...
Statements about Primary Authorizations:
- A person that can grant A-SPECs.
- The SUBJECT that can be put into the A-SPEC is not limited in any way.
- Primary Authorizer is a FUNCTION within the META category.
- The PA-FUNCTION detetrmines which functions the PA may choose when creating A-SPECs
- The Qualifier, in this case, is always a Deparment*
- The qualifier within the PA-ASPEC determines the qualifiers the PA may choose when creating APECS.
The Primary Authorization function is a key to scalability when first ramping up with perMIT. Sites that aren't aware of this, or ignore it, will have to perform a lot of unnecessary data entry.
...
4 types of rules for implied ASPECS (the subject i
Condition | Result | ||
<ac:structured-macro ac:name="unmigrated-wiki-markup" ac:schema-version="1" ac:macro-id="24ffee49-2a75-49ab-8547-e8acd3d0c0f8"><ac:plain-text-body><![CDATA[ | Condition function + qualifier sub type +[qualifier code] | Function + qualifier sub type +[qualifier code] | ]]></ac:plain-text-body></ac:structured-macro> |
1a: | This implies that you can read room set information. | ||
F= EHS-Rep, Qs = RoomSet, Q= NULL | F=view hazard + Qs=RoomSet + Q=null (qualifier sub type is constant/copied from the condition side) | ||
1b: | f=view training data + Qs= PI (note the qualifier sub type transformation | ||
2a. f=grad-student Q=Bio(academic course numbers) | Func=view-library-materials Qual=Acme Bio Journal (note that transitioned from one hierarchy to another hierarchy) (place in hierarchy) | ||
2b. f=grad-student q=school-of-science (note that this is not an academic unit, it implies a number of children in the academic unit hierarchy) | F=view library material Quallifier = licensed science journal (transformed hierarchy) (inheritance of hierarchy) |
Wiki Markup
2a versus 2b: descend or not to descend. Example you are assigning something to a Director. But not assigning the privilege to all of the people that report to him.
...
- Create a rule of type 1a
- Create a rule of type 1b
- Create a rule of type 2a
- Create a rule of type 2b
- Activate a rule.
- Deactivate a rule.unmigrated-wiki-markup
- \[Force a rule to be evaluated. (Admin)\] - probably doesn't belong here. If the system evaluates realtime, then this meaningless.
- Linking a function to a function group.
- A function group allows you to create a rule that operates a number of function with one rule instead of needing separate rules to populate individual functions. Dealing with the condition functions, not the result function.
- (note the core roles DB has a way of grouping result functions, different table)
- Creating a new function group (some sort of an administrator, same type of person that creates rules)
- Create qualifier sub type (what terminology does Kuali use for this?)
- Profit center hierarchy has three types of subtypes:
- Cost object
- Profit center
- node
- Profit center hierarchy has three types of subtypes:
- Create Subtype_descendent_subtype
- One of the column is a pattern matching template. i.e. knows about formatting of the identifiers and triggers on it.
- Link qualifier_subtype and subtype_descendent_subtype
System Activities: (use cases that really internal to the system)
Wiki Markup - Rule type three for a logical AND of conditions? Not to be implemented or modeled in the foreseeable future.
...
Paul - write up SDLS and door access
All -
- discussion of data feeds
- Master domain hierarchy
- The META category
Jim continues working on stored procedure inventory (finished Thursday evening)
...
META: the self-referential category
Create functions within a category
...