1. Overview

1.1 Role Management

Administrators assign Roles to users based on their business responsibilities. This ensures users can access only the features they need while protecting sensitive information from unauthorized access.

• Role creation: Administrators create Roles to match system functions and business needs. For example, create Roles for Sales Rep, Customer Service Representative, Sales Manager, and other distinct responsibilities.
• Role permission configuration: For each Role, administrators configure functional permissions and field-level permissions. Functional permissions define actions a user can perform in the system, such as creating Accounts or editing Orders.
• Role assignment: Administrators assign appropriate Roles to users to ensure they have the correct functional and field access.

1.2 Data Permission Management

Administrators configure multi-level, hierarchical data permissions, including object-level and record-level controls. Common data access controls include data owner, Dept. ownership, Related Teams, and data sharing. The system also supports temporary permissions and multi-dimensional permission controls, allowing administrators to flexibly configure access for fine-grained data security.

1.3 Security Audit

Use Security Audit to monitor users’ permission-related activities and export audit logs for review. This helps ensure system security and compliance and supports further analysis and auditing.

2. Scenario Guide

2.1 Functional Permission Use Cases

2.1.1 Administrator permissions: Administrators have full access to all system functions and configuration items, including user management, Roles, workflow/process management, custom objects, and custom fields. This enables comprehensive system administration and configuration.

2.1.2 Sales Rep permissions: Sales Reps typically need access to Account Management, opportunity management, CPQ (Quotation management) and related features to manage and follow up sales processes. They usually do not require access to system configuration and administration.

2.1.3 Customer Service permissions: Customer Service staff typically need access to customer service management, Work Order management, and customer feedback management to provide support and resolve issues. They generally do not require access to sales or marketing functions.

2.1.4 Dept. Manager permissions: Dept. Managers may need access to team performance Reports, sales forecasts, and team Calendar to monitor performance and provide support.

2.2 Data Permission Use Cases

2.2.1 Owner access: Owners can access and manage only the Accounts and opportunities they are responsible for, ensuring customer data privacy and security.

2.2.2 Dept. access: Dept. leaders can access data owned by their Dept. to manage internal operations and customer relationships.

2.2.3 Temporary access: Assignees of workflow tasks may require temporary access to specific records to complete approvals or task processing.