| Deletions are marked like this. | Additions are marked like this. |
| Line 2: | Line 2: |
|
<<TableOfContents>> = Introduction = = Roles = The types of roles are defined in the database in the '''Roles''' table. == Role Types == The following types of roles are defined: * '''Administrative Roles''' - for managing users, user roles and the system configuration * '''Workflow Roles''' - for performing workflow steps on revisions and tasks * '''Submittal Recipient Roles''' - define who receives copies of submittals * '''Task Subscriber Roles''' - define who receives emails when tasks are created and updated. A long term goal is to improve the management Note that the former '''Management Roles''' (PM, LE, Assistants, Deputies, etc.) will be deleted. They attempted to define a project organization, which is unrelated to user roles. == Detailed List of Roles == * Documents and Revisions * New/Update - Allows creation and update of Documents and Revisons * Workflow - Allows user to perform a workflow step. Determines which users appear in the '''who''' dropdown menu. * Receive * Design/Create * Check * Approve - Up to four approval steps * Release * Submit - Filled in by the submittal transaction * View * Normal * Restricted - User not allowed to see revisions where the workflow is not complete, and (depending on the site settings) superseded revisions. Also called the ''contractor role''. * Tasks * New/Update - Allows creation and update of Tasks * Workflow - Allows user to perform a workflow step. Determines which users appear in the '''who''' dropdown menu. Note that this will not be implemented immediately. The workflow steps will probably be limited to an approve step, which allows setting status and complete date. * Receive * Design/Create * Check * Approve - Up to four approval steps * Release * View * Normal - Allows view and creation of all types of comment notes * Restricted - Restricts the display and creation of comment notes. The configuration (or site settings) have lists of what types of contents can be created and displayed * Submittals * New/Update - Allows creation of submittals and transmissions * Transmit - Allows transmission of submittals and transmissions * View * Users and User Roles * New/Update - Allows creation and updating of users and user roles. * View * Normal - Sees all users and user roles * Restricted - Can see user records, but not user roles = User Roles = A '''User``Role''' defines the authorization to perform operations, based on: * '''userId''' - the Users ID * '''contractId''' - the contract/area of the data being operated upon. If zero/null then the User``Role applies to all contracts. * '''groupId''' - the group of the data being operated upon. If zero/null then the User``Role applier to all groups in the contract. * '''roleId''' - the role involved = Transaction Authorization = The ability to run transactions is controlled by ''UserRole'' records. Two steps of authorization are performed: 1. The ability to start a FSM or BT transaction is checked when it is instantiated by the finite state machine (in newBT and newFSM?). Given the following inputs: * a '''Transaction Name''' (as defined in app/config/TransactionMap.php) or '''Transaction Class''' (a BT or FMS class name) * the '''userId''' from the global session * the current '''contractId''' and '''groupId''' from the global session 1. In the transaction class, an additional test is made. The test varies depending on whether a new object is being created or updated/displayed: * For a '''new''' transaction the contractId (from the session) and groupId of the object (?) is used * For a '''update''' and '''view''' transaction the contractId and groupId of the object is used For view transactions, additional checks based on the type of view may be performed that alter what is displayed. In this case == Transaction Map == Defined in app/config/TransactionMap.php The transaction map is an associative array: * Keys: '''Transaction Class''' names, defined in sub-directories in the app/tran directory * Values: '''Transaction Names''' or arrays of transaction names. These names are used to make lookups in the Profiles (see next section). Example extract from the transaction map: {{{ $this->map = array( ... 'DocumentUpdFSM' => 'DrawingUpd', 'DocumentUpdFormBT' => 'DrawingUpd', 'DocumentUpdConfBT' => 'DrawingUpd', 'RevisionNewFSM' => 'RevisionNew', 'RevisionNewFormBT' => 'RevisionNew', 'RevisionNewConfBT' => 'RevisionNew', ... 'DrawingListFSM' => array( 'DrawingView', 'DrawingViewRestricted' ), 'DrawingListBT' => array( 'DrawingView', 'DrawingViewRestricted' ), 'DrawingDetailFSM' => array( 'DrawingView', 'DrawingViewRestricted' ), 'DrawingDetailBT' => array( 'DrawingView', 'DrawingViewRestricted' ), ... 'CommentNoteNewFSM' => 'CommentNew', 'CommentNoteNewFormBT' => 'CommentNew', 'CommentNoteNewConfBT' => 'CommentNew', 'CommentAskUploadBT' => 'CommentNew', 'CommentNoteUpdFSM' => 'CommentNew', 'CommentNoteUpdFormBT' => 'CommentNew', 'CommentNoteUpdConfBT' => 'CommentNew', 'CommentAttachmentNewFSM' => 'CommentNew', 'CommentAttachmentNewFormBT' => 'CommentNew', 'CommentAttachmentNewConfBT' => 'CommentNew', ... }}} == Profiles == = Open Points = * Who is allowed to see '''history'''? Suggest: * Normal view - Yes * Restricted view - No * Marking items obsolete and restoring them? * Changing comment notes created by other users? = Transaction Authorization = Transaction |
|
| Line 7: | Line 166: |
| * contract``Id - If zero/null then the User``Role applies to all contracts. | * contract``Id - |
Roles and Authorization
Contents
Introduction
Roles
The types of roles are defined in the database in the Roles table.
