In continuation of the previous post..
Approach for Implementation
Step 1: Assign Role Clearance Level (One-time activity)
o Assign a single, high-level clearance to
every role in the User Management screen and its purpose defines the highest
sensitivity of data each role is permitted to access.
|
Role |
Clearance
Level |
|
Admin |
Secret |
|
Finance Manager |
Confidential |
|
Lab Manager |
Confidential |
|
Lab Technician |
Internal |
Step 2: Classify Attributes (One-time activity via DACPAC)
o Classify each attribute once, stored
directly in the database via DACPAC seed scripts:
o Attributes will appear labelled clearly with
their classification levels within the Role Management UI.
|
Entity |
Attribute Name |
Classification |
|
Account |
Account Number |
Secret |
|
Account |
Financial Data |
Confidential |
|
Instrument |
Serial Number |
Confidential |
|
Contact |
Email Address |
Internal |
Step 3: Automatic Permission (Minimal effort)
o View Permissions:
ü Default "View" permission granted
automatically if the Role's assigned Clearance Level >= Attribute's
Classification Level.
|
Role
Clearance |
Attribute
Classification |
Automatically
Assigned View Permission |
|
Secret |
Secret,
Confidential, Internal, Public |
Yes |
|
Confidential |
Confidential,
Internal, Public |
Yes |
|
Internal |
Internal, Public |
Yes |
o Edit Permissions:
ü No automatic edit permission will be
inherited based on clearance level.
ü Explicitly assigned by administrators via
the Role Management UI.
Note:
o If a Role has Feature-level Edit permission,
it implicitly has View permissions, and all attributes within that feature
(entity) will automatically inherit Edit permission by default.
Step 4: Role Management (Overrides Only, Exception-based)
o Role Management UI can override any
permissions inherited by the system
·
Inherited
permissions are clearly displayed by default (based on classification and role
clearance).
·
Admins
explicitly manage deviations only (typically minimal).
o Planned Usability Enhancements:
·
"View
All" and "Edit All" toggles for bulk actions.
Specific Use
Case Examples
- Use Case 1: Feature-level
Edit Permission
- Granting Edit permission to
a feature (entity) automatically grants View and Edit permissions to all
attributes within that entity.
- Use Case 2: Partial Edit
Permissions (Attribute-level exceptions)
UI Form Behavior:
- Fields without Edit
permission are read-only.
- On Save (POST/PUT), only
authorized edited attributes are submitted.
- The backend explicitly
validates submissions. Unauthorized edits trigger explicit authorization
errors.
- Transactions succeed if no
unauthorized attributes are submitted.
- Use Case 3: Bulk Imports
(CSF Import Scenario)
- A CSF import contains 4
samples; the user lacks edit permissions on 2 attributes.
- The import succeeds for
samples that do not involve restricted attributes.
- The import explicitly fails
or skips samples(which doesn’t have edit access to those attributes),
providing clear feedback to the user:
"Some
attributes weren't imported due to insufficient permissions."
- Use Case 4: Masking
Behaviour
- If a user has sufficient
clearance but the View permission is disabled, the attribute appears
masked in the UI (e.g., "****").
- If a user does not have
sufficient clearance but the View permission is enabled, the attribute
appears masked in the UI (e.g., "****").
- Both Clearance and View
permissions are needed to view the attributes
|
Scenario |
Outcome |
UX
benefit |
|
Partial edit
permissions |
Non-editable
fields disabled |
Prevents
confusion |
|
No view
permission |
Attribute visible
as masked (****) |
Clearly indicates
permission/clearance issue |
|
No sufficient
clearance |
Attribute visible
as masked (****) |
Clearly indicates
permission/clearance issue |
No comments:
Post a Comment