Version 4 (modified by pofeng, 13 years ago) ( diff )


Taiwan Authorisation

Requirement about Access Control in Eden

By Hsiaojan Liu

  • Briefing
    • Access control is able to create and edit
    • Read/write and read only should be separate for each role to each module.
    • For registry users, default access is limited since registry is open to public.
    • Each role is separate and independent. Each user is open to give multiple roles.
    • There are 3 types of confidentiality level for map. Each level is an independent module for role setting.
    • Special access control for “fulfill the request”
  • Requirement – Create and edit role
    • Admin users are able to create role
    • Steps for role creation, all are required
      • Click “create a role” button
      • Name the role. Return error message for existing role name.
      • Check the access for modules by checking the access level, see 2.3.3
  • Role list & Steps for role edition
    • Display as below
Role name / Modules Org Shelter RMS Hospital Admin
Camp Admin R R/W R/W R -
Camp Volunteer R R/W R - -
  • Find the role by searching role name or browsing role list.
  • Click the role name and link to the role editing page as below
Role name camp amdin Access control setting
Org none Read /write Read only
Shelter none Read /write Read only
RMS none Read /write Read only
  • Module access and read/write or read only is editable.

  • Requirement – Read/write and read only
    • When the read only is checked for a specific module for a role, the write button should be gray out
    • For a user, read/write is able to rewrite read only from two roles for the same module.
    • Example: If user C has been given role A and role b, user c is able to read and write for module A.
Role A Module A – Read/write
Module B – Read only
Role B Module A – Read only
Module B – Read only
  • Requirement – Role and users
    • Admin users is default to read/write for all modules and are able to give roles to each user.
    • User info edit page for each user
    • Put “user profile” into Edit personal Details page by adding one more tab.
    • Move the dropdown of login out and instead of the link of the user name to Edit personal Details page.
    • Put “Logout” beside user name.
  • Requirement – Access to Mapping special
    • Three confidentiality level for map, basic map, advanced level, and top level
    • Each level has different layers form Eden map and which will be set by coding.
    • Each level is as a separate module in role creation process.
  • Requirement – OpenID usage
    • OpenID login is enable for both Agasti and Eden of SahanaTW. However, ACL of the account should be applied with openid login.



Attachments (1)

Download all attachments as: .zip

Note: See TracWiki for help on using the wiki.