This section describes the execution permission and access control framework. Whether a user can access an execution is determined by the execution’s permissions and access control settings.

I. Manage Execution Permissions

All global permission groups are managed under Admin > Company > Permissions.

Execution permissions are managed via Permission Assignment and Scope (Visibility) Settings.

1. Permission Assignment

Go to Admin > Company > Permissions, and click Permission Assignment on the right side of the permission group list to open the permission assignment page.

图1

On the Execution permission assignment page:

• Checked = permission granted
• Unchecked = permission not granted

图2

2. Scope (Visibility) Settings

Scope settings supplement permission assignment and can quickly narrow the effective access range. In practice, scope settings work like an access switch:

• Enabled (checked): Users must also be granted the relevant execution permissions in permission assignment to actually access executions.
• Disabled (unchecked): Even if users have relevant execution permissions assigned, they still cannot access executions.

In Admin > Company > Permissions, click Scope Settings for the target group to open the scope settings page.

图3

Execution scope settings page:

图4

Execution activity visibility settings:

图5

II. Execution Access Control

Execution access control supports Private, Inherit project access, and Whitelist:

• Private: Only execution team members and the owner/stakeholders of the project the execution belongs to can access.
• Inherit project access: Anyone who can access the parent project can also access the execution.
• Whitelist: Whitelisted users can access the execution.

When creating an execution, access control defaults to Private, and a whitelist can be configured when using Private.

图6

When access control is set to Inherit project access:

图7

You can add whitelist users when creating or editing an execution, or manage them directly under Execution > Whitelist.

图8