AngusGM Core Concepts
Mastering these fundamental concepts will help you better understand and utilize the AngusGM system.
Organizational Structure Concepts
Tenant
Independent Data Space
Represents an independent business entity (individual/enterprise/organization) using the system.
Each tenant has completely isolated data and resource spaces.
Example: Different subsidiaries of a group company can operate as separate tenants.
Note
Cloud Service Edition and Data Center Edition support multi-tenancy.
User
System Operator
Actual personnel using the system.
Log in via accounts to perform specific operational tasks.
Each user belongs to a specific tenant.
Department
Functional Division Unit
Organizational structure unit divided by business functions.
Examples: Testing Department, R&D Department, Human Resources Department.
Used for organizational management and permission allocation.
Group
Flexible User Collection
Logical grouping of personnel across departments.
Can be created for projects (e.g., Project A Group) or roles (e.g., Admin Group).
Simplifies batch permission management.
Tag
Resource Classification Marker
Adds keyword tags to users/departments/resources.
Supports attribute filtering and multi-dimensional classification.
Examples: "Testing," "Architect," "QA."
Permissions and Roles
| Role Type | Responsibilities | Scope of Permissions |
|---|---|---|
| System Administrator | Global System Manager | • Full system functional permissions • Tenant resource allocation • User role authorization Automatically created during registration or installation |
| Application Administrator | Specific Application Owner | • Exclusive application management permissions • Authorization for application admin users Assigned by system admin • User authorization within the application Assigned by application admin |
| General User | Daily Task Executor | • Basic application operation permissions • Personal workspace management |
System Management Concepts
Permission Policy
Access Control Rules
Defines the operational permissions of users/groups on system resources.
Can be granularly controlled down to menu/button/API levels.
Takes effect after being assigned to users, departments, or groups.
Resource Quota
Resource Usage Limits
Sets upper limits for computing/storage resources for tenants.
Prevents excessive resource consumption.
Supports dynamic adjustments to meet changing demands.
System Token
API Access Credential
Secure key for inter-system integration.
Replaces users for API calls.
Suitable for automation scripts, CI/CD systems, etc.
All operations are recorded for auditing.
System Integration
LDAP
Unified User Directory
Lightweight Directory Access Protocol.
Integrates with existing enterprise user management systems.
Enables:
• User information synchronization
• Unified authentication login
• Avoids duplicate account management