...
Roles
Roles
C/R/U/D
Duplicate
Replace
Entities
Already existing:
...
create roles => CreateRolesMutation
update roles => UpdateRolesMutation
submit roles => SubmitRolesMutation
replace roles => ReplaceRolesMutationdelete roles => DeleteRolesMutation
duplicate roles => DuplicateRolesMutation
...
"gql_query_roles_perms": ["122001"]
"gql_mutation_create_roles_perms": ["122002"]
"gql_mutation_update_roles_perms": ["122003"]
"gql_mutation_replace_roles_perms": ["122006"]
"gql_mutation_duplicate_roles_perms": ["122005"]
"gql_mutation_delete_roles_perms": ["122004"]
"role_print_perms": ["122001"]
Models
The models should be created based on the existing tables.
Services
none
Frontend
The frontend should group the authorities/rights per managing module. In order to do that the two first digits for the authorities/rights code. The authorities contributed from other modules should be grouped with the associated module’s name.
Role search page
The list of roles should use the same layout as other existing list in openIMIS (claims, insuree ...)
Search fields:
Role name
System
blocked
Historical
show history will show the user that have a ValidityTo not NULL and in the PAST
search result
column
Role Name
(String) - text input (orAlternative Language
based on the user setting)Valid From
(Date) - date pickerValid To
(Date) - date pickerSystem
(Boolean) - checkboxBlocked
(Boolean) - checkbox
on each result line the edit/duplicate/delete button should be present but for the historical ones
...
Duplicate button open the “new“ page with the authorities form the “to be duplicated“ record preselected but the name is empty
Role add/edit page
Fields:
Role Name
(String) - text input, Mandatory
the add/edit page will have a save button when name is specified
Name must be unique accross record with ValidityTo not Null
preferred solution to assign a authority to Role in the same way the django admin does
Filter search box is a nice to have
Choose all/remove all are should have
...
Another solution is to show checkboxes grouped per entity and module
...
Open point: Xavier Gillmann (Unlicensed) how to get the string for the rights and module name ? should we use the module configurations json ? will it support standard translation ?
...
when the mutation “getAvailableRole“ will called then a signal will be sent Signal_get_module_role, the listener of that signal should return a module role definition object
roles = []
Signal_get_module_role()
for signal_listener
roles .amend(signal_listener.return_value)
module role definition object:
module_name: str
module_label = List of ‘lan_code':’display for lang_code'
roles = list of:
'role_name': str
'role_value': int
‘role_label’: List of ‘lan_code':’display for lang_code'
Solution 2 to retrieve the role (PREFERED)
...
Alternative Language
(String) - text inputSystem
(Boolean) - checkbox (read only)Blocked
(Boolean) - checkbox
list of permissions (or authorities )
the authorities will be displayed in two lists, the first one (on the left) showing the authorities NOT assigned to the role (“Available permission“) and the second (on the right) will show the authorities assigned to the roles(“Assigned permission“)
a search box will filter the authorities that have a translated label matching the the filter (icontains)
(nice to have) a arrow “assign all“ (pointing to the right) will be right to “Available permission“ and will move all the displayed permission in the “Available permission“ list to the “Assigned permission“ list; a arrow “remove all“(pointing to the left) will be left to “Assigned permission“ and will move all the displayed permission in“Assigned permission“ list to the “Available permission“ list.
on each line of the “Available permission“ an arrow will be on the right (pointing to the right) of the permission line, once clicked it will move the permission to the “Assigned permission“ list
on each line of the “Assigned permission“ an arrow will be on the left (pointing to the left) of the permission line, once clicked it will move the permission to the “Available permission“ list
(DateValidFrom and To are managed by the backend)
on create:
all fields are editable
on update:
if not system role, all fields are editable
if readonly right or system role: no fields are editable, no save button active
on duplicate
New card is open (like on create) Rights are duplicated but the Role Name and Alternative Language
remain empty