Versions Compared

Old Version 2

changes.mady.by.user Paul B Hill

Saved on

compared with

New Version Current

changes.mady.by.user James A Repa

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Comment: Corrected links that should have been relative instead of absolute.

Roles Roadmap

Environment:

  1. Apply Oracle patch  5648872. This should fix the intermittent problems with the PowerBuilder application. (Rob G.)
  2. Move roles db off of Solaris and onto Linux VMware
  3. Migrate DB from ASCII to Unicode (UTF-8)

...

Support of customer projects:

  1. (done, Summer 2010) SUBJ qualifier heirachy into roles test, followed by roles production. (In support of AMPS and Online Grade submission projects)
  2. (done, Summer 2010) Function category for AMPS course content
  3. (done, Summer 2010) Justification for access to course registration data for AMPS?
  4. Math department - implied authorization usage (waiting to hear back from Math department)
  5. online grade submission (in progress) (Jim Repa is working as the primary contact with the customer - the customer should have needed Functions in place already for "phase 1", but we should follow up in "phase 2" to incorporate implied authorization rules)
  6. Roles to SAP feed: handle people with too many profiles without breaking the entire feed
    1. (improve Roles to SAP feed program to avoid problem of people with too many profiles, and handle error situations without stopping  the whole data feed)
  7. Web app for batch file processing
    1. This was a request from George P.
    2. Paul suggest suggests doing this as a grails application calling the Roles web service
  8. Put rule-driven EHS implied authorizations into production. (EHS implied authorizations used by the Warehouse currently use a pre-rule hard-coded SELECT statements.  The rules facility  has been tested for these EHS authorizations on the test Roles Database.  The rule-driven implied authorizations could be re-tested and moved to production in a few hours.  (The changes required in the rules processing in roles_extauth.pm have already been moved to production, but the rules themselves have not been moved into production.) The AMPS-related rules have already tested rule types 1a and 1b, but the EHS rules will provide a more complete validation. 

...

  1. (This is something Elena would like to see moved to production.)

General  General service improvements:

  1. Program for defragmenting a qualifier type (qualifier_id number  ranges) This program is written and has been tested on the test Roles  Roles DB.   It will be
         useful when qualifiers of a given type run out of their number  range of qualifier_ids.   
    1. Things to be added:
      1. Make sure we have good documentation - write a 1-2 page description.
      2. Allow Spend a couple of hours to allow a different option, to support  moving qualifier IDs to a different range (Done)
  2. Expand qualifier code character limit from 15 characters to 64?
    1. Are there stored procedures or feed programs that examine the length of the qualifier code?
      1. Identify the stored procedures that would need updating
    2. Are there applications receiving data that will break if they encounter a qualifier code longer than 15 characters?
      1. Should we try to take an inventory? Or should we create a new view that would filter out codes longer than 15 characters?

Misc:

...

  • The odd report - look at how it changes over time. Can we improve the output of the report so that it is meaningful to more people?
  • Knowledge  transfer / documentation?
  •  
    •  
  • Short term Implied authorizations enhancements:
    • Rule maintenance
      • Put rule-driven EHS implied authorizations into production. (EHS implied authorizations used by the Warehouse currently use a pre-rule hard-coded SELECT statements.  The rules facility 
        has been tested for these EHS authorizations on the test Roles 
        Database.  The rule-driven implied authorizations could be re-tested and 
        moved to production in a few hours.  It would be a good way of putting 
        rule types 1a and 1b into production.  This is something Elena would like 
        to see moved to production.)
  1. Minor enhancements to nightly data feed program for

...

  1. implied Authorizations.  The nightly data feed program extauth.pm needs some

...

  • Elena's requests (some are short-term and others may be longer-term 
    concerns)
    • accommodate a "2nd qualifier" for some HR authorizations

...

  • put EHS rule-driven implied authorizations into production

...

  1. minor enhancements to (A) support Function_groups in rule types 1a and 1b

...

  1. (which only support functions, not function_groups now) and (B) filtering out generated implied Authorizations when one Authorization is a subset of the other (e.g., in EHS, function "VIEW ROOM SET INFO" gives a superset of the privileges of "VIEW ROOM SET LIMITED") Part B will filter out some redundant Authorizations in the EHS system - this probably is not essential, but will make the generated implied authorizations less confusing to anyone looking at them.
  1. Add a UI or improve documentation for qualifier sub-types

...

  1. and Related configuration tables (There is no UI for defining qualifier "sub-types" and links

...

  1. to other object types.  Qualifier sub-types definitions are needed for

...

  1. some rule types. Consider either expanding the documentation to better

...

  1. explain this, or write a simple UI to maintain the additional

...

  1. configuration tables, or both.)

...

  1. Adding web service methods for Qualifier maintenance
    1. Check to see if existing stored procedures are sufficient to support web service "wrappers", or if some enhancements need to be done for server and end-user level authorization checking
  2. Qualifier maintenance
    1. Exploration of moving to real-time qualifier maintenance rather than batch feeds.  Could use existing stored procedures for new web services, but we might want to enhance the stored procedures to update links in primary_auth_descendent table
  3. Improved qualifier schemas - better support for qualifier sub-types (rather than pattern matching of qualifier_codes used in current rules support) and better integration with Master Department Hierarchy
  4. The existing four rule types support requirements for EHS and  Library, but could be made much more powerful if we allowed for  "composite" rules, i.e., rules that "and" together two or more rules

...

  • Improved qualifier schemas - better support for qualifier sub-types (rather than pattern matching of qualifier_codes used in current rules support) and better integration with Master Department 
    Hierarchy
  • Qualifier maintenance
    • Exploration of moving to real-time qualifier maintenance rather 
      than batch feeds.  Could use existing stored procedures for new web 
      services, but we might want to enhance the stored procedures to update links in primary_auth_descendent table
  • Adding web service methods for Qualifier maintenance
    • Check to see if existing stored procedures are sufficient to 
      support web service "wrappers", or if some enhancements need to be done for server and end-user level authorization checking

...

  1. of existing types (e.g., you get this implied authorization if two different

...

  1. rule conditions both fit)
  2. Bug fix: Roles Web UI: Allow searching on two character last names. (in progress, 9/2/2010)
  3. Bug fix: Roles Web UI: Problems with HR functions which have ampersands in them.   
  4. Build web-based UI for a few Roles administrators (in IS&T) to maintain server usernames to be added to Kerberos usernames in the Roles DB PERSON table.  Server usernames will be stored in new table EXTRA_USERNAME.  (Done 12/7/2010)
  5. Build a tool to send Email to all Primary Authorizers, possibly supporting different messages for different types of Primary Authorizers.  (Still gathering requirements as of 12/2010).

    Documentation:


  6.  Knowledge  transfer / documentation?
  7. The "ROLES / SAP R/3 PD Org Feed" report Should we improve the output of the report so that it is meaningful to more people?
  8. Do we need more documentation about rule maintenance in general?

    Misc:


  9. Release source to permit (in progress, 9/7/2010)
    1. Marilyn Smith and Steve Buckley have given the go ahead. Pat has provided Paul Hill with the links to the process that must be followed.
    2. Paul Heffernan has been assigned to this task.
  10. accommodate a "2nd qualifier" for some HR authorizations
    1. The use case needs to written up and a review of alternate ways to support the use case  should be examined.