Objective
The Role management needs to be migrated from the legacy Web Application (Profile menu entry) to the new modular architecture and will be part of the Core module. The Role management, in particular Add/Edit Role screen, should take contributions from the other modules to add additional specific authorities.
Use cases
Web application
UC13-1: Search Role: Role list > enter search criteria > search
UC13-2: Add Role: Role list > add > select the authorities and define name > save
UC13-3: Update Role: Role list > Select Profile > update the authorities and name > save
UC13-4:Replace Role: Role list > Select Profile > update the authorities and name > replace > define replacement date(not in legacy)UC13-5: Remove Role: : Role list > Select Profile > remove > select replacement Role > confirm
UC13-8: Duplicate Role: Role list > Select Profile >duplicate > give the new name and, if required, update authorities > confirm
Backend
UC13-7: propagation of replacing / removing to user
Authority
Roles
Roles
C/R/U/D
Duplicate
Replace
Entities
Already existing:
tblRole
tblRoleRight
Details design
Backend module
Because openIMIS core already have an adapter to read the openIMIS roles and authorities, no business function will be required outside the database updates and Role management.
Mutations
Mutation as part of the schema file:
create roles => CreateRolesMutation
update roles => UpdateRolesMutation
submit roles => SubmitRolesMutation
replace roles => ReplaceRolesMutationdelete roles => DeleteRolesMutation
duplicate roles => DuplicateRolesMutation
Permissions
"gql_query_roles_perms": ["122001"]
"gql_mutation_create_roles_perms": ["122002"]
"gql_mutation_update_roles_perms": ["122003"]
"gql_mutation_replace_roles_perms": ["122006"]
"gql_mutation_duplicate_roles_perms": ["122005"]
"gql_mutation_delete_roles_perms": ["122004"]
"role_print_perms": ["122001"]
Models
The models should be created based on the existing tables.
Services
none
Frontend
The frontend should group the authorities/rights per managing module. In order to do that the two first digits for the authorities/rights code. The authorities contributed from other modules should be grouped with the associated module’s name.
Role search page
The list of roles should use the same layout as other existing list in openIMIS (claims, insuree ...)
Search fields:
Role name
System
blocked
Historical
show history will show the user that have a ValidityTo not NULL and in the PAST
search result
column
Role Name
(String) - text input (orAlternative Language
based on the user setting)Valid From
(Date) - date pickerValid To
(Date) - date pickerSystem
(Boolean) - checkboxBlocked
(Boolean) - checkbox
on each result line the edit/duplicate/delete button should be present but for the historical ones
double click on line should open the role in edit mode unless this is an historical record then it will be read only
Duplicate button open the “new“ page with the authorities form the “to be duplicated“ record preselected but the name is empty
Role add/edit page
the add/edit page will have a save button when name is specified
Name must be unique accross record with ValidityTo not Null
preferred solution to assign a authority to Role in the same way the django admin does
Filter search box is a nice to have
Choose all/remove all are should have
Another solution is to show checkboxes grouped per entity and module
Fields:
Role Name
(String) - text input)Alternative Language
(String) - text inputSystem
(Boolean) - checkboxBlocked
(Boolean) - checkbox
(DateValidFrom and To are managed by the backend)
on create:
all fields are editable
on update:
if not system role, all fields are editable
if readonly right or system role: no fields are editable, no save button active
on duplicate
New card is open (like on create) Rights are duplicated but the Role Name and Alternative Language
remain empty
Solution 2 to retrieve the role (PREFERED)
get the roles that are showed in the django admin, we must be able to retrieve the related INT so we can save them in the database