perMIT use cases

Each of the cases below should be a link to a document that includes the full, detailed, story underlying the bullet item. The detailed document for each case should also include a reference to formal diagrams.

  1. User Alice grants an permission to user Bob (ADD)
  2. User Alice removes an permission that user Bob currently has. (DELETE)
  3. User Catherine reviews the audit trail of permissions that Bob has had over time. (AUDIT)
  4. User Catherine reviews the audit trail of permissions that Alice has modified over time. (AUDIT)
  5. User Catherine views a report of all of the users that have a particular permission as of date MM/DD/YYYY. (REPORT / AUDIT)
  6. User John creates a data feed to populate a qualifier from an external source. (ADMIN)
  7. User Fred creates a data feed that sends permission data into the ERP's financial reporting subsystem. (REPORT / ADMIN)
  8. User Dave creates a data feed from an external system that controls an implied permission. (ADMIN)
  9. User Dave modifies an implied permission rule. (ADMIN ?)
  10. User Andrew modifies a qualifier type. (ADMIN)
  11. User Andrew creates a new function category to support a new application. (ADMIN)
  12. User Andrew creates a qualifier hierarchy associated with a new function category. (ADMIN)
  13. User Andres creates a new qualifier type.
  14. User Andrew modifies a function's parent/child relationship. (ADMIN)
  15. User Scott needs to create some design artificats while he is creating a new application that will use perMIT to manage permissions. (N/A)
  16. Copy Joe's authorizatoins in catagory X to Fred
  17. Move Joe's authorizations in category X to Fred
  18. create, delete,  or update a function
  19. create or delete a function parent / child pair
  20. add or delete a qualifier of a specific qualifier type
  21. change a qualifier's parent
  22. change a qualifier's name (description)
  23. Floaf Joe's authorizations to expire on a given date
  24. central admin gives Joe authority to create auths ina given category (Makes Joe a "central" authorizer for an application area (aka category).)
  25. (Reporting) Look up authorizations for a person
  26. (reporting) Find everyone authorized to a do a given Function for a given Qualifier.
  27. (reporting) View "authorizations within a department"
    1. authorizatoins where the qualifier is limited to a given department
    2. authorizations for people having at least one authorization on a qualifier linked to a given department
  28. (reporting) View Authorizations granted by a given person
  29. (reporting) view two people's authorizations on the same screen for comparison
  30. (audit) authorizations modified (created, deleted, updated) by a person
  31. (audit) history of one person's authorizations
  32. (audit) history of autherizations enabling people to do function x on qualifier y.
  33. (admin) Add a new type of Primary Authorizer (PA) (add a new primary authorizer function in the meta category)
  34. (admin) Link a function to a PA function
  35. Give Joe and APEC for a PA-function and Qualifier (or dept).
  36. (admin) create, delete, or update a mater department (in the master department hierarchy)
  37. (admin) add or delete a link between a Master  Department and an HR or Financial or Academic object.
  38. Create a rule of type 1a.
  39. Create a rule of type 1b.
  40. Create a rule of type 2a.
  41. Create a rule of type 2b.
  42. Activate a rule.
  43. Deactivate a rule.
  44. Create a new function group.
  45. Link a function to a function group.
  46. Create a qualifier subtype.
  47. Create a subtype_descedent_subtype.
  48. Link a qualifier subtype to a subtype_descedent_subtype.
  49. (System Activity) Evaluate a Rule.
  • No labels

1 Comment

  1. Paul B Hill

    Note: as we review terminology we may need to update the formal terms used in these descriptions so that they are all properly aligned.