Role Types
The following types of roles are defined:
Administrative Roles - for managing users, user roles and the system configuration
Workflow Roles - for performing workflow steps on revisions and tasks
Submittal Recipient Roles - define who receives copies of submittals
Task Subscriber Roles - define who receives emails when tasks are created and updated. A long term goal is to improve the management
Note that the former Management Roles (PM, LE, Assistants, Deputies, etc.) will be deleted. They attempted to define a project organization, which is unrelated to user roles.
Detailed List of Roles
- Documents and Revisions
- New/Update - Allows creation and update of Documents and Revisons
Workflow - Allows user to perform a workflow step. Determines which users appear in the who dropdown menu.
- Receive
- Design/Create
- Check
- Approve - Up to four approval steps
- Release
- Submit - Filled in by the submittal transaction
- View
- Normal
Restricted - User not allowed to see revisions where the workflow is not complete, and (depending on the site settings) superseded revisions. Also called the contractor role.
- Tasks
- New/Update - Allows creation and update of Tasks
Workflow - Allows user to perform a workflow step. Determines which users appear in the who dropdown menu. Note that this will not be implemented immediately. The workflow steps will probably be limited to an approve step, which allows setting status and complete date.
- Receive
- Design/Create
- Check
- Approve - Up to four approval steps
- Release
- View
- Normal - Allows view and creation of all types of comment notes
- Restricted - Restricts the display and creation of comment notes. The configuration (or site settings) have lists of what types of contents can be created and displayed
- Submittals
- New/Update - Allows creation of submittals and transmissions
- Transmit - Allows transmission of submittals and transmissions
- View
- Users and User Roles
- New/Update - Allows creation and updating of users and user roles.
- View
- Normal - Sees all users and user roles
- Restricted - Can see user records, but not user roles
User Roles
A UserRole defines the authorization to perform operations, based on:
userId - the Users ID
contractId - the contract/area of the data being operated upon. If zero/null then the UserRole applies to all contracts.
groupId - the group of the data being operated upon. If zero/null then the UserRole applier to all groups in the contract.
roleId - the role involved
Transaction Authorization
The ability to run transactions is controlled by UserRole records. Two steps of authorization are performed:
- The ability to start a FSM or BT transaction is checked when it is instantiated by the finite state machine (in newBT and newFSM?). Given the following inputs:
a Transaction Name (as defined in app/config/TransactionMap.php) or Transaction Class (a BT or FMS class name)
the userId from the global session
the current contractId and groupId from the global session
- In the transaction class, an additional test is made. The test varies depending on whether a new object is being created or updated/displayed:
For a new transaction the contractId (from the session) and groupId of the object (?) is used
For a update and view transaction the contractId and groupId of the object is used For view transactions, additional checks based on the type of view may be performed that alter what is displayed. In this case
Transaction Map
Defined in app/config/TransactionMap.php
The transaction map is an associative array:
Keys: Transaction Class names, defined in sub-directories in the app/tran directory
Values: Transaction Names or arrays of transaction names. These names are used to make lookups in the Profiles (see next section).
Example extract from the transaction map:
$this->map = array( ... 'DocumentUpdFSM' => 'DrawingUpd', 'DocumentUpdFormBT' => 'DrawingUpd', 'DocumentUpdConfBT' => 'DrawingUpd', 'RevisionNewFSM' => 'RevisionNew', 'RevisionNewFormBT' => 'RevisionNew', 'RevisionNewConfBT' => 'RevisionNew', ... 'DrawingListFSM' => array( 'DrawingView', 'DrawingViewRestricted' ), 'DrawingListBT' => array( 'DrawingView', 'DrawingViewRestricted' ), 'DrawingDetailFSM' => array( 'DrawingView', 'DrawingViewRestricted' ), 'DrawingDetailBT' => array( 'DrawingView', 'DrawingViewRestricted' ), ... 'CommentNoteNewFSM' => 'CommentNew', 'CommentNoteNewFormBT' => 'CommentNew', 'CommentNoteNewConfBT' => 'CommentNew', 'CommentAskUploadBT' => 'CommentNew', 'CommentNoteUpdFSM' => 'CommentNew', 'CommentNoteUpdFormBT' => 'CommentNew', 'CommentNoteUpdConfBT' => 'CommentNew', 'CommentAttachmentNewFSM' => 'CommentNew', 'CommentAttachmentNewFormBT' => 'CommentNew', 'CommentAttachmentNewConfBT' => 'CommentNew', ...
Profiles
Open Points
Who is allowed to see history? Suggest:
- Normal view - Yes
- Restricted view - No
- Marking items obsolete and restoring them?
- Changing comment notes created by other users?
Transaction Authorization
Transaction
Authorization is based on the existance of UserRoles records defined in the database.
UserRoles fields associated with authorization:
contractId -
groupId - If zero/null then the UserRole applier to all groups in the contract.
userId
roleId
isAllowed
Authorization is used for two functions:
Transaction Authorization - Allowing access to Busines Transactions and FSMs - Handled by BusinessTransactionBase->newBT, which is called by the Dispatcher and FiniteStateMachine.
Detail Screen and Download and Authorization - Allowing access to viewing of detail screens and downloading document files - Handled by UserRoles::hasRole.
Classes involved:
TransactionGuard - A plan
Authorizer - Stored in the Session
UserRoles
Main entry point from the application
UserRoles::hasRole - Called by application code.
Transaction Authorization
Detail Screen and Download and Authorization
Authorization of file downloads - Handled by Revisions->isDownloadAllowed, which ultimately calls UserRoles->hasRole. DrawingsRevisionsJoinSet calls Revisions->isDownloadAllowed.