User Tools

Site Tools


use-cases:user-permissions-change
Use case name

#5: Change user permisions / role

Goal

Change the permissions (or role) of a given user

Scope

Server (Software) and Node (Software)

Level

Summary

Pre-conditions
  1. The user to update has to be registered (objective)
  2. The actioner has to be a credential of higher level than the objective (this condition also prevents admins from deleting other admins)
    1. Leandro: policy: admin or himself
Primary actor

A registered user (actioner)

Trigger

A registered user uses the web server interface (or an appropiate public API method) to change another user permissions or role

Main Success Scenario
  1. The actioner selects an user and clicks on change status options
  2. As alternative: the actioner sends a valid request with all information to the Public server API
  3. The server verifies the actioner credentials
  4. the server verifies that the actioner current credentials are enough (policy: higher than the objective user)
  5. The server verifies which slivers have been created (and are active or running) by the objective
    1. Leandro: why?
  6. The server modifies objective's permissions / role
  7. The server notifies to the objective that her status has been changed
  8. If the role has been degraded
  9. For each sliver → the server verifies that the nodes are not performing a prohibited action
  10. If yes, the server notifies to stop such action to the nodes
  11. The server notifies to the actioner that the operation is OK
Details

IVAN: Depending on the permissions, this may be limited to admins or slice owners. Leandro: Like in a mailing list, for a normal user this can create a request to be validated by an admin

use-cases/user-permissions-change.txt · Last modified: 2012/04/15 20:53 by leandro