perMIT:

Reviewed part of current schedule:

Feb 27: (7 days)

  • Dev instance of Roles DB (done 3/6)
  • Schema review (started)
  • Draft of schema proposed changes (started 3/9)
  • Inventory and categorization of stored procedures (done 2/27)
  • Use cases (stories) (ongoing)
  • Draft of glossary (on going)

March 31: (22 days)

  • Inventory of inbound data feeds  (done 3/6)
  • Inventory of outbound data feeds
  • Dev instance of perMIT on MySQL
    • Tables / schema
  • Some stored procedure functionality completed (% TBD)
  • Some inbound data feeds completed (%TBD)
  • Documentation
  • Sample data creation
  • Unit testing

Does MySQL support synonyms or aliases? NO. It does support views.

Keep historical prefixes? OK.

RDB_T_PERSON:

Needs expansion to make it more generic. Use views to keep backwards & forward compatibility.

New table for generic agents?

1 - Dept_Code may be NULL or should match an existing department code.

2 - A = Active. I=inactive but an ASPEC with the subject still exists. A report gets sent out. After a month of inactivity, the ASPEC will be deleted. Need a configuration option to control the automatic deletion.

RDB_T_AUTHORIZATION

3 Descend. Yes by default. NO=Aspec does not apply to any of the child qualifiers. No currently used. Postpone this feature? Needs a write up: Dan't attach to "School of Science". Instead create a "School of Science HQ" and attach to that. Only link to leafs, not to nodes.

Future discussion:

Does the end user have the responsibility of granting the APEC to the correct username? Or do constrain the input?

Future discussion:

LOA requirements associated with an APEC?

Qualifiers can become inactive so that no new APSECs can be assigned. But there may still be APSCS defined in the system that reference the qualifier.

RBD_T_ATHORIZATION  ~= RDB_T_EXTERNAL_AUTH : could consolidate these into a single table, by adding some fields that indicate if the APSC is explicit or implied. Could create views to separate these and preserve the existing functionality.

Load paths:

1 = comes from a direct feed from outside system

2 = comes from a rule evaluation

Merge function and external function?

Add a new field to implied_authorization_rule: single function identifier so that this can be constrained to external function.  (Note merging external function and function). This will require a change  some stored procedures.

Rules may marked as effective or not (Y/N). If an existing rule is made ineffective, the current behavior is that each night all of the rules will be re-evaluated. This means that the following day the ASPECs that were a result of the rules will be been removed. Not currently using triggers.

Decision: keep function and function group tables separate, even though it would be possible to create a single table for these.

Need discussion about Cardinality of user identifiers

perMIT should have an internal identifier for each user, local to itself.

perMIT will need to be able to map these to external identifiers (e.g. campus ID #, campus user name, machine ID, ...)

Library Patron case - not a user. It's a subject that is based on some other criteria.


Large portions of the meeting notes are hand written on the printed diagram used for the discussion.

  • No labels