Objective
The Role management needs to be migrated from the legacy Web Application (Profile menu entry) to the new modular architecture and will be part of the Core module. The Role management, in particular Add/Edit Role screen, should take contributions from the other modules to add additional specific authorities.
Use cases
Web application
UC13-1: Search Role: Role list > enter search criteria > search
UC13-2: Add Role: Role list > add > select the authorities and define name > save
UC13-3: Update Role: Role list > Select Profile > update the authorities and name > save
UC13-4:Replace Role: Role list > Select Profile > update the authorities and name > replace > define replacement date(not in legacy)UC13-5: Remove Role: : Role list > Select Profile > remove > select replacement Role > confirm
UC13-8: Duplicate Role: Role list > Select Profile >duplicate > give the new name and, if required, update authorities > confirm
Backend
UC13-7: propagation of replacing / removing to user
Authority
Roles
Roles
C/R/U/D
Duplicate
Replace
Entities
Already existing:
tblRole
tblRoleRight
Details design
Backend module
Because openIMIS core already have an adapter to read the openIMIS roles and authorities, no business function will be required outside the database updates and Role management.
Mutations
Mutation as part of the schema file:
create roles => CreateRolesMutation
update roles => UpdateRolesMutation
submit roles => SubmitRolesMutation
replace roles => ReplaceRolesMutation
delete roles => DeleteRolesMutation
duplicate roles => DuplicateRolesMutation
Permissions
"gql_query_roles_perms": ["122001"]
"gql_mutation_create_roles_perms": ["122002"]
"gql_mutation_update_roles_perms": ["122003"]
"gql_mutation_replace_roles_perms": ["122006"]
"gql_mutation_duplicate_roles_perms": ["122005"]
"gql_mutation_delete_roles_perms": ["122004"]
"role_print_perms": ["122001"]
Models
The models should be created based on the existing tables.
Services
none
Frontend
The frontend should group the authorities/rights per managing module. In order to do that the two first digits for the authorities/rights code. The authorities contributed from other modules should be grouped with the associated module’s name.
Role search page
The list of roles should use the same layout as other existing list in openIMIS (claims, insuree ...)
show history will show the user that have a ValidityTo not NULL and in the PAST
on each result line the edit/duplicate/delete button should be present but for the historical ones
double click on line should open the role in edit mode unless this is an historical record then it will be read only
Duplicate button open the “new“ page with the authorities form the “to be duplicated“ record preselected but the name is empty
Role add/edit page
the add/edit page will have a save button when name is specified
Name must be unique accross record with ValidityTo not Null
preferred solution to assign a authority to Role in the same way the django admin does
Filter search box is a nice to have
Choose all/remove all are should have
Another solution is to show checkboxes grouped per entity and module
Open point: Xavier Gillmann (Unlicensed) how to get the string for the rights and module name ? should we use the module configurations json ? will it support standard translation ?
Solution 1 to retrieve the role from other module:
when the mutation “getAvailableRole“ will called then a signal will be sent Signal_get_module_role, the listener of that signal should return a module role definition object
roles = []
Signal_get_module_role()
for signal_listener
roles .amend(signal_listener.return_value)
module role definition object:
module_name: str
module_label = List of ‘lan_code':’display for lang_code'
roles = list of:
'role_name': str
'role_value': int
‘role_label’: List of ‘lan_code':’display for lang_code'
Solution 2 to retrieve the role (PREFERED)
get the roles that are showed in the django admin, we must be able to retrieve the related INT so we can save them in the database