docs/docs/en/ai-employees/permission.md
AI employee permission management consists of two levels:
This document details the configuration methods and working principles of these two types of permissions.
Go to the User & Permissions page, click the Roles & Permissions tab to enter the role configuration page.
Select a role, click the Permissions tab, and then click the AI employees tab. This will display the list of AI employees managed in the AI employees plugin.
Click the checkbox in the Available column of the AI employee list to control whether the current role can access that AI employee.
When AI employees process data, the permission control method depends on the type of tool used:
The following tools strictly follow the current user's data permissions for data access:
| Tool Name | Description |
|---|---|
| Data source query | Query database using data source, collection, and fields |
| Data source records counting | Count total records using data source, collection, and fields |
How It Works:
When AI employees call these tools, the system will:
Example Scenario:
Suppose salesperson A can only view customer data they are responsible for. When they use AI employee Viz to analyze customers:
Data source query to query the customer tableThis ensures that AI employees cannot bypass the user's own data access boundaries.
Business query tools customized through workflows have permission control independent of user permissions, determined by the workflow's business logic.
These tools are typically used for:
In the CRM Demo, Overall Analytics is a template-based business analysis engine:
| Feature | Description |
|---|---|
| Implementation | Workflow reads pre-configured SQL templates and executes read-only queries |
| Permission Control | Not limited by current user permissions, outputs fixed business data defined by templates |
| Use Cases | Provides standardized holistic analysis for specific business objects (e.g., leads, opportunities, customers) |
| Security | All query templates are pre-configured and reviewed by administrators, avoiding dynamic SQL generation |
Workflow:
flowchart TD
A[AI Employee Receives Task] --> B[Calls Overall Analytics Tool]
B --> C[Passes collection_name Parameter]
C --> D[Workflow Matches Corresponding Analysis Template]
D --> E[Executes Pre-configured SQL Query]
E --> F[Returns Business Analysis Data]
F --> G[AI Employee Generates Charts and Insights]
Key Characteristics:
In the CRM Demo, SQL Execution is a more flexible but strictly controlled tool:
| Feature | Description |
|---|---|
| Implementation | Allows AI to generate and execute SQL statements |
| Permission Control | Controlled by workflow, typically limited to administrators only |
| Use Cases | Advanced data analysis, exploratory queries, cross-table aggregate analysis |
| Security | Requires workflow to restrict read-only operations (SELECT) and control availability through task configuration |
Security Recommendations:
Example Configuration:
Task Prompt Constraints:
- Only query CRM-related tables (leads, opportunities, accounts, contacts)
- Only execute SELECT queries
- Time range limited to the last 1 year
- Return results limited to 1000 records
| Business Scenario | Recommended Tool Type | Permission Strategy | Reason |
|---|---|---|---|
| Salesperson viewing own customers | System built-in query tools | Follow user permissions | Ensure data isolation and protect business security |
| Department manager viewing team data | System built-in query tools | Follow user permissions | Automatically apply department data scope |
| Executive viewing global business analysis | Workflow custom tools (Overall Analytics) | Independent business logic | Provide standardized holistic perspective |
| Data analyst exploratory queries | SQL Execution | Strictly limit available objects | Requires flexibility but must control access scope |
| Regular users viewing standard reports | Overall Analytics | Independent business logic | Fixed analysis standards, no need to worry about underlying permissions |
For sensitive business scenarios, it is recommended to adopt multi-layer permission control:
Example:
Scenario: Only finance department can use AI for financial analysis
- AI Employee Permissions: Only finance role can access "Finance Analyst" AI employee
- Task Configuration: Finance analysis tasks only display in finance modules
- Tool Design: Finance workflow tools verify user department
- Data Permissions: Finance table access permissions only granted to finance role
A: Depends on the tool type used:
A: Adopt multi-layer protection:
A: Use workflow custom business tools:
A:
| Comparison Dimension | Overall Analytics | SQL Execution |
|---|---|---|
| Flexibility | Low (can only use pre-configured templates) | High (can dynamically generate queries) |
| Security | High (all queries pre-reviewed) | Medium (requires constraints and validation) |
| Target Users | Regular business users | Administrators or senior analysts |
| Maintenance Cost | Need to maintain analysis templates | No maintenance, but requires monitoring |
| Data Consistency | Strong (standardized metrics) | Weak (query results may be inconsistent) |