Evgeny Pokhilko's Weblog

Programmer's den

EVPODC Getting Started Part 2 (Configuration)

When you first enter the application, you see the Queries menu (Figure 1). However it’s too early for making queries because we don’t have data yet.

configuration-01Figure 1

For the working system we need to create users, folders and routes. Then we’ll be able to create documents.

To create users we click Administration, then Users. We see that there are three existing users. They are builtin users. Don’t delete them. Unfortunately, the system allows you to delete anyone. Although the application behavior is unpredictable if you do so.

Say this is a development company and we have a team containing 2 developers, a requirement writer, a tester and a team leader. Please, note that the only field required is Login. You also need to fill in the email address if you want to use notifications. I am going to use them for this sample. So I created 5 new users as you can see in the DropDown list. (figure 2)

configuration-02Figure 2

Now we need to add the users to different security roles to restrict access because we don’t want all to see everything. We go to Administration / Roles. There are two builtin roles: Administrators and Users. All the new created users are included in the group Users by default. We can leave them as they are and add new roles. I want to create the following roles:

  • Requirement Department: Bill Johnson (requirement writer)
  • Quality Assurance: John Mayer (tester)
  • Developers: Kevin Black (developer), Stephen Smith (developer)
  • Managers: Dexter Brown (team leader)

See figure 3

configuration-03Figure 3

You might be asking: where are the permissions? The answer is that it’s too early for permissions. You confugure them for each folder and document type and we haven’t created neither. That’s what we are going to do now.

Go to Administration / Document Folders

This interface is easy to understand. When you input Folder Name and click Create New Folder, a subfolder is added in the folder that is selected on the left. For our scenario I create a complex folder structure (see figure 4) for the purposes of our sample.

configuration-04Figure 4

That’s how it looks like in the app (figure 5)

configuration-05

configuration-06

Figure 5

Now you see where permissions are. These are default permissions for Development Team folder. I assume I need to give you a clue about security settings in the app because it’s flexible but not clear at first sight. The security system is similar to the NTFS folder security and other known applications. Each security object, a folder in this case, has security settings for many security roles. In figure 5 we have settings for Administrators and Users because they are builtin roles. Each security role defined in the folder has a set of settings you can see under Users. I clicked href Users. That’s why we are viewing the settings for this role. As you can see Users have all permissions in new folders by default. Note that if a role is not in the role list, it doesn’t have access to the folders at all. So our new roles don’t have any permissions in the folder we look at but don’t forget that our users are members of the Users role. That’s why they can do eveyithing at the moment.

Let’s start from configuring the root folder Documents. For that you need to click the link at the very bottom of the page Root folder permissions…

In the root folder our team is going to store annual leave requests and equipment requests. These document types are useful for everybody. Therefore the rule is that everybody can create a document in this folder. People can also read documents of their collegues in the folder because we need them to plan vacations together. We don’t want to give access to equipment requests, but we’ll talk about that later because I am going to configure that in the document type permissions specifically for equipment requests. So the settings for the role Users in the Documents folder will be as in the figure 6.

configuration-07

Figure 6

According to the settings:

members of Users can:

  • create new documents (Create checkbox)
  • read other users’ documents (Read checkbox) including their own (Read own checkbox)
  • update their own documents (Update own)
  • see the folder on the list of folders (Browse). However, it is not applicable to the root folder because it’s never on the list of folders. You are always within in.

cannot:

  • udate others’ document (Update)
  • delete documents (Delete) including their own (Delete own).

The reason why we don’t allow the users to delete their own documents is because we want to guaranty that no annual leave request was deleted by a malicious employee.

It’s time to configure a role that is responsible for these documents and has more permissions. They are Managers. We add the role to the list and set the settings (see figure 7).

configuration-08Figure 7

These settings say that Managers can do everything in the folder. In fact they update when they accept request or reject it. They might delete document if it’s no longer needed. You got the idea of the folder security configuration.

Next thing we have to do is to create the document types equipment requests and annual leave requests. We need to go to Folders/DocumentTypes and click Create document type. The first tab of the document type form for equipment requests you can see in Figure 8.

configuration-09Figure 8

Note Prefix and Next number fields. Each document has a unique number. When you create the first document of this type, its number is going to be EQ00001. After that the next document of this type is going to be EQ00002 etc.

Next we fill in the route tab.

… the docs end here, I got bored of writing these and haven’t touched these since then. Let me know if you are interested in the continuation.

November 19, 2008 Posted by | .NET, ASP.NET, Workflow | , , | 2 Comments