Versions Compared

Version Old Version 23 New Version 24
Changes made by

Jim Wilson

Jim Wilson

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

Status meetings

...

  • Mary can access all BIEs because she is in the Admin role. Administrator can see everything.

  • Matt can only access BIEs in a business context associated with the ACME Brick role.

  • Tess can only access BIEs in a business context associated with the AgGateway role.

  • Ross can only access BIEs in a business context associated with the ACME Brick role or the AgGateway role, which in this example computes to be all of them.

Analysis about how this change could impact current on-prem users (and existing OAGi instances of Score), assuming we go with the business context (BC) approach

  1. Actually current roles in Score are below.

    1. Developer

    2. Admin developer

    3. End user

    4. Admin end user

  2. There is no difference b/w being admin or not being admin in term of the BIEs Access. So, it is okay to simply refer to Developer and End User here. But these have to be differentiated in the authentication server.

  3. When current instances of Score get upgraded to a multi-tenant version, roles have to be assigned to existing business contexts. Here are to options to keep the current accesses to existing BIEs

    1. Assume that BCs that have no roles assigned are accessible by any role.

    2. Assume that Developer, Admin Developer, End User, and Admin End User can always access all BIEs even though these roles are not present in BCs.

    3. All existing business contexts will be assigned all four roles when making upgrade to the multi-tenant version.

    4. Apparently, approach (a) is simpler. And for convenience, we mighty assume (c) as well. I don’t see any issue with that at this point. It means that the current BIEs in OAGi instances will be accessible to all, but that can also be changed later on.

  4. About the business contexts, currently anybody can manage business context. If the multi-tenant version restricts this to only Admin Developer or Developer, this can cause an issue with existing customers.

    1. Alternatives are:

      1. Make it an installation option to who can manage the BCs.

      2. Make an inform decision with current users. Maybe this is a best practice to limit BC management to only Developer role.

      3. Change the multi-tenant requirement to “Only Developer can manage BC/Role Assignment”. In other words, everyone is still free to create and manage the BC content itself but only Developer can assign roles to BCs. We have to think about BCs discard function, b/c right now anyone can discard BCs if there is no associated BIE - and this is likely still ok.

    2. Option (iii) seems simplest.

...

  1. Are all other user roles that are not Developer, Admin Developer, End User, and Admin End User considered subclasses of End User role? In other words, users in these roles inherit behavior of End User, e.g., they cannot create account, they cannot manage developer CCs, they can extend BIEs.

  2. Note that if they can extend BIEs, it means that we have to also implement access logic on the CC side where they can manage only end user CCs. However, end user CCs have no BC assigned, so how to we infer access authorization? <serm>I couldn’t think of a nice and simple solution to this. The simplest thing to do, which sounds like a hack, is to do not allow BIE extension for users that are not End User or Admin End User. Another option is to inferred, roles associated with CCs from BIEs they are used in, but some EUCCs may not yet be used in any BIEs. Or we can say that if they are not used yet then only the owner can access it. </serm>. EUCCs logic also have to change in that only EUCCs with the same access authorizations can be used together, but what if the access authorizations change later on. This is getting pretty real complicated.

  3. It looks like more sophisticated user role management functionality will need to be implemented in Score. For example, currently a user account cannot have multiple roles, e.g., an account cannot be both Developer and End User. We will still have to implement a user role management logic to do not allow the user account to have these two roles. Or that the user must select a role when he logs in, i.e., he cannot hold multiple roles when logging in. Also I think whether a CC or BIE is a Developer CC/BIE or End User CC/BIE, is inferred from the owner user. If the user can have multiple roles during the session, this logic can be affected.

...