A team member is being ask to produce Technical Use cases on a project. It seems to relate to creating test cases to describe the functions and exception handling of a particular API. An API that resolves user permissions for a given system.
Use Case just doesn't feel right here but I'm at a loss as to what exactly to prescribe. Activity Diagram or Sequence perhaps. Its just very strange to see in a UseCase the step where "Developer check if Method X is present.".
UC Name
Developer API and Policy Logic
Actors:
Developer, Developer Components, Security Service
Description:
The purpose of this use case is to document how Developer API and Policy Logic works confirming permissions for a user.
Pre-Conditions:
1. The Authorization Service is running successfully
2. The Security Service is running successfully
3. User connected to the network to access the DB in the respective environment (INT, QA, PROD)
Post-Conditions:
1. Return True or False for permissions aligned to a particular user
Triggers:
Developer confirms permissions for a particular user by using “HasPermissions” method.
Assumption
Existing application data is correct
Risk
Existing application data is incorrect
Rules
Developer has access to the network to access environment specific DB.
Main Flow (MF01):
Return Scope Tree Nodes (GetScopeTree)
Step
User Action
System Action
Developer confirms user permission by using the method: “HasPermissions(userId, permissionsId, scopetreenodeId)”
System configures IAuthZManagerFactory
N/A
System creates IAuthZManager to request user permissions
System request IAuthRepository to provide user permissions
IAuthRepository checks the service client memory cache for the user. If user exists in cache, steps 5 or otherwise 8.
Systems pulls user application permissions and scope tree nodes from cache.
System resets cache timer
System returns True or False for user – HasPermissions method. Note: Please refer Policy Logic Diagram for Permissions.
IAuthRepository invokes GetUserPermissions service – Please follow steps in “Permissions and Scope Tree Services – Return Scoped User Application Permissions” use case.
IAuthRepository invokes GetScopeTree service - Please follow steps in “Permissions and Scope Tree Services – Return Scope Tree Nodes” use case.
IAuthRepository invokes GetDefault service – Steps will be included in the Permissions and Scope Tree Services use case.
System will store Scoped User Permissions, Scope Tree Nodes, and Default Scope Tree information for the user in the service client memory cache.
brought to you by enabling practitioners & organizations to achieve their goals using: