Permission Reference
Permission detail mengikuti backend contract, tetapi tenant perlu memahami prinsip umumnya.
Permission Group
| Group | Contoh permission | Dipakai di |
|---|---|---|
| Scope | scope.read, scope.update, scope.approve | BCM-01 |
| Stakeholder | stakeholder.read, stakeholder.update, stakeholder.approve | BCM-02 |
| Product/factor/function | product.update, factor.update, function.approve | BCM-03 sampai BCM-05 |
| Compliance | compliance.update, compliance.approve, report.export | BCM-06, reports |
| RACI/strategy | raci.update, strategy.approve | BCM-07 sampai BCM-08 |
| BIA/risk/scenario | bia.update, risk.update, scenario.approve | BCM-09 sampai BCM-11 |
| BCP/crisis | bcp.publish, crisis.dispatch | BCM-12 sampai BCM-13 |
| Assurance | training.update, exercise.update, audit.close | BCM-14 sampai BCM-16 |
| Governance | rtm.update, capa.close, vendor.update | BCM-17 sampai BCM-19 |
| Incident | incident.activate, incident.update, notification.retry | BCM-20 |
| Documents | document.update, document.publish, document.download | BCM-21 |
| Audit/report | audit_trail.read, report.export, audit_binder.generate | BCM-22 |
| Platform tenant | integration.update, knowledge.update, acl.manage, settings.update | BCM-23, Access Control, Settings |
Rule of Thumb
- Read-only role tidak boleh melihat create/edit/archive buttons.
- Download evidence butuh read + download permission.
- Export report butuh export permission.
- Approval butuh role approver dan status workflow yang tepat.
- Deactivate/reactivate user butuh ACL management permission.