Use Case 13 - User Authorization
- Revisions
- View document revision history.
- Goal
- Determine if a user is authorized to perform some action on an object (e.g.
get, put, query, delete, ...).
Summary
User authorization is the process followed to determine if the authenticated
user is permitted to perform some operation. The result will always be True
or False.
Note: Need to define which objects require access control / authorization
- Actors
- User
- Client application
- Member Node
- Coordinating Node
- Preconditions
- User is at some level of authentication (may be anonymous or logged in)
- Triggers
- User is requesting some operation to be performed on an object
- An operation acting as a proxy for a user performs some operation on an
object
- Post Conditions
- The operation continues if the user is authorized or terminates raising an
unauthorized exception.
Figure 1. Interactions for use case 13.