Background

User Maintenance implements the Indigina Core User Identities functionality which uses a secure database and is designed and implemented as follows:

https://bigdigit.atlassian.net/wiki/spaces/TD/pages/3385950227

The White Glove Application requires UI to a number of these entities.

Entity	Purpose	UI	Information	Example

Entity	Purpose	UI	Information	Example
Users	User	Yes	Capture information about the users and store it in the Identities database	Create a user
Applications	Applications which exists	No	List of applications	eg. White Glove, SEKO 360,
UserApplications	Applications a user can see	No	A UserApplication record will be created on save of the User for White Glove (and SEKO 360 WMS?)	Janet uses White Glove
UserIdentities	What a user represents in the application	Yes	A user identity and user role are linked in this UI. A default identity will be created when a user is created. In most cases only one identity is required per user although each identity can have different user roles. In some cases more than one identity will be required, for example when somebody wishes to log in as a client in order to check the data and functionality.	Default identity against a user.
UserRoles	User specific roles which can be associated with an identity	Yes	The few roles required will be created programmatically. The link from the Identity and the Role must be done through the UI.	Role 1: “Admin” type role to maintain users within White Glove, partner SEKO Farnborough. Role 2: “User” type role to process bookings only Role 3: Client type role for client portal Role 4: Supplier type role for supplier portal
UserRolePermissions	Functional permissions	No	Permissions granted to specific roles	Programmatically created in the first instance. Allow users to access certain areas of the application based on the user role type allocated to the user.
UserIdentityScopes	Row level security	Yes	In White Glove, scopes for the application translate as different types of row level security. If there is a need for different identities to see different data, this is implemented here.	Identities are given permission to see specific data and this has to be controlled by SEKO Farnborough.

Example of Real User Records

Application: White Glove
Partner: SEKO Farnborough

User	Identity	Role	Scope	Explanation

User	Identity	Role	Scope	Explanation
Lucy	Internal User	“User” + “Admin”	Client = “” Supplier = “”	Log into Smart Hub Dropdown to select client Dropdown to select supplier Add new users in Smart Hub
Lucy	Client	“Client”	Client = ”*”	Log into Client Portal Dropdown to select client
Kim	Internal User	“User”	Client = “ROOM”	Log into Smart Hub See only “ROOM” data, no dropdown
Jack	Client	“Client”	Client = “ROOM”	Log into Client Portal See only “ROOM” data, no dropdown
Simon	Client	“Client”	Client = “Pharma”	Log into Client Portal See only “Pharma” data, no dropdown

Requirements

Admin - User Maintenance

User Maintenance List Users to see users, their identities and roles https://bigdigit.atlassian.net/browse/WG-545
User Maintenance Details Screen to view and update general user information and add identitieshttps://bigdigit.atlassian.net/browse/WG-994
- Create User Identities (pass in user and identity alias and it will create the identity alone if the user already exists, otherwise it will create the user and the identity).
Manage role allocation against a user identity https://bigdigit.atlassian.net/browse/WG-995
Create specific permissions against a role (backend programming) https://bigdigit.atlassian.net/browse/WG-996
Manage scope allocation against a user identity https://bigdigit.atlassian.net/browse/WG-997

Application Identity Switching

If a user has more than one Identity assigned to them a selection must be made for a given user when they log on (eg. drop-down of identity if there is more than one). The selection becomes the default until a new selection is made.
For example whilst in an application, an internal user with client portal access could have a default selection to their internal user whilst being able to switch to a client portal user by selecting a client portal identity. https://bigdigit.atlassian.net/browse/WG-1003

Allocated Permissions within Application

The White Glove application has permissions which need to be applied to screens and assets within each screen. https://bigdigit.atlassian.net/browse/WG-1004

List of Users

Users can be maintained by selecting “Maintenance” in the left hand menu. This will show a list of users containing the following information:

User Name
Contact Details
User Identities
- Internal user, possibly also client and supplier for specific users
- Client for a client user
- Supplier for a supplier user
User roles for each identity
- User - application maintenance and configuration
- Client - client view
- Supplier - supplier view

User Details

Operations

The User record can be maintained, deleted, cloned and added. Identities can be selected in this screen.

Identities

Users can have identities added. An identity is one configuraton of a user which allows them to behave in a defined way within the application.

There is a default identity created when a user is created. In the White Glove application the identities are

Internal User
Client
Supplier

Roles

A user role defines what the user can do within its identity. Roles can be as big or as small as required and multiple roles can be assigned to an identity. Specific permissions are granted to each role.

Permissions

A set of permissions is applied to functionality within the application, enabling users to perform only the functions specifically allocated to them.

Scope

Scope is about the data which the user can see within their selected identity. This applies to a specific identity with a specific set of roles. For the White Glove application the current scope is confined to client and supplier records.

Domain Model

https://bigdigit.atlassian.net/wiki/spaces/TD/pages/3527475233