权限边界
按角色、字段和动作说明可见性。
角色边界
| 角色 | 可看 | 不可看 | 边界 |
|---|---|---|---|
| ROLE_MANAGER | 团队员工摘要、测评状态、脱敏画像 | answer_payload、完整干部结论、薪酬、人事动作 | profile/risk_tags masked; actions gated |
| ROLE_BOSS | 全局汇总、组织风险、高潜/风险分布 | 未脱敏个人敏感字段、完整 answer_payload | dashboard summary only |
| ROLE_HRBP | 员工 portfolio、运营状态、风险跟进、audit/rollback 入口 | permission rule apply、business-effective conclusion | gated HR view |
| ROLE_DEPARTMENT_HEAD | 本部门员工/岗位/测评状态/组织 request 入口 | 跨部门敏感数据 | department scope preview |
| ROLE_EMPLOYEE | 自己的基础画像与任务状态 | 干部 validation、他人数据、敏感推荐动作 | self_scope |
| ROLE_REVIEWER | 授权 review 范围脱敏信息 | 完整 conclusion 与 answer_payload | review_scope_limited |
字段边界
| 字段 | 策略 | 适用范围 |
|---|---|---|
| answer_payload | hidden | all manager/boss/reviewer |
| assessment_results | summary | manager/boss; HRBP gated |
| algorithm output | masked | manager/boss |
| employee profile | summary_visible | manager/department head |
| cadre validation | HR gated only | manager/boss hidden or aggregate |
| recommended_actions_preview | masked/hidden | no people action |
| risk_flags | masked/aggregate | audit_required |
| talent_tags | summary | no formal conclusion |
| salary / compensation | hidden | denied |
| business-effective conclusion | hidden | not generated |
权限规则基线
| 表 | count |
|---|---|
| action_permission_rules | 141 |
| data_scope_rules | 6 |
| field_permission_rules | 195 |
| page_permission_rules | 120 |