Role Based access in the Educational environment

The university has 5 different roles that a user can be assigned to. We do not want 5 different accounts but a single identity. The roles are

  • Student
  • Staff
  • Faculty
  • Alumni
  • Parent

There will be one HR feed and one HR record for a user.

EmplyID Status Name StudentDept StaffDept FacultyDept AluminiDept
1234 Active Jane Moore Business Administration Business Social Studies
1235 Active Sam Trent Finance Business

There are 2 user attributes that will be affected by the role of the user.

  • Email: There are different email domains depending on the role. Staff and faculty will be the same domain.
  • Department

There will be a priority matrix depending on role and attribute

Attribute Student Staff Faculty Alumni Parent
Email 3 2 1 4 5
Department 3 1 2 4 5

There will be a Role matrix Effective Start date table

Name EmplyID Student Staff Faculty Alumni Parent
Jane Moore 1234 4/13/2016 5/13/2016 2/13/2017 2/13/2015 7/13/2017
Sam Trent 1235 4/15/2015 2/13/2011

Jane Moore

  • A student
  • Currently a Staff
  • Currently Adjunct faculty
  • Graduated from the University in 2015. Did a 1 year part-time certificate course.
  • Has a child who is a student since 2017

Sam Trent is

  • Currently a Staff
  • Graduated from the University 2011

There will be a Role matrix effective End date table

Name EmplyID Student Staff Faculty Alumni Parent
Jane Moore 1234 6/13/2017 4/15/2017
Sam Trent 1235 4/15/2016

The university

  • Ends Alumni role if there is 2 years of no Alumni activity

Jane is

  • Not an Active Alumni

Sam

  • Was an Adjunct faculty
  • Is an active alumni

Role logic

We will consider the following factors in compiling the Role logic

  • Newest effective date
  • Role priority
  • HR Status
  • Termination Date