Multiple User Types

It should be possible for a user to belong to several different categories, and receive the access rights based on amalgamation of those roles. For example, a user could be both a Primary Customer and also an SME.

In future there might be other user types, so if possible the creation, editing and deletion of user types should be possible using the PTS admin screens. There should be a matrix of user-type against privileges, and each privilige (create new ticket, resolve ticket, see other tickets etc etc) can be set on or off for each user-type. (Each actual user then gets the privilges based on the logical OR of each group they belong to)

-- TobyRodwell - 04 Jan 2006

Developer comments

The suggested solution is only for users that are not End-Customers. End-Customers will handled without any configurable matrix. There will be a separate link in Admin menu named “Roles”. Only PERT Managers will have access to it and be able to add/modify/remove user roles. CMs still will be able to assign roles to users, but not change them.

The list of roles will be presented to PERT Manager. Each role can be modified or deleted. Removing a role is only possible when there are no users associated with a given role. Adding a new role will also be possible.

Role add/edit Form layout

The form layout below presents the interface for adding or editing a role. It is divided into sections, each corresponding to a different object for which access is restricted.

Ticket

(PUBLIC tickets can be viewed by all users)

View PRIVATE and PUBLIC tickets NOT GRANTED from user's partner from all partners

*Add* a ticket

Update (by adding an action or explicitly changing state to UPDATE) tickets NOT GRANTED from user's partner from all partners

Modify (implies editing actions, and ticket details) NOT GRANTED only when user is the ticket's author from user's partner from all partners

Modify actions where user is the action's author only (only when modify privilege is granted)

Resolve tickets NOT GRANTED from user's partner from all partners

Acknowledge tickets NOT GRANTED from user's partner from all partners

Diary

Add and modify a diary entry NOT GRANTED only entries added by the user all schedule entries

Schedule

Add and modify NOT GRANTED only entries added by the user all schedule entries

Administration

Manage user accounts, partners, system settings

Manage user roles

Sample scenarios

Below are the already existing PERT roles described with the proposed schema.

Primary Customer

Ticket

(PUBLIC tickets can be viewed by all users)

View PRIVATE and PUBLIC tickets NOT GRANTED from user's partner from all partners

*Add* a ticket

Update (by adding an action or explicitly changing state to UPDATE) tickets NOT GRANTED from user's partner from all partners

Modify (implies editing actions, and ticket details) NOT GRANTED only when user is the ticket's author from user's partner from all partners

Modify actions where user is the action's author only (only when modify privilege is granted)

Resolve tickets NOT GRANTED from user's partner from all partners

Acknowledge tickets NOT GRANTED from user's partner from all partners

Diary

Add and modify a diary entry NOT GRANTED only entries added by the user all schedule entries

Schedule

Add and modify NOT GRANTED only entries added by the user all schedule entries

Administration

Manage user accounts, partners, system settings

Manage user roles

Subject Matter Expert

Ticket

(PUBLIC tickets can be viewed by all users)

View PRIVATE and PUBLIC tickets NOT GRANTED from user's partner from all partners

*Add* a ticket

Update (by adding an action or explicitly changing state to UPDATE) tickets NOT GRANTED from user's partner from all partners

Modify (implies editing actions, and ticket details) NOT GRANTED only when user is the ticket's author from user's partner from all partners

Modify actions where user is the action's author only (only when modify privilege is granted)

Resolve tickets NOT GRANTED from user's partner from all partners

Acknowledge tickets NOT GRANTED from user's partner from all partners

Diary

Add and modify a diary entry NOT GRANTED only entries added by the user all schedule entries

Schedule

Add and modify NOT GRANTED only entries added by the user all schedule entries

Administration

Manage user accounts, partners, system settings

Manage user roles

Case Manager

Ticket

(PUBLIC tickets can be viewed by all users)

View PRIVATE and PUBLIC tickets NOT GRANTED from user's partner from all partners

*Add* a ticket

Update (by adding an action or explicitly changing state to UPDATE) tickets NOT GRANTED from user's partner from all partners

Modify (implies editing actions, and ticket details) NOT GRANTED only when user is the ticket's author from user's partner from all partners

Modify actions where user is the action's author only (only when modify privilege is granted)

Resolve tickets NOT GRANTED from user's partner from all partners

Acknowledge tickets NOT GRANTED from user's partner from all partners

Diary

Add and modify a diary entry NOT GRANTED only entries added by the user all schedule entries

Schedule

Add and modify NOT GRANTED only entries added by the user all schedule entries

Administration

Manage user accounts, partners, system settings

Manage user roles

PERT Manager

Ticket

(PUBLIC tickets can be viewed by all users)

View PRIVATE and PUBLIC tickets NOT GRANTED from user's partner from all partners

*Add* a ticket

Update (by adding an action or explicitly changing state to UPDATE) tickets NOT GRANTED from user's partner from all partners

Modify (implies editing actions, and ticket details) NOT GRANTED only when user is the ticket's author from user's partner from all partners

Modify actions where user is the action's author only (only when modify privilege is granted)

Resolve tickets NOT GRANTED from user's partner from all partners

Acknowledge tickets NOT GRANTED from user's partner from all partners

Diary

Add and modify a diary entry NOT GRANTED only entries added by the user all schedule entries

Schedule

Add and modify NOT GRANTED only entries added by the user all schedule entries

Administration

Manage user accounts, partners, system settings

Manage user roles

Effort 15 man/days

-- Blazej Pietrzak - 16 Feb 2006

Comments

By TobyRodwell - 06 Mar 2006

Very good - since this will take a long time this should be one of the last features inplemented.

-- TobyRodwell - 06 Mar 2006