumber">116</context>
         </context-group>
         <target>添加环境</target>
       </trans-unit>
@@ -2243,10 +2243,6 @@
           <context context-type="sourcefile">src/app/features/safe/organizations/project/project.component.html</context>
           <context context-type="linenumber">96</context>
         </context-group>
-        <context-group purpose="location">
-          <context context-type="sourcefile">src/app/features/safe/organizations/project/project.component.html</context>
-          <context context-type="linenumber">99</context>
-        </context-group>
         <target>当前选项</target>
       </trans-unit>
       <trans-unit id="common.projects" datatype="html">
@@ -3061,7 +3057,7 @@
         </context-group>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/features/safe/organizations/project/project.component.html</context>
-          <context context-type="linenumber">107</context>
+          <context context-type="linenumber">106</context>
         </context-group>
         <target>删除后不可恢复，确定要删除么？</target>
       </trans-unit>
@@ -3149,7 +3145,7 @@
         </context-group>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/features/safe/organizations/project/project.component.html</context>
-          <context context-type="linenumber">111</context>
+          <context context-type="linenumber">110</context>
         </context-group>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/features/safe/segments/index/index.component.html</context>
@@ -5309,7 +5305,7 @@
         </context-group>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/features/safe/organizations/project/project.component.html</context>
-          <context context-type="linenumber">133</context>
+          <context context-type="linenumber">132</context>
         </context-group>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/features/safe/segments/index/index.component.html</context>
@@ -6525,7 +6521,7 @@
         </context-group>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/features/safe/organizations/project/project.component.html</context>
-          <context context-type="linenumber">102</context>
+          <context context-type="linenumber">101</context>
         </context-group>
         <target>编辑</target>
       </trans-unit>
@@ -6533,7 +6529,7 @@
         <source>The name of the secret</source>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/features/safe/organizations/project/project.component.html</context>
-          <context context-type="linenumber">137</context>
+          <context context-type="linenumber">136</context>
         </context-group>
         <target>秘钥名称</target>
       </trans-unit>
@@ -6541,7 +6537,7 @@
         <source>The secret would be used by a client side or server side SDK</source>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/features/safe/organizations/project/project.component.html</context>
-          <context context-type="linenumber">147</context>
+          <context context-type="linenumber">146</context>
         </context-group>
         <target>该秘钥将被用于客户端还是服务端 SDK</target>
       </trans-unit>
@@ -6549,7 +6545,7 @@
         <source>Type</source>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/features/safe/organizations/project/project.component.html</context>
-          <context context-type="linenumber">147</context>
+          <context context-type="linenumber">146</context>
         </context-group>
         <target>类型</target>
       </trans-unit>
@@ -6557,7 +6553,7 @@
         <source>Client Side SDK</source>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/features/safe/organizations/project/project.component.html</context>
-          <context context-type="linenumber">150</context>
+          <context context-type="linenumber">149</context>
         </context-group>
         <target>客户端 SDK</target>
       </trans-unit>
@@ -6565,7 +6561,7 @@
         <source>Server Side SDK</source>
         <context-group purpose="location">
           <context context-type="sourcefile">src/app/features/safe/organizations/project/project.component.html</context>
-          <context context-type="linenumber">151</context>
+          <context context-type="linenumber">150</context>
         </context-group>
         <target>服务端 SDK</target>
       </trans-unit>

From 67adddbd4e32648ec974753943aa8eab285ab064 Mon Sep 17 00:00:00 2001
From: deleteLater <mikcczhang@gmail.com>
Date: Sat, 18 Mar 2023 14:07:12 +0800
Subject: [PATCH 44/44] format fix

---
 .../access-token-drawer.component.less        | 84 +++++--------------
 1 file changed, 19 insertions(+), 65 deletions(-)

diff --git a/modules/front-end/src/app/core/components/access-token-drawer/access-token-drawer.component.less b/modules/front-end/src/app/core/components/access-token-drawer/access-token-drawer.component.less
index e1a472ed6..396dbb593 100644
--- a/modules/front-end/src/app/core/components/access-token-drawer/access-token-drawer.component.less
+++ b/modules/front-end/src/app/core/components/access-token-drawer/access-token-drawer.component.less
@@ -5,7 +5,7 @@
 }
 
 i {
- cursor: pointer;
+  cursor: pointer;
 }
 
 #confirm-modal-ok {
@@ -28,77 +28,31 @@ i {
 }
 
 .resource-type {
-    .permissions {
+  .permissions {
+    display: flex;
+    flex-direction: column;
+    gap: 8px;
+
+    .permission {
       display: flex;
       flex-direction: column;
-      gap: 8px;
 
-      .permission {
+      .permission-header {
         display: flex;
-        flex-direction: column;
-
-        .permission-header {
-          display: flex;
-          justify-content: flex-start;
-          gap: 8px;
-          align-items: center;
-        }
+        justify-content: flex-start;
+        gap: 8px;
+        align-items: center;
+      }
 
-        .permission-resources {
-          border-top: 1px solid @grey40-color;
-          display: flex;
-          flex-direction: column;
+      .permission-resources {
+        border-top: 1px solid @grey40-color;
+        display: flex;
+        flex-direction: column;
 
-          .permission-resource {
-            padding: 0 8px;
-          }
+        .permission-resource {
+          padding: 0 8px;
         }
       }
     }
+  }
 }
-
-//.selected-policies {
-//  border: 1px solid @grey20-color;
-//  background-color: #ffffff;
-//  padding: 5px 0 1px 6px;
-//  box-sizing: border-box;
-//  border-radius: 8px;
-//  margin-bottom: 12px;
-//  margin-top: 12px;
-//
-//  .policy {
-//    display: flex;
-//    margin-bottom: 4px;
-//    margin-right: 10px;
-//
-//    .inner-box {
-//      width: 182px;
-//      border-top-left-radius: 4px;
-//      border-bottom-left-radius: 4px;
-//      padding: 4px 7px 6px 7px;
-//      background: @grey20-color;
-//      height: 23px;
-//      line-height: 15px;
-//      overflow: hidden;
-//      text-overflow: ellipsis;
-//      cursor: pointer;
-//      white-space: nowrap;
-//    }
-//
-//    button {
-//      display: flex;
-//      background: @grey20-color;
-//      border-top-right-radius: 4px;
-//      border-bottom-right-radius: 4px;
-//      height: 23px;
-//      width: 15px;
-//      border: 0;
-//
-//      i {
-//        width:10px;
-//        height: 10px;
-//        font-size: 10px;
-//      }
-//    }
-//  }
-//}