fineract-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Nayan Ambali <nayan.amb...@gmail.com>
Subject Re: Managing groups|users|roles|permisions
Date Fri, 05 Aug 2016 04:21:58 GMT
Hello Sendoro,

MIfos X platform uses similar concept, permissions are mapped to a role and
then role is mapped to user, if you remove the role from a user then user
will loose all the permissions associated with that role.

You can find the documentation at
https://mifosforge.jira.com/wiki/display/docs/Manage+Roles+and+Permissions

-
Nayan Ambali

On Fri, 5 Aug 2016 at 05:59 <sendoro@singo.co.tz> wrote:

> Dear Team,
>
>
> Presentation by Adhyan remind me a critical issue that was faced by SAP
> - ERP. on managing user's permission.... "Please apologies for my
> ignorance"
>
> I wonder to know how it is happen in Mifos/Fineract
>
> Best Practices is as follows.
>
> Users - e.g. Ed, Sendoro, Emmanuel etc
>
> Groups -  in organization, you may have group of people who are supposed
> to play same roles.
>
> Roles - e.g. Cashier, Credit Officer, document verifier etc.
>
> Permissions - e.g can Approve/reject loans, create loans etc...
>
>
>
> Best Practices Scanerios.
> -------------------------------
>
> Permissions are assigned to roles and never directly to the users/groups
>
> Roles - Assigned to Groups and never directly to users, this means
> whenever a user is removed from a group automatically he has missed all
> privileges/permissions of the groups and whenever user get to a group
> s/he automatically get all roles and privileges in that group
>
> Groups contains users:
>
> Advantages
> -it mitigate the risk on leaving a certain privileges to user even if it
> was supposed to have been removed et.
> -it maintain scalability and integrity of this key and probably risk
> area...
>
>
>
> Is this how it is being done now? Anyone can direct me to documentation
> of this module?
>
>
> Thanks
> Sendoro
>
>
>
>
>

Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message