/
Access Control Service(ACS)

Access Control Service(ACS)

Jun 03, 2019

Target release

2019-M1

 

 

Document status

DRAFT

Document owner

@Ghanshyam Rawat

Dev Status

NOT stated

QA Status

Not started

PO Approval

PENDING

Context:

DIGIT is API based Platform here each api is denoting to a DIGIT resource.
Access Control Service(ACS) main job is to Authorize end user based on their roles and provide access of the DIGIT platform resources.

Version:

  • V1 (Jan-2017  To Dec-2018)

  • V1.1(Jan-2019 To March 2019)


Guidelines:

  1. Mobile first - services, info, dashboard and reporting

  2. Localize - language (app, notifications, tracking, info)

  3. All-browsers and all-device compatibility

  4. UX/UI - "aam aadmi" design and not "silicon valley" design

  5. Accountability of gov employee - never compromise

  6. Standard Ontology - complaints, feedback, updates etc

  7. Should work-well in low speed / no speed networks also

Audience:

  1. Product Managers

  2. Developers

  3. Testers

  4. Co-creation partners

  5. Implementation Team

  6. Third Party(TP) integrators

Objectives:

Objective of access control service are listed as below.

  • Authorisation of user actions.

 

Functionality & Definitions :

Access control functionality basically works based on below points:

Actions: Actions are events which is performed by an user. This can be a api end-point or Frontend event. This is MDMS master

Roles: Role are assigned to user, a user can hold multiple roles. Roles are defined in MDMS masters.

Role-Action: Role actions are mapping b/w Actions and Roles. Based on Role,Action  mapping access control service identifies applicable action for role.

Feature List V1:

  • Serve the applicable actions for a user based on user role(To print menu three).

  • On each action which is performed by an user, access control look at the roles for the user and validate actions mapping with the role.

Feature List V1.1(Impacted from user changes):

  • Action authorization for multi tenant user.

  • Module tenant mapping validation based on city-tenant master data from MDMS.

Feature List V1.2(Impacted from user changes):

  1. Actions,Role,& Role-action has to be simplified.(Denormalization)

  2. Support tenant level role-action

 

Interaction Diagram:

API Contract: 

Need to update the contract

https://raw.githubusercontent.com/egovernments/egov-services/master/docs/egov-accesscontrol/contracts/v1-0-1.yml

Redoc Link:

Need to update the contract

https://egov-micro-dev.egovernments.org/redoc/?api=Egov%20Accesscontrol%20V1.0.1