DSGV model descriptions: user

2019-03-14 18:04:32 +01:00 · 2019-03-14 18:04:32 +01:00 · 7fe091b1ff
commit 7fe091b1ff
parent 26375b1140
2 changed files with 96 additions and 43 deletions
--- a/RoleDescriptions.txt
+++ b/RoleDescriptions.txt
@ -0,0 +1,42 @@
+Most roles are school dependent, i.e. a lecturer for the Math-department can only create new lectures that have Math-department in their school field.
+
+
+Administrator for a school
+- top-level rights, can access everything other roles can within the same school
+- restrictions only apply to routes containing a different school; then no special rights are given
+- may appoint further administrators and lecturers for his school
+- all school-independent routes, such as help-requests and user-list are accessible
+- can impersonate any other user with lesser rights, i.e. lecturers within same school, all students, etc.
+- a user can be administrator for more than one school
+
+
+Lecturer for a school
+- can create courses for their school for all active terms
+- can view participants of his courses and record notes for participants
+- can create sheets for their courses
+- can view homework submissions for his courses, including marks and plain user-names
+- can mark homework
+- may appoint correctors for sheets belonging to his courses
+- may assign submitted homework to correctors
+- a user can be lecturer for more than one school
+- all rights correctors for his courses have
+
+
+Corrector for a sheet
+- may download their assigned anonymous homework submissions (submissions are identify through crypto-ids, no user-names)
+- may upload corrected and marked homework submissions for their assignments
+- may always download solution and sheet description files for their sheet, ignoring deadline constraints
+
+
+User (logged-in)
+- all logged-in users may use this role
+- no special school restrictions
+- may enrol in courses from any school
+- may submit homework for marking in enrolled courses
+- all rights that not logged-in users have
+
+
+User (not logged-in)
+- can view course descriptions
+- can download course materials from courses that allow this for all un-enrolled users
+- can requests help from administrators
--- a/models/users
+++ b/models/users
@ -1,53 +1,64 @@
-- Some comments needes
-User json
-    ident          (CI Text)
-    authentication AuthenticationMode
-    lastAuthentication UTCTime Maybe
-    matrikelnummer Text Maybe
-    email          (CI Text)
-    displayName    Text            -- we always show the LDAP displayName only, but highlight the LDAP surname within (or appended if not contained)
-    surname        Text            -- Name displayed through 'nameWidget displayName surname' which highlights surname within displayName
-    maxFavourites  Int default=12  -- Number of last used course names to be remembered for quick links for convenience
-    theme          Theme default='Default'
-    dateTimeFormat DateTimeFormat "default='%a %d %b %Y %R'"
-    dateFormat     DateTimeFormat "default='%d.%m.%Y'"
-    timeFormat     DateTimeFormat "default='%R'"
-    downloadFiles  Bool default=false          -- Files should be opened in browser or downloaded
-    mailLanguages  MailLanguages default='[]'
-    notificationSettings NotificationSettings  -- Bit-array for which events email notification is requested by user
-    UniqueAuthentication ident
-    UniqueEmail email
-    deriving Show Eq Generic
-UserAdmin
+-- The files in /models determine the database scheme.
+-- The organisational split into several files has no operational effects.
+-- White-space and case matters: Each SQL table is named in 1st column of this file
+-- Indendent lower-case lines describe the SQL-columns of the table with name, type and options
+-- Nullable columns have "Maybe" written after their type
+-- Option "default=xyz" is only used for database migrations due to changes in the SQL-schema, also see Model.Migration
+-- Indendent upper-case lines usually impose Uniqueness constraints for rows by some columns.
+-- Each table will also have an column storing a unique numeric row key, unless there is a row Primary columnname
+--
+User Json    -- Each Uni2work user has a corresponding row in this table; created upon first login.
+    ident          (CI Text)                -- Case-insensitive user-identifier
+    authentication AuthenticationMode       -- 'AuthLDAP' or ('AuthPWHash'+password-hash)
+    lastAuthentication UTCTime Maybe        -- last login date
+    matrikelnummer Text Maybe               -- optional immatriculation-string; usually a number, but not always (e.g. lecturers, pupils, guests,...)
