3.1 Permissions of Orgwise
What's the permissions of Orgwise ?
In Orgwise, roles are associated with specific permissions, and users are bound to roles.
When users enter Jira, they can only view the pages and buttons granted by the permissions of their bound roles.
There will be two built-in roles: ADMIN and EMPLOYEE
ADMIN can see all pages and buttons in Orgwise, have all organizational data permissions.
EMPLOYEE can only see the Organization Structure and Report pages by default. The default data permission is to view personal data.
To ensure the healthy running of this plugin, Jira administrators shall always be the ADMIN roles of Orgwise.
Roles and permissions
Role list
Enter OrgWise > Role Permission. In the list, there is a symbol next to the name of ADMIN and EMPLOYEE roles, which means that they are created by the plugin by default and cannot be deleted or edited.
Add/Edit a role
Click Create Role, fill in the "Role Name"(required) and "Description", click Confirm. After a role is created, there is no permissions authorized to it by default. Don't fotget to authorize the role.
The edit window of roles is consistent with that for creating roles.
Delete a role
Click the Delete button. (Only roles added by users can be deleted, ADMIN and EMPLOYEE roles are not allowed to be deleted).
Function Permissions
Click Functional authority of a role to pop-up authorization window. The window displays the list of the pages and buttons in Orgwise, which is presented in a two-layer tree structure, with the parent nodes representing the page access permissions and the children nodes representing the function permissions under the page.
The menu corresponding to the role permissions in the above figure is as follows, in which the functions of Team and Help menu are public and unrestricted.
If a user can access a page but without permissions of some buttons on it, such buttons will not be displayed. For example do not allow users to delete a department.
Data Permissions
Click Data authority of a role to pop up the authorization window.
The data authority window displays the data scope of the departments and members that the role can view and search.
When a member does not have the data permission of a department, the corresponding department cannot be seen anywhere in the organization tree, Except for administrators.
(Note: The data permission is not restricted in the query result of the report. If necessary, it is recommended to restrict “report” in the function permission first. This problem will be resolved in version 4.8.0.)