KMP Documentation

Appearance

Authentication and Authorization

Persona

Super Admin

  • Super Admin can manage permissions and permission groups

User

  • Anyone can signup using email address and/or Google account
  • User can create their own Organizations

Organization Owner

  • Organization owner can invite any registered user to become member
  • Organization owner can cancel the invitation
  • Organization owner can assign permission group for member
  • Organization owner can remove member

Member

  • User will get notification for every invitations sent by organization owners
  • User can accept or decline the invitations
  • User can have many permission groups

Authentication

Registration with email address

  • User can register by submittinng their email address
  • User will receive email with confirmation code attached in their inbox
  • On first login user must enter the confirmation code and enter their password afterward

Registration with Google Account

  • (TBD)

Authorization

Permissions

Permissions are stored as string organized by module, entity and action separated by colon (:). For example :

  • kms:knowledgeMap:create : will give permission to create knowledge map on kms module
  • kms:knowledgeMap:updateStatus : will give permission to update the status of knowledge map on kms module
  • kms:knowledgeMap:* : will give full permission on knowledge map on kms module
  • kms:* : will give full permission on kms module

Permission Groups

  • Permissions are grouped to make assignment easier
  • Permission group will be assigned to user based on the organization the user registered
  • Only Super Admin can create, update and delete permission groups
  • Organization owner can assign permission groups to organization members
  • Example :
    PermissionGroup AGroup BGroup C
    kms:knowledgeMap:*✔️
    kms:knowledgeMap:create✔️
    kms:knowledgeMap:update✔️
    kms:knowledgeMap:delete✔️
    kms:knowledgeMap:list✔️✔️
    kms:knowledgeMap:detail✔️✔️

Stories

Authenticatioin

  • User can sign up
    • With email address. Confirmation code will be sent to email address
    • With Google Federation
  • User can sign in
    • With email and password. Use confirmation code sent to email as password on first sign in and enter new password afterward
    • With Google Federation
    • Reditect to User Profile page after successfuly sign in

List Permissions

  • Super Admin can list all permissions
  • Super Admin can filter the list
  • The list is sorted by permission name

Create Permission

  • Super Admin can create permission by entering permission and description
  • Permission is mandatory and unique
  • Permission is stored as string organized by module, entity and action separated by colon (:)
  • Description is optional

Update Permission

  • Super Admin can update permission
  • Only the permission description can be updated

Delete Permission

  • Super Admin can delete permission
  • Only permissions that have not been registered to any permission group can be deleted

List Permission Groups

  • Super Admin can list all permission groups
  • Super admin can filter the list by permission group name
  • The list is sorted by permission group name

Create Permission Group

  • Super Admin can create permission group by entering group name and list of permissions

Update Permission Group

  • Super Admin can update permission group
  • Group Name can be updated
  • Update list of permission by adding and/or removing list from list of available permission

Delete Permission Group

  • Super Admin can delete permission group
  • Only permission group that have not been assigned to any user can be deleted

User Profile

  • User can update profile
    • Name
    • Photo
    • Password
  • User can create organization by entering organization name, logo, and description
  • User can create more than one organization
  • User can see list of organizations he/she owned
    • Can select one of organization to open the organization detail
    • Can invite new members by entering the email address of the user to be invited
  • User can see list of invitations received
    • Can accept the invitation and become organization member
    • Can reject the invitation
  • User can see list of organizations where he/she is registered as member
    • Can select one of organization active organization
    • Can select one of organization as default organization so that the organization will be automatically selected as active organization when user signed in
    • Can leave the organization where the user is registered

Organization Detail

  • Organization owner can see list of invited users
    • Can filter the list by email address
    • Can remove or cancel the invitation
  • Organization owner can see list of organization members
    • Can filter the list by email address of member
    • Can assign permission groups to each member
    • Can remove member
  • Organization owner can delete organization

Made with ❤️ by Bagubagu Studio

Copyright © 2023 PT Synergo Indonesia