List of Functional Requirements for Security module:
- 1. Build a security tree of all UFIMS operations. Classify each operation in terms of Execute, View, Edit and Create permissions.
- 2. Create and manage security information (user names, passwords) for Users, User Groups and User Domains
- 3. Maintain security permissions of each User, User Group and/or User Domain:
- a. Each of the above entities is assigned a permission set (e.g., Allow Read on Operation A, Deny Execute on Operation C) for each operation on the security tree of operations
- b. Build a user friendly GUI for maintaining security permissions
- 4. Integrate each UFIMS operation with the security module, so that proper access rights are checked for the user in the context of executing operation. Do not allow running operations denied to the user or user’s owner group/domain. Hide certain fields on the screens for the users that do not have sufficient access rights.
- 5. Integrate security maintenance GUI with the Transaction History module so that all changes to user records or their permissions could be audit trailed.
- 6. Persist security information between deployments of the new versions of the system on the Client server.