22F-PERM-C1

FDEP 权限范围迁移候选方案

本页面只生成候选，不修改 active 权限规则。目标是把旧 D* Demo 范围迁移到真实 FDEP 组织范围前，先识别可自动建议与必须人工确认的部分。

返回 HRMS Portal FDEP 范围检查权限引擎工作台

一、候选汇总

旧部门

5

FDEP 部门

15

安全自动映射

0

Scope 规则候选

1

Subject 候选

8

需人工确认

9

二、重要边界

D001-D004 与 FDEP 的业务对应关系不能按顺序自动迁移，必须人工确认。当前页面不会改 data_scope_rules / permission_subjects，只作为迁移候选和决策依据。

三、旧 D* 部门 → FDEP 候选

legacy_department_id	legacy_department_name	候选 FDEP	状态
`D000`	跨境电商业务	FDEP_ROOT / 飞书根部门 / confidence=60 / legacy_root_to_fdep_root_candidate	candidate
`D001`	平台运营部	需要人工确认	manual_required
`D002`	增长营销部	需要人工确认	manual_required
`D003`	供应链采购部	需要人工确认	manual_required
`D004`	品牌内容部	需要人工确认	manual_required

四、Data Scope 规则迁移候选

rule_id	role_id	当前 scope	建议 scope	未解决	状态
`DATA_SCOPE_HRBP`	ROLE_HRBP	D000, D001, D002, D003, D004		D000, D001, D002, D003, D004	manual_required

五、Permission Subject 范围迁移候选

subject_id	role	employee	当前部门	建议部门	当前 HRBP scope	建议 HRBP scope	状态
`SUBJ_E100`	ROLE_BOSS	E100	D000		D000, D001, D002, D003, D004		manual_required
`SUBJ_E010`	ROLE_DEPARTMENT_HEAD	E010	D001				manual_required
`SUBJ_E011`	ROLE_DEPARTMENT_HEAD	E011	D002				manual_required
`SUBJ_E012`	ROLE_DEPARTMENT_HEAD	E012	D003				manual_required
`SUBJ_E001`	ROLE_MANAGER	E001	D001				manual_required
`SUBJ_E002`	ROLE_MANAGER	E002	D002				manual_required
`SUBJ_E003`	ROLE_MANAGER	E003	D003				manual_required
`SUBJ_E004`	ROLE_MANAGER	E004	D004				manual_required

六、必须人工确认项

对象类型	对象ID	原因	legacy ids
data_scope_rule	`DATA_SCOPE_HRBP`	legacy_scope_ids_have_no_safe_fdep_mapping	D000, D001, D002, D003, D004
permission_subject	`SUBJ_E100`	legacy_subject_scope_has_no_safe_fdep_mapping	D000, D000, D001, D002, D003, D004, D000, D001, D002, D003, D004
permission_subject	`SUBJ_E010`	legacy_subject_scope_has_no_safe_fdep_mapping	D001
permission_subject	`SUBJ_E011`	legacy_subject_scope_has_no_safe_fdep_mapping	D002
permission_subject	`SUBJ_E012`	legacy_subject_scope_has_no_safe_fdep_mapping	D003
permission_subject	`SUBJ_E001`	legacy_subject_scope_has_no_safe_fdep_mapping	D001
permission_subject	`SUBJ_E002`	legacy_subject_scope_has_no_safe_fdep_mapping	D002
permission_subject	`SUBJ_E003`	legacy_subject_scope_has_no_safe_fdep_mapping	D003
permission_subject	`SUBJ_E004`	legacy_subject_scope_has_no_safe_fdep_mapping	D004