+    email          (CI Text)                -- Case-insensitive eMail address
+    displayName    Text                     -- we only show LDAP-DisplayName, and highlight LDAP-Surname within (appended if not contained)
+    surname        Text                     -- Display user names always through 'nameWidget displayName surname'
+    maxFavourites  Int default=12           -- Number of last used course names to be remembered for quick links for convenience
+    theme          Theme default='Default'  -- Color-theme of the frontend, chosen by user
+    dateTimeFormat DateTimeFormat "default='%a %d %b %Y %R'" -- preferred Date+Time display format for user
+    dateFormat     DateTimeFormat "default='%d.%m.%Y'"       -- preferred Date-only display format for user
+    timeFormat     DateTimeFormat "default='%R'"             -- preferred Time-only display format for user
+    downloadFiles  Bool default=false          -- Should files be opened in browser or downloaded? (users often oblivious that their browser has a setting for this)
+    mailLanguages  MailLanguages default='[]'  -- Preferred language for eMail; i18n not yet implemented
+    notificationSettings NotificationSettings  -- Bit-array for which events email notifications are requested by user
+    UniqueAuthentication ident                 -- Column 'ident' can be used as a row-key in this table
+    UniqueEmail email                          -- Column 'email' can be used as a row-key in this table
+    deriving Show Eq Generic                   -- Haskell-specific settings for runtime-value representing a row in memory
+UserAdmin      -- Each row in this table grants school-specific administrator-rights to a specific user
    user   UserId
    school SchoolId
-    UniqueUserAdmin user school
-UserLecturer
+    UniqueUserAdmin user school       -- combination of user+school must be unique, i.e. no duplicate rows
+UserLecturer   -- Each row in this table grants school-specific lecturer-rights to a specific user
    user   UserId
    school SchoolId
-    UniqueSchoolLecturer user school
-StudyFeatures  -- Abschluss, Studiengang, Haupt/Nebenfachh und Fachsemester
+    UniqueSchoolLecturer user school  -- combination of user+school must be unique, i.e. no duplicate rows
+StudyFeatures  -- multiple entries possible for students pursuing several degrees at once, usually created upon LDAP login
    user          UserId
-    degree        StudyDegreeId
-    field         StudyTermsId
-    type          StudyFieldType
+    degree        StudyDegreeId   -- Abschluss, i.e. Master, Bachelor, etc.
+    field         StudyTermsId    -- Fach, i.e. Informatics, Philosophy, etc.
+    type          StudyFieldType  -- Major or minor, i.e. Haupt-/Nebenfach
    semester      Int
-    updated       UTCTime default='NOW()' -- zuletzt als gültig gesehen
-    valid         Bool default=true
+    updated       UTCTime default='NOW()' -- last update from LDAP
+    valid         Bool default=true       -- marked as active in LDAP (students may switch, but LDAP never forgets)
    UniqueStudyFeatures user degree field type semester
    -- UniqueUserSubject ubuser degree field -- There exists a counterexample
 StudyDegree   -- Studienabschluss
-    key           Int
-    shorthand     Text Maybe
-    name          Text Maybe
-    Primary key
+    key           Int            -- LMU-internal key
+    shorthand     Text Maybe     -- admin determined shorthand
+    name          Text Maybe     -- description given by LDAP
+    Primary key                  -- column key is used as actual DB row key
 StudyTerms    -- Studiengang
-    key           Int
-    shorthand     Text Maybe
-    name          Text Maybe
-    Primary key
-StudyTermCandidate
-    incidence     UUID     --random id per login to associate matching pairs
-    key           Int
-    name          Text
-    deriving Show Eq Ord
+    key           Int            -- LMU-internal key
+    shorthand     Text Maybe     -- admin determined shorthand
+    name          Text Maybe     -- description given by LDAP
+    Primary key                  -- column key is used as actual DB row key
+StudyTermCandidate    -- No one at LMU is willing and able to tell us the meaning of the keys for StudyDegrees and StudyTerms.
+    -- Each LDAP login provides an unordered set of keys and an unordered set of plain text description with an unknown 1-1 correspondence.
+    -- This table helps us to infer which key belongs to which plain text by recording possible combinations at login.
+    -- If a login provides n keys and n plan texts, then n^2 rows with the same incidence are created, storing all combinations
+    incidence     UUID     -- random id, generated once  per login to associate matching pairs
+    key           Int      -- a possible key for the studyTermName
+    name          Text     -- studyTermName as plain text from LDAP
+    deriving Show Eq Ord