-
Notifications
You must be signed in to change notification settings - Fork 0
Software Requirements Specifications
Ahmed Gamal edited this page Aug 16, 2023
·
1 revision
first step SRS: software requirements specifications, this document
UI Flow may need some design (Figma, learn UI/UX). UI Flow will typically need a design not a description
Viewing in general is accessbile by all roles
fbo-aidx-vxv - Aug 13, 2023 - Google Jamboard
define shared components: text boxes, headers, footers,etc ….
delete screenshots for now, use your own designs
→ MVP :
- Visualization of roles, policies, and permissions
- implement dynamic(change roles in realtime) RBAC with GUI support
- Run tests after a saved accepted change
- ABAC: set of users with common attributes from the JWT, define in the data.json for example attributes, GUI support
- Policy Based: users can write their own policy code
| Name | Access to the dashboard |
|---|---|
| Description | Integrate SSO with the dashboard |
| User Type/Name | Admins - Moderators |
| UI Flow | Login - SSO only |
- Admin: has all the privileges, developer or non-developer
- Moderator: POs or anyone related, generally a non-developer, generally read or view only
- Developers: irrelevant for now
2nd document design document specifications: how to achieve use cases from an engineering pov both front and back
sequence and dataflow diagrams, data models for node server
# software requirements specificationsfirst step SRS: software requirements specifications, this document
UI Flow may need some design (Figma, learn UI/UX). UI Flow will typically need a design not a description
Viewing in general is accessbile by all roles
[fbo-aidx-vxv - Aug 13, 2023 - Google Jamboard](https://jamboard.google.com/d/1d0KRrTNRARoEcod76ZQmz5brYPJYMbFGY6DkMNofKws/viewer?pli=1&mtt=7b6volf9zysg&f=1)
define shared components: text boxes, headers, footers,etc ….
delete screenshots for now, use your own designs
→ MVP :
- Visualization of roles, policies, and permissions
- implement dynamic(change roles in realtime) RBAC with GUI support
- Run tests after a saved accepted change
- ABAC: set of users with common attributes from the JWT, define in the data.json for example attributes, GUI support
- Policy Based: users can write their own policy code
| Name | Access to the dashboard |
|---|---|
| Description | Integrate SSO with the dashboard |
| User Type/Name | Admins - Moderators |
| UI Flow | Login - SSO only |
important
| Name | Display Roles |
|---|---|
| Description | Need to implement a UI to properly display available roles and their descriptions |
| User Type | Admins - Moderators |
| UI Flow | Role Viewing |
important
| Name | Display resources |
|---|---|
| Description | Need to implement a UI to properly display available recourses and their scopes. |
| User Type/Name | Developers, Admins and Moderator |
| UI Flow | Resource Viewing - also shows actions and attributes |
important
| Name | Display permission |
|---|---|
| Description | Need to implement a UI to properly display available permissions and the involved roles and resources |
| User Type/Name | Developers, Admins and Moderator |
| UI Flow | Policy Editing - A table with resource scopes as rows and roles as columns with a checkbox |
import
| Name | (Add Delete update) role |
|---|---|
| Description | Need to implement a UI to properly (Add Delete update) role |
| User Type/Name | Admins - Moderators |
| UI Flow | Role Creation |
| Non-functional requirements | Reflect change to the data store in real time in no more than 5 minutes |
impport
| Name | Add/Delete/Update Resource |
|---|---|
| User Type/Name | Admins - Moderators |
| Description | Need to implement a UI to properly (Add and Delete updated) resources |
| UI Flow | Resource Creation |
| Non-functional requirements | Reflect change to the data store in real time in no more than 5 minutes |
| Name | (Add Delete update) scope (action) |
|---|---|
| Description | Need to implement a UI to properly (Add Delete update) scope |
| User Type/Name | Admins - Moderators |
| UI Flow | New Action - Actions are linked to resources , and thus adding /updating an action will be accessible from the resources tab |
| Non-functional requirements | Reflect change to the data store in real time in no more than 5 minutes |
| Name | (Add Delete update) permission. |
|---|---|
| Description | Need to implement a UI to properly (Add Delete update) permission |
| User Type/Name | Admins - Moderators |
| UI Flow | Policy Editing - Table is interactive, with checkboxes to add or delete permissions |
| Non-functional requirements | Reflect change to the data store in real time in no more than 5 minutes |
imprt
types of attributes:
- resource(object) attributes
- user(subject) attributes
- action attributes
- environment attributes
in permit.io:
- resource attributes
- user attributes
- user set: basically a complex role: for example clearance level > 5 AND years of experience > 3
- resource set :
Possible approaches:
- the first approach is to implement ABAC without GUI support, by retrieving user attributes and environment attributes from the authentication token
- Do not store users in the node server accompanying OPA
- Only store policy rules and resource Attributes
- the second approach is to follow permit.io’s flow and implement user and resource sets, this will require thinking of a way to represent the relations as policy
| Name | (Add Delete update) attribute. |
|---|---|
| Description | Need to implement a UI to properly (Add Delete update,) attribute |
| User Type/Name | Admins - Moderators |
| UI Flow | |
| Non-functional requirements | Reflect change to the data store in real time in no more than 5 minutes |
| Name | (Add Delete update) attribute to resources. |
|---|---|
| Description | Need to implement a UI to properly |
| to map attribute to resources | |
| User Type/Name | Admins - Moderators |
| UI Flow | |
| Non-functional requirements | Reflect change to the data store in real time in no more than 5 minutes |
| Name | change permission of the user based on the attributes. |
|---|---|
| Description | Need to implement a UI to properly |
| to deny some user based on | |
| (environment, user, resource) attributes | |
| User Type/Name | Admins - Moderators |
| UI Flow | |
| Non-functional requirements | Reflect change to the data store in real time in no more than 5 minutes |
| Name | (Write edit delete) policy. |
|---|---|
| Description | Need to implement a UI to properly (Add Delete update) policy |
| User Type/Name | Admins - Moderators |
| UI Flow | make something like an online IDE to write Rego code. |
| Non-functional requirements |
| Name | Activity Log |
|---|---|
| Description | We need to list the acitivity done by a certain user. May look into having the admin get a log of all users under him |
| User Type/Name | Admins - Moderators |
| UI Flow | Activity Log |
| Non-functional requirements |
- Admin: has all the privileges, developer or non-developer
- Moderator: POs or anyone related, generally a non-developer, generally read or view only
- Developers: irrelevant for now
2nd document design document specifications: how to achieve use cases from an engineering pov both front and back
sequence and dataflow diagrams, data models for node server