Taiwan Authorisation

Requirement about Access Control in Eden

By Hsiaojan Liu

• Briefing
  • Access control is able to create and edit
  • Read/write and read only should be separate for each role to each module.
  • For registry users, default access is limited since registry is open to public.
  • Each role is separate and independent. Each user is open to give multiple roles.
  • There are 3 types of confidentiality level for map. Each level is an independent module for role setting.
  • Special access control for “fulfill the request”
• Requirement – Create and edit role
  • Admin users are able to create role
  • Steps for role creation, all are required
    • Click “create a role” button
    • Name the role. Return error message for existing role name.
    • Check the access for modules by checking the access level, see 2.3.3
• Role list & Steps for role edition
  • Display as below

Role name / Modules	Org	Shelter	RMS	Hospital	Admin
Camp Admin	R	R/W	R/W	R	-
Camp Volunteer	R	R/W	R	-	-

• Find the role by searching role name or browsing role list.
• Module access and read/write or read only is editable.
• Click the role name and link to the role editing page as below

---

Role name camp amdin Access control setting

Org	none	Read /write	Read only
Shelter	none	Read /write	Read only
RMS	none	Read /write	Read only
Hospital	none	Read /write	Read only

SAVE

---

• Requirement – Read/write and read only
  • When the read only is checked for a specific module for a role, the write button should be gray out
  • For a user, read/write is able to rewrite read only from two roles for the same module.
  • Example: If user C has been given role A and role b, user c is able to read and write for module A.

Role A	Module A – Read/write
	Module B – Read only
Role B	Module A – Read only
	Module B – Read only

• Requirement – Role and users
  • Admin users is default to read/write for all modules and are able to give roles to each user.
  • User info edit page for each user
  • Put “user profile” into Edit personal Details page by adding one more tab.
  • Move the dropdown of login out and instead of the link of the user name to Edit personal Details page.
  • Put “Logout” beside user name.

• Requirement – Access to Mapping special
  • Three confidentiality level for map, basic map, advanced level, and top level
  • Each level has different layers form Eden map and which will be set by coding.
  • Each level is as a separate module in role creation process.

• Requirement – OpenID usage
  • OpenID login is enable for both Agasti and Eden of SahanaTW. However, ACL of the account should be applied with openid login.

---

Taiwan

BluePrintAuthorization