...
perMIT
...
use
...
cases
...
Each
...
of
...
the
...
cases
...
below
...
should
...
be
...
a
...
link
...
to
...
a
...
document
...
that
...
includes
...
the
...
full,
...
detailed,
...
story
...
underlying
...
the
...
bullet
...
item.
...
The
...
detailed
...
document
...
for
...
each
...
case
...
should
...
also
...
include
...
a
...
reference
...
to
...
formal
...
diagrams.
...
- User
...
...
...
...
...
- to
...
- user
...
- Bob
...
- (
...
- ADD
...
- )
...
- User
...
...
...
...
...
- that
...
- user
...
- Bob
...
- currently
...
- has.
...
- (
...
- DELETE
...
- )
...
- User
...
- Catherine
...
- reviews
...
- the
...
- audit
...
- trail
...
- of
...
- permissions
...
- that
...
- Bob
...
- has
...
- had
...
- over
...
- time.
...
- (
...
- AUDIT
...
- )
...
- User
...
- Catherine
...
- reviews
...
- the
...
- audit
...
- trail
...
- of
...
- permissions
...
- that
...
- Alice
...
- has
...
- modified
...
- over
...
- time.
...
- (
...
- AUDIT
...
- )
...
- User
...
- Catherine
...
- views
...
- a
...
- report
...
- of
...
- all
...
- of
...
- the
...
- users
...
- that
...
- have
...
- a
...
- particular
...
- permission
...
- as
...
- of
...
- date
...
- MM/DD/YYYY.
...
- (
...
- REPORT
...
- /
...
- AUDIT
...
- )
...
- User
...
- John
...
- creates
...
- a
...
- data
...
- feed
...
- to
...
- populate
...
- a
...
- qualifier
...
- from
...
- an
...
- external
...
- source.
...
- (
...
- ADMIN
...
- )
...
- User
...
- Fred
...
- creates
...
- a
...
- data
...
- feed
...
- that
...
- sends
...
- permission
...
- data
...
- into
...
- the
...
- ERP's
...
- financial
...
- reporting
...
- subsystem.
...
- (
...
- REPORT
...
- /
...
- ADMIN
...
- )
...
- User
...
- Dave
...
- creates
...
- a
...
- data
...
- feed
...
- from
...
- an
...
- external
...
- system
...
- that
...
- controls
...
- an
...
- implied
...
- permission
...
- .
...
- (
...
- ADMIN
...
- )
...
- User
...
- Dave
...
- modifies
...
- an
...
- implied
...
- permission
...
- rule.
...
- (
...
- ADMIN
...
- ?)
...
- User
...
- Andrew
...
- modifies
...
- a
...
- qualifier
...
- type.
...
- (
...
- ADMIN
...
- )
...
- User
...
- Andrew
...
- creates
...
- a
...
- new
...
- function
...
- category
...
- to
...
- support
...
- a
...
- new
...
- application.
...
- (
...
- ADMIN
...
- )
...
- User
...
- Andrew
...
- creates
...
- a
...
- qualifier
...
- hierarchy
...
- associated
...
- with
...
- a
...
- new
...
- function
...
- category.
...
- (
...
- ADMIN
...
- )
...
- User
...
- Andres
...
- creates
...
- a
...
- new
...
- qualifier
...
- type.
...
- User
...
- Andrew
...
- modifies
...
- a
...
- function's
...
- parent/child
...
- relationship.
...
- (
...
- ADMIN
...
- )
...
- User
...
- Scott
...
- needs
...
- to
...
- create
...
- some
...
- design
...
- artificats
...
- while
...
- he
...
- is
...
- creating
...
- a
...
- new
...
- application
...
- that
...
- will
...
- use
...
- perMIT
...
- to
...
- manage
...
- permissions.
...
- (
...
- N/A
...
- )
...
- Copy
...
- Joe's
...
- authorizatoins
...
- in
...
- catagory
...
- X
...
- to
...
- Fred
...
- Move
...
- Joe's
...
- authorizations
...
- in
...
- category
...
- X
...
- to
...
- Fred
...
- create,
...
- delete,
...
- or update
...
- a
...
- function
...
- create
...
- or
...
- delete
...
- a
...
- function
...
- parent
...
- /
...
- child
...
- pair
...
- add
...
- or
...
- delete
...
- a
...
- qualifier
...
- of
...
- a
...
- specific
...
- qualifier
...
- type
...
- change
...
- a
...
- qualifier's
...
- parent
...
- change
...
- a
...
- qualifier's
...
- name
...
- (description)
...
- Floaf
...
- Joe's
...
- authorizations
...
- to
...
- expire
...
- on
...
- a
...
- given
...
- date
...
- central
...
- admin
...
- gives
...
- Joe
...
- authority
...
- to
...
- create
...
- auths
...
- ina
...
- given
...
- category
...
- (Makes
...
- Joe
...
- a
...
- "central"
...
- authorizer
...
- for
...
- an
...
- application
...
- area
...
- (aka
...
- category).)
...
- (Reporting)
...
- Look
...
- up
...
- authorizations
...
- for
...
- a
...
- person
...
- (reporting)
...
- Find
...
- everyone
...
- authorized
...
- to
...
- a
...
- do
...
- a
...
- given
...
- Function
...
- for
...
- a
...
- given
...
- Qualifier.
...
- (reporting)
...
- View
...
- "authorizations
...
- within
...
- a
...
- department"
...
- authorizatoins
...
- where
...
- the
...
- qualifier
...
- is
...
- limited
...
- to
...
- a
...
- given
...
- department
...
- authorizations
...
- for
...
- people
...
- having
...
- at
...
- least
...
- one
...
- authorization
...
- on
...
- a
...
- qualifier
...
- linked
...
- to
...
- a
...
- given
...
- department
...
- (reporting)
...
- View
...
- Authorizations
...
- granted
...
- by
...
- a
...
- given
...
- person
...
- (reporting)
...
- view
...
- two
...
- people's
...
- authorizations
...
- on
...
- the
...
- same
...
- screen
...
- for
...
- comparison
...
- (audit)
...
- authorizations
...
- modified
...
- (created,
...
- deleted,
...
- updated)
...
- by
...
- a
...
- person
...
- (audit)
...
- history
...
- of
...
- one
...
- person's
...
- authorizations
...
- (audit)
...
- history
...
- of
...
- autherizations
...
- enabling
...
- people
...
- to
...
- do
...
- function
...
- x
...
- on
...
- qualifier
...
- y.
- (admin) Add a new type of Primary Authorizer (PA) (add a new primary authorizer function in the meta category)
- (admin) Link a function to a PA function
- Give Joe and APEC for a PA-function and Qualifier (or dept).
- (admin) create, delete, or update a mater department (in the master department hierarchy)
- (admin) add or delete a link between a Master Department and an HR or Financial or Academic object.
- Create a rule of type 1a.
- Create a rule of type 1b.
- Create a rule of type 2a.
- Create a rule of type 2b.
- Activate a rule.
- Deactivate a rule.
- Create a new function group.
- Link a function to a function group.
- Create a qualifier subtype.
- Create a subtype_descedent_subtype.
- Link a qualifier subtype to a subtype_descedent_subtype.
- (System Activity) Evaluate a Rule.