wiki:TaiwanAuthorisation

Taiwan Authorisation

Requirement about Access Control in Eden

By Hsiaojan Liu

  • Briefing
    • Access control is able to create and edit
    • Read/write and read only should be separate for each role to each module.
    • For registry users, default access is limited since registry is open to public.
    • Each role is separate and independent. Each user is open to give multiple roles.
    • There are 3 types of confidentiality level for map. Each level is an independent module for role setting.
    • Special access control for “fulfill the request”
  • Requirement – Create and edit role
    • Admin users are able to create role
    • Steps for role creation, all are required
      • Click “create a role” button
      • Name the role. Return error message for existing role name.
      • Check the access for modules by checking the access level, see 2.3.3
  • Role list & Steps for role edition
    • Display as below
Role name / Modules Org Shelter RMS Hospital Admin
Camp Admin R R/W R/W R -
Camp Volunteer R R/W R - -
  • Find the role by searching role name or browsing role list.
  • Module access and read/write or read only is editable.
  • Click the role name and link to the role editing page as below

Role name camp amdin Access control setting

Org none Read /write Read only
Shelter none Read /write Read only
RMS none Read /write Read only
Hospital none Read /write Read only

SAVE


  • Requirement – Read/write and read only
    • When the read only is checked for a specific module for a role, the write button should be gray out
    • For a user, read/write is able to rewrite read only from two roles for the same module.
    • Example: If user C has been given role A and role b, user c is able to read and write for module A.
Role A Module A – Read/write
Module B – Read only
Role B Module A – Read only
Module B – Read only
  • Requirement – Role and users
    • Admin users is default to read/write for all modules and are able to give roles to each user.
    • User info edit page for each user
    • Put “user profile” into Edit personal Details page by adding one more tab.
    • Move the dropdown of login out and instead of the link of the user name to Edit personal Details page.
    • Put “Logout” beside user name.
  • Requirement – Access to Mapping special
    • Three confidentiality level for map, basic map, advanced level, and top level
    • Each level has different layers form Eden map and which will be set by coding.
    • Each level is as a separate module in role creation process.
  • Requirement – OpenID usage
    • OpenID login is enable for both Agasti and Eden of SahanaTW. However, ACL of the account should be applied with openid login.

Taiwan

BluePrintAuthorization

Last modified 11 years ago Last modified on 08/31/10 04:21:47

Attachments (1)

Download all attachments as: .zip

Note: See TracWiki for help on using the wiki.