Task #19315: Segregation of User Access on MAWB - Screen - FFA - Redmine

Task #19315

📌 Objective 

 Implement user-level access control on the MAWB → House (HAWB) screen to restrict visibility and interaction based on ownership and defined permissions. 

 🔹 Functional Requirements 
 1️⃣ Basic User Access Rule 

 A basic user should: 

 Be able to click and fully view only the Houses (HAWB) created by him/her. 

 See all HAWB records listed on the screen(Tree View List). 

 If attempting to open a restricted HAWB, a popup alert message should be displayed: 

 “Access Restricted – You are not authorized to view this House.” 

 2️⃣ Introduce New Field: Access Type 

 Add a new field on House (HAWB): 

 Field Name 	 Type 	 Description 
 Access Type 	 Boolean (Public / Private) 	 Determines if the House is accessible to all users or restricted 

 Public (False) → Accessible to all users within the tenant. 

 Private (True) → Access restricted based on defined Access List. 

 3️⃣ Private Access Logic 

 If Access Type = Private: 

 Enable a new field: Access List 

 This field: 

 Should be a multi-select dropdown 

 Displays list of users within the same tenant 

 Allows selecting specific users who are authorized to access the House 

 Should only be editable when Access Type = Private 

 Should be mandatory when Private is selected 

 Access Validation Rule: 

 When a user attempts to open a Private HAWB: 

 System checks: 

 If user is the creator → Allow 

 If user exists in Access List → Allow 

 Otherwise → Deny access with popup message 

 4️⃣ New Authority: “Admin View All” 

 Introduce a new user authority/role: 

 Authority Name 	 Description 
 Admin View All 	 User can view and access all Houses regardless of Access Type 

 If a logged-in user has this authority: 

 Bypass all access restrictions 

 Can view and open all HAWB records 

 No popup restriction applies 

 🔹 UI Behavior Summary 
 Scenario 	 Expected Result 
 Public House 	 Accessible to all users 
 Private House – Creator 	 Accessible 
 Private House – User in Access List 	 Accessible 
 Private House – User not in Access List 	 Show popup – Access Restricted 
 User with “Admin View All” authority 	 Full access to all records 
 🔹 Technical Considerations 

 Add new column to HAWB table: ACCESS_TYPE 

 Add relation table: HAWB_ACCESS_USERS 

 Authority to be defined in user role/permission configuration 

 Backend validation mandatory (not only UI restriction) 

 Ensure filtering does not impact existing reporting or API endpoints

Back

Project

General

Profile

FFA

Task #19315