...
- SQL Databases provide "Transactional Scope"
- All operations within scope guaranteed to, either:
- Succeed completely (commit)
- Fail completely (rollback)
- Any error causes rollback:
- Duplicate key
- Validation error
- Security violation
- System failure
Security, Permissions and Roles
- Each Application has separate User profiles
- An "ITC User" must have a profile in each instance
- Can be externally authenticated (Windows Domain)
- No special privileges assigned to ITC user
- Permissions:
- Defined by application
- Fine-grained operations the software can perform
- Not analogous to file level protections or ACL's in Classic
- Roles
- Set of permissions granted to a role
- Defined per district per application
- May represent:
- Group of users
- Job Function
- One or more roles granted to Users
- Predefined Roles:
- ADMINISTRATORS (required)
- Classic compatibility: (If imported from Classic)
- SYSMAN_USER like OECN_SYSMAN
- USAS_MANAGER like OECN_USAS_GM
- USAS_REQ like OECN_USAS_REQ
- USAS_RO like OECN_USAS_RO
- USAS_STANDARD like OECN_USAS
- Similar for USPS
- Security in Application
- In User Interface:
- Hides Menu Options
- Hides or disables buttons and controls
- Application Layer
- Services verify users access
- If UI inadvertantly allows user access, Model protects authorized access
- In User Interface:
See /wiki/spaces/rtd/pages/2752614 for additional details.
Transactions, Events, Processing, Listeners & Rules
...
Understanding Permission Check
- If user is authorized to "Create" a Purchase Order, then:
- In UI, authorized to:
- search and select Vendor's
- search and select Expenditure Accounts
- In Data Model, authorized to:
- Post encumbrance Ledgers
- All side effects caused by Listeners and Rules
- In UI, authorized to: