1. External Data Permission Description
System permissions include functional permissions and data permissions. Data permissions are whether you can view a certain document, such as an order. The order submitted by Zhang San cannot be viewed by Li Si in theory (unless Li Si is added to the relevant team or set through sharing rules) .
Data permissions are divided into internal data permissions and external data permissions, and external data permissions are applicable to interconnected applications such as Lianhutong and Daidaitong. Customer A's purchaser "Wang Wu" placed orders online by himself, and he can see them by default. This is because the system automatically grants external data permissions. However, the order placed by the salesman "Zhang San" on behalf of customer A, "Wang Wu" cannot be seen by default in OrderPass. This is because the internal data has no external data permissions by default, that is, it is not authorized to be viewed by external personnel.
External data permissions include external responsible persons, external related teams, and external sharing rules, which are described in detail below.
1.1 External Owner
When the document is created by a downstream distributor, the [External Owner] field in the document is automatically assigned a value, so that the distributor's purchasing personnel can see this data. On the contrary, for the order placed on behalf of the account, [External Owner] is empty by default.
Note: When the dealer has multiple purchasers, B can also view the order submitted by A.
1.2 External Related Teams
In addition to the field of the external owner, there is also the concept of external related teams, which is also used to subdivide the authority of the internal personnel of the dealer, and can also be used to view the data of the upper and lower accounts. For example, a dealer checks the order data of its subordinate stores.
Common usage scenarios include:
- For salesmen who place orders on behalf of accounts, if downstream dealers want to check, they need to add external related teams, which can be added by individual or enterprise.
- View data through multi-level channels. For example, if a dealer owner needs to view the orders of his subordinate stores, he needs to add his dealer in the external data permission of the store order. The dealer boss can be added by individual or by enterprise (all dealers can view store data)
1.3 External Sharing Rules
When a single piece of data authorization is not applicable to the company scenario, external sharing rules can be set by pressing. The current rules are set according to associated documents. For example, for an order submitted by a dealer, you should be able to see the payment, invoice, etc. associated with the order, and you can set external sharing rules.
Operation path: [Order Management] - [Mall Settings] - [Business Object]
Click the data permission of the external related team of the sales order, and check the permission of the associated documents such as payment collection and invoice as "read-only".
Similar operations include account objects. For example, if you can see the account, you can see the account's address, contacts, and account balance, etc., which can also be set through this rule.
2. Basic Applicable Scenes
2.1 External data permissions are added by default when placing orders on behalf of accounts
According to the above introduction, orders placed on behalf of customers cannot be seen by downstream distributors by default. If you want dealers to see it, and you don’t want to set up an external team for each order, you can configure the parameters.
Operation path: [Administration Background] - [Object Management] - [Sales Order] - [Detail Page Layout]
In the layout of the order details page (if the new/edit page layout is enabled, then in the new/edit page layout), set the associated external data permission in the [Customer Name] field to "External Responsible Person", so that after the upstream creates the order, The external person in charge is automatically assigned, and the downstream can view it.
2.2 If you need to view historical data such as account-related orders and payment
(Note: Only the permissions of other master objects related to customers can be configured here, and the configuration of slave objects is not supported for now), the external data permissions of the customer object need to be configured:
Path: Order Management>Business Object>Accounts>External Related Team Permission
Note: External ordinary people need to add corresponding permissions if they want to view:
2.3 If there is special sensitive information for account objects, downstream viewing is not allowed
You can set the field permissions of the account object
Path: Interconnected role > permission setting > find the corresponding role such as: orderer > find the corresponding object, click to set the field permission, and set it to invisible
2.4 For newly-built interconnection enterprise
Before the standard solution goes online, the customer needs to be manually configuredExternal responsible person and external related team:
It is recommended that customer-related data permissions configure on an enterprise basis, so that there is no need to configure separately for adding Internet users in the future;
