Changes between Version 18 and Version 19 of BluePrintOrganisationRegistry


Ignore:
Timestamp:
03/08/11 10:37:05 (11 years ago)
Author:
Michael Howden
Comment:

--

Legend:

Unmodified
Added
Removed
Modified
  • BluePrintOrganisationRegistry

    v18 v19  
     1= NEW! =
     2This relates to functionality implemented in https://code.launchpad.net/~michael-howden/sahana-eden/eden. It is being documented in the Blue Prints so that the functionality can be reviewed. Once it is approved this documentation will be shifted between:
     3* UserGuidelinesAdmin
     4* UserGuidelinesOrganisationRegistry
     5* UserGuidelinesInventory
     6* S3XRC/ModelExtensions/SuperEntities
     7
     8== Site Super Entity ==
     9The following are instances of the site super entity:
     10 * org_office
     11 * cr_shelter
     12 * hms_hospital
     13The Site Super Entity allows the following components to be shared between these resources through the use of a single foreign key ({{{site_id}}}):
     14 * org_staff
     15 * inv_inv_item
     16 * inv_recv
     17 * inv_send
     18 * req_req
     19 * req_commit
     20
     21== Staff Permissions ==
     22Staff ({{{org_staff}}) can be added as components of site instances (offices, hospitals and shelters) and organisations. There are a number of Use Cases where you may want to apply permissions based on the staff of a resource:
     23 * Only staff of an organisation have permissions (READ, CREATE, UPDATE and/or DELETE) for their organisation resource.
     24 * Only staff stationed at a certain site have permissions (READ, CREATE, UPDATE and/or DELETE) for their organisation resource.
     25For further flexibility, there are 2 boolean fields for staff:
     26 * {{{no_access}} - If this is true, this staff member has no additional priviledges
     27 * {{{supervisor}}} - This gives the options for more permissive permissions for some staff.
     28
     29This is done by the {{{shn_create_record_roles}}} function in {{{models/05_org.py}}}, which can be called from a org or site onaccept by using:
     30{{{
     31# Create roles for each organisation
     32s3xrc.model.configure(table,
     33                      onaccept = shn_staff_join_onaccept_func(tablename)) 
     34}}}
     35
     36=== Enabling Staff Permissions ===
     37 1. Set:
     38 {{{
     39deployment_settings.security.policy = 3 # Controller-ACLs
     40deployment_settings.aaa.has_staff_permissions = True
     41deployment_settings.aaa.staff_acl = Permissions for staff
     42deployment_settings.aaa.supervisor_acl = Permissions for staff flagged as "supervisor"
     43}}}
     44 2. Add staff to organisations and sites
     45
     46=== Inheriting Permissions ===
     47To allow other components inherit the same permissions as the primary resource, the following function can be called, to add a onaccept function which will copy the "owned_by_role" from the primary resource
     48{{{
     49# Update owned_by_role to the site's owned_by_role   
     50s3xrc.model.configure(
     51    table,
     52    onaccept = shn_component_copy_role_func(component_name = tablename,
     53                                            resource_name = "org_site",
     54                                            fk = "site_id",
     55                                            pk = "site_id")
     56)   
     57}}}
     58
     59
     60=== To Do ===
     61 * How to handle permissions for site resources - should they inherit permissions from an organisation resource?
     62 * if a single person is assigned as staff to multiple sites or organisations, there will be multiple site records for this person. This may cause confusion when creating staff lists. Perhaps the data structure should be revised to accommodate this.
     63
     64== Inventory Management ==
     65Inventories can be added to any site instance, by adding {{{shn_show_inv_tabs(r)}}} to the rheader tabs for that site instance.
     66
    167= Organisation Registry  =
    268'''Who's doing What Where and When (4W)'''
     
    3399
    34100=== Office ===
     101Instance of the Site super entity
    35102 * Name
    36103 * Type IS_IN_SET([Headquarters,Regional,Country,Satellite Office]) (Would "Field" be a better term than "Satellite")
     
    41108 * Address 1
    42109 * Address 2 (used for Postcode)
    43  * Needs validation (checkbox) [NEW] or Validated
     110 * Needs validation (checkbox) [NEW] or Validate
    44111
    45112=== Contact ===