User & Permissions improvement plan - July 25 2017

Nick Reid, Josh ZamorChongsun Ahn

We met to address the current state of loading a user, getting the user's permissions, all the users programs, facilities, etc.

We found that overall we have a lot of overlap in the current endpoints.

Current plan:


User's permission strings is under development in sprint 31, we want to schedule work in sprint 32 to use these in the UI


make a new users/{id}/facilities resource - it will include home and supervised facilities, current endpoint users/id/supervisedFacilties is to be phased out


change /user/{id}/programs to be home and supervised programs (we'll keep the exisiting forHomeFacility query param, and not change representation)


start using permissions strings in UI (see #1)

    1. phase out using the roleAssignments api call and the role assignments returned currently as apart of a user
    2. phase in using the result of this list, which has program and facility ids for each named right, and using the result of the #2 and #3 when we need a program or facility name (link based on ID)

After the above occurs we'd like to try to improve the /api/users resources performance by removing:

  • break /users/{id} to only include home facility id
  • remove role assignments from /users.  Move managing the role assignments for a user to a new resource or sub-resource.
    • might be difficult to do with JPA
    • will require clients to have migrated to the aforemention strategy
    • will require changes in the administrator screen to edit a user and his or her role assignments