Skip to end of metadata
Go to start of metadata

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 14 Next »

As we roll out the UC 4.0 platform including PlantUML, Unified Dictionary, API Access and more, we will be putting in place an initial set of permission-based roles to manage access to the application functionality.

While we are still in the early stages, the goal is to create a minimal set of roles. The roles could potentially expand as we learn more about customer usage.

Overview

We will grant access across all product areas including PlantUML, Glossary, and Dictionary with the following roles.

  1. Reader - read access to any content, both private and community. Will be able to perform collaborative tasks such as commenting and tagging.

  2. Editor - all capabilities of Reader, in addition can manage content (e.g., create, update, delete, publish …) for all account-owned content.

  3. Administrator - all capabilities of Editor, in addition can assign other administrators as well as manage other team members such as inviting others and assigning roles.

  4. Owner - all capabilities of Administrator and Billing Administrator, in addition can delete the account.

  5. Billing Administrator - manages subscriptions and billing.

  • Note:

    • The Billing Administrator is a special role where the billing contact will be defined on the subscription page and not assigned as a particular team member since this role will not have any other functional needs other than to view and update subscription, billing, and usage.

    • At a later state we might split out roles by product, but as of now that use case doesn’t seem logical. If a person is an editor of PlantUML diagrams, they will most likely be an editor for Dictionaries.

    • Community content can be read, commented on, voted on … but not changed unless owned by the account.

    • The concept of ownership needs to be fully fleshed out (person, account, org …), but not covered here.

    • The concept of how one can contribute to the community needs to be revisited (e.g. “known person”), but not covered here. Roles will allow the person to be an Editor, but steps still need to be taken to become a contributor.

    • When CCH and Mapper are added, additional roles may be added that focus on the approval process.

Product-specific Access

After analyzing the different jobs-to-be-done (JTBD), we identified the following access requirements:

  1. Actions: create, read, update, delete, tag, classify, publish, comment …

  2. Scope: specific object access (e.g., “glossary A”, “dictionary C”, “PlantUML Diagram 1” …)

  • Note:

    • in the short term, we will not implement scope, but will add later.

Discussion topic: Many modern SaaS applications include collaboration aspects where users can individually grant access to specific documents, diagrams … for others to comment on or edit. Scope and collaboration may end up being the same thing.

Functional Roles

Description of the two functional roles not taking scope into account at this time.

Role

Description

Actions

Comments

Reader

Read access to all account-owned content (PlantUML, Glossary, Dictionary …) whether private or community.

Read.

Collaboration capabilities such as commenting will be added later.

Editor

Edit access to all account-owned content (PlantUML, Glossary, Dictionary …) whether private or community.

All functional tasks (create, update, delete, publish …).

Administrator

Manages access to the application.

All functional tasks plus manage users (invite, revoke, remove …).

Owner

Manages all IT Infrastructure including SaaS applications.

All functional and administrative plus able to delete the account.

Billing

Manages all financial related topics including SaaS subscriptions.

Choose and pay for subscription.
Upgrade or downgrade existing subscription.

Administration and other tabs

Detail on the navigation tab

Role

Who can view/access?

Who can manage?

Details on permissions

Edit (personal profile)

Reader, Editor, Administrator, Owner, Billing

All can view and edit their personal profile.

Team

Reader, Editor, Administrator, Owner

Administrator, Owner

Add workspace

None

This is for UC employees ONLY

Workspace settings

Administrator, Owner

Administrator, Owner

Plans

Administrator, Owner

Administrator, Owner

Billing

Owner, Billing

Owner, Billing

This includes API

Glossary - Scope

Glossary may need to have Scope defined early on to ensure only specific users can access sensitive information. However, we won’t focus on that yet.

Jobs to Be Done (JTBD)

Below are the identified jobs that need to be done with their respective permission-based roles.

PlantUML

Persona

Task Name

Situation

Motivations

Input

Output

Permission-Role

Doer Dan

Search for, review, and download PlantUML diagrams

When I help a team with a process that includes compliance steps

I want to make sure we do all the right steps the first time.

Organized set of PlantUML diagrams

Set of files or hyperlinks updated on our SharePoint collaboration site.

Reader

Analyst Alberta

Create and manage PlantUML Diagrams

When I document my organization's processes.

I want to build out a set of diagrams documenting repeatable compliance processes that my director will love.

Process documentation.

Additional information like CCH content including CDOCs, audit questions … that is available in their existing CCH subscription.

Organized set of PlantUML diagrams ready for others to use.

Editor

Glossary

Persona

Task Name

Situation

Motivations

Input

Output

Permission-Role

Doer Dan

Search for, review, and read glossary terms.

When I help a team with any well-defined process

I want to make sure we do all the right steps the first time.

Organized set of glossaries and terms

Set of files or hyperlinks updated on our SharePoint collaboration site.

Reader

Analyst Alberta

Create and manage company glossaries.

When I document my organization's policies.

I want to build a set of repeatable compliance processes that my director will love.

Company policies.

A set of glossaries and terms ready for others to use.

Editor

Dictionary

Persona

Task Name

Situation

Motivations

Input

Output

Permission-Role

Doer Dan

Search for, review, and read dictionary terms.

When I help a team with a process that includes compliance steps.

I want to make sure we do all the right steps the first time.

Organized set of dictionaries and terms.

Set of files or hyperlinks updated on our SharePoint collaboration site.

Reader

Analyst Alberta

Create and manage a compliance dictionary.

When I document my organization's policies.

I want to build a set of repeatable compliance processes that my director will love.

Company policies

Other UCF tools and products

My organization's compliance dictionary with terms ready for use in corporate glossaries and in the mapping process.

Editor

Personas

Note: these will be moved out to the persona pages

Persona

Title

Role

Doer Dan

Operations manager

Supports all business departments in their operational tasks.

Analyst Alberta

Compliance Analyst

Junior or senior member of the compliance team.

  • No labels