Permission Assignment with Users

1. Version

2. Application scenarios

The first two sections introduced "assigning permissions based on department positions/roles", but in the following situations, it would be inconvenient to assign permissions based on department positions/roles.

• Some users need to view a template temporarily.

• The leader has multiple roles, and the leader has permission to view some templates, but the leader's department and role do not have permission.

• Sometimes it is necessary to assign report permissions to specific individuals, and a new role must be created first.

At this time, some special personnel (users) can be individually assigned permissions, and there is no restriction on department titles/roles.

3. Function introduction

Users are users of the platform.

The administrator logs in to the data decision system and clicks "Manage > Permission > General permission configuration > User Final authority" to assign relevant privileges to users. As shown below:

The administrator logs in to the data decision system, and clicks "Manage > Permission> User Final authority" to display a list of all users who can set privileges. As shown below:

All users are displayed by default, or you can click "User Filter" to display only some users, as shown in the following figure:

Note: Departments and directories are displayed in a tree structure, click to expand specific positions under the department and specific templates under the directory.

When no individual settings are made, user permissions will inherit the union of permissions assigned by departments, roles, and job titles, and child templates will inherit individual user settings from the parent directory.

For example, the user eoco belongs to the department "Finance Dept.".

The Finance Department has access to the directory "Manage Cockpit". As shown below:

Click "User Final Authority", you can see that the user eoco has the viewing authority of the directory "Manage Cockpit", and you can see that the source of authority is ">Finance Department". As shown below:

The administrator can set the permissions for each user individually.

The administrator clicks "Manage > Permission > User final aurhority", selects a user, and configures relevant user privileges for it.

During configuration, the user rights configuration reminder window will pop up. After configuration, the setting item will appear with a yellow "user-only restriction icon", and the lower-level setting items of this setting item will have a gray "user-only restriction icon". As shown below:

Note 1: No matter if the permission is canceled or granted, as long as the permission is changed, there will be a user-only restriction icon and a reminder window will pop up.

Note 2: Regardless of whether the user authority is the same as the authority assigned by the department/role, as long as the "User Individual Restriction Icon" does not disappear, the setting of this authority will use the user's individual authority, and will not inherit the authority assigned by the department and role.

Note 3: Manage > Template Authentication > Role Authentication, there are also functions for users to individually set permissions and restore inherited permissions.

1. Restore current Tab permissions

Note: This function only supports the use of the super tube, and the secondary tube is not available.

The administrator can click "Restore Inheritance Permissions" to clear all individual user permissions of the "Current Tab" of the "Currently Selected User", and restore the permissions assigned by the inherited department/role. As shown below:

2. Restoring a single permission

The administrator can select a user and click the yellow "User Individual Restriction Icon" to clear the individual user permission configured by the permission and restore the permission assigned by the inherited department/role. As shown below:

Note: If the permissions of the parent node and the child node are configured for the user at the same time:

1) Just click the little yellow man on the right side of the child node to restore the inheritance permission, and the inheritance of the parent node will be restored, and the little yellow man will become a little gray man.

2) If you click the little yellow man on the right side of the parent node to restore inheritance permissions, the permissions of the parent and child nodes will be restored at the same time.

Since a user may have multiple department titles or roles, and there is a parent-child hierarchy between departments, the permission setting process needs to follow the relevant permission logic.

For details, please refer to: Validation Logic of Same-level Permissions, Validation Logic of Hierarchical Permissions .

Scenario one:

If you set individual permissions for a user, and then authorize the department/role to which the user belongs, and the authorization results of the two are different, a prompt box will appear as shown in the following figure:

Click the "blue link" in the pop-up window to open the permission management page in the new tab of the browser, switch to the user's final permission, and view/restore the user's permission.

Scenario two:

If the authorization authority of the child node is configured for the user, the authorization authority of the parent node is configured for the sub-department where the user belongs, and the authorization authority of the child node is configured for the parent department of the user.

At this time, the authorization permission of the parent department of the user to the child node is cancelled. A prompt box as shown below will appear: