Introduction to Logic
There are three permission carriers in FineBI: Dept., Role, and User.
There are various permission entities in FineBI: Personnel Management, Directory, Manage, Data connection, and Task Schedule.
On the interface of Permission, whether the user has permission or not, the yellow icon 
or the gray icon 
means the user has been given user permission individually.
For the same permission entity, the user permission priority is higher than that of other permission carriers.
If there is a yellow icon
or a gray icon , it means that the user has been given user permission individually, and the user permission should take effect.If there is no yellow or gray icon, there is no user permission, and the union of Dept. and Role permissions should take effect.
The user's department belongs to a tree structure. When permissions are different between different levels of departments, the permission will take effect according to the smallest department.
Examples
The Smallest Department
Question:
Alice works in the recruitment team of the company's human resources department.
Human resources department has the View permission for the directory Employee Salary Slip.
Recruitment team does not have the View permission for the directory Employee Salary Slip.
Can Alice view the directory Employee Salary Slip?
Answer:
Alice's smallest department is recruitment team, so for the same permission entity (such as Employee Salary Slip), her permission takes effect according to recruitment team, and therefore, she cannot view the directory Employee Salary Slip.
Note:The recruitment team here is a subordinate department of human resources. If Alice belongs to two parallel departments at the same time, the principle of union of permission will be followed.
User Permission Priority
Question 1:
Jack's role is core classmate.
The role core classmate has the View permission for the directory Research and Development Data (R&D Data).
Jack does not have the View permission for the directory R&D Data.
Can Jack view R&D Data?
Answer 1:
For the same permission entity (such as the directory R&D Data) that has been given user permission individually, it should conform to the user permission and ignore the role or department permissions. Therefore, Jack cannot view the directory R&D Data.
Question 2:
Jack’s role is core classmate.
The role core classmate has the View permission for the directory R&D Data.
Jack also has the View permission for the directory R&D Data.
Which permission allows Jack to view the directory?
Answer 2:
For the same permission entity (such as the directory R&D Data) that has been given user permission individually, it should conform to the user permission and ignore the role or department permissions. Therefore, Jack can view the directory through user permission.
Permission Union
Question:
Billy’s department is operation team, and his role is core classmate.
Operation team has the View and Edit permissions for the directory Annual Meeting Data.
The role core classmate only has the View permission for the directory Annual Meeting Data.
What permission does Billy have for the directory?
Answer:
For the same permission entity (such as the directory Annual Meeting Data), when there is no user permission, the union of department and role permissions takes effect. Therefore, Billy has the View and Edit permissions for the directory.
Notes
Under the Tab General permission configuration > User final authority, if there is a yellow icon next to the permission entity, it means that the permission is individually set for the user.
Even if all permissions are turned off, as long as there is a yellow icon , it means that the user permission is individually set for the user.
To cancel the user permission, click Restore Inherited Permissions.
