Access Control Service(ACS)

Target release2019-M1


Document status
DRAFT
Document owner
Dev StatusNOT STATED
QA StatusNOT STARTED
PO ApprovalPENDING

Context:

DIGIT is API based Platform here each api is denoting to a DIGIT resource.
Access Control Service(ACS) main job is to Authorize end user based on their roles and provide access of the DIGIT platform resources.

Version:

  • V1 (Jan-2017  To Dec-2018)
  • V1.1(Jan-2019 To March 2019)


Guidelines:

  1. Mobile first - services, info, dashboard and reporting
  2. Localize - language (app, notifications, tracking, info)
  3. All-browsers and all-device compatibility
  4. UX/UI - "aam aadmi" design and not "silicon valley" design
  5. Accountability of gov employee - never compromise
  6. Standard Ontology - complaints, feedback, updates etc
  7. Should work-well in low speed / no speed networks also

Audience:

  1. Product Managers
  2. Developers
  3. Testers
  4. Co-creation partners
  5. Implementation Team
  6. Third Party(TP) integrators

Objectives:

Objective of access control service are listed as below.

  • Authorisation of user actions.


Functionality & Definitions :

Access control functionality basically works based on below points:

Actions: Actions are events which is performed by an user. This can be a api end-point or Frontend event. This is MDMS master

Roles: Role are assigned to user, a user can hold multiple roles. Roles are defined in MDMS masters.

Role-Action: Role actions are mapping b/w Actions and Roles. Based on Role,Action  mapping access control service identifies applicable action for role.

Feature List V1:

  • Serve the applicable actions for a user based on user role(To print menu three).
  • On each action which is performed by an user, access control look at the roles for the user and validate actions mapping with the role.

Feature List V1.1(Impacted from user changes):

  • Action authorization for multi tenant user.

  • Module tenant mapping validation based on city-tenant master data from MDMS.

Feature List V1.2(Impacted from user changes):

  1. Actions,Role,& Role-action has to be simplified.(Denormalization)
  2. Support tenant level role-action


Interaction Diagram:


API Contract: 

Need to update the contract

https://raw.githubusercontent.com/egovernments/egov-services/master/docs/egov-accesscontrol/contracts/v1-0-1.yml

Redoc Link:

Need to update the contract

https://egov-micro-dev.egovernments.org/redoc/?api=Egov%20Accesscontrol%20V1.0.1