Bobmazelin Process Management System introduction and conceptual design (III)

I have been working in the Process Management System field for more than a year. Although the project is currently stuck, I still have hope for the process management field. this series of essays is based on the experience accumulated by bobmazelin and his colleagues during this period of work. It is also an introduction to our process management system. If like-minded people share their own ideas at will.
In the previous article, I introduced how to abstract the data structure in an enterprise process by designing the resource view. In this article, I will discuss with you a special resource-permission. Many systems involve permission issues. I am not an expert in permission design. Therefore, I am not talking about permission design correctly. please correct me. Different enterprises, industries, and departments have different designs on internal permissions of the Organization. However, they can still analyze these permissions to find some common "models", such: manage permissions by group. Multiple permission management modes can be integrated in the system for users to choose from.
We have considered two points in this regard:
1. the permissions of the process management system are divided into two parts: the permissions of BPMs and who can deploy the process? Who can test the process?
2. In the designed process, the task executor must be assigned according to permissions (one of the resource modes in workflow mode ).
These two aspects may vary with different organizations, so we use our resource view capabilities to provide users with the power to design their own permission structures.
Is a simple design example of managing employee permissions through a group. The isreverse attribute of the employees relationship is true. Through this design scheme, each employee can only join one group, and each group can have multiple role types.

Of course, the permissions in the actual organization are not so simple and can be expanded on this basis. For example, add groupofemployee to manage the many-to-many relationship between the employee and the group, increase the parent-child relationship between the group (also included), and increase the parent-child relationship between the role.
Similar design processes can adapt to the requirements of different organizations for permission management. In addition, the process management system can set its own permission management to a resource view designed for users, and automatically applied to the use of the process system.
The permission can be extended to the design process of most resources in the process. In the next article, I will introduce the ing problem between resources and data-that is, the deployment of resources.