management -> authorization

function/action: add, delete, modify, query

page button

data: time range, location, scope

RBAC role -> user
role priority role conflicts role inheritance
role -> user group

data position -> user data owner: all, dept, dept & sub-dept, personal, personal & subordinate

comments powered by Disqus