Skip to end of metadata
Go to start of metadata

Access control is derived from the KIM databases through the services supplied in Rice. KSA extends this functionality a little to allow roles to also translate to access to certain transaction types. In this way, transaction types, or more generally, groups of transaction types can be limited to certain roles on the system.
The only persisted entity of Access Control is this roles/transaction type permission table. All other Access Control classes within KSA are non-persisted, as they rely on KIM databases.
This is a standard KSA auditable entity.
See also ACCESS_LEVEL on the INFORMATION table for other permission-based functionality.


Table: TRANSACTION_MASK_ROLE

This table relates KIM roles to KSA transaction types, or transaction type masks.

Column

Description

ID

Autonumbered primary key.

NAME

Name of the role/relationship.

DESCRIPTIONS

UI-based description of the relationship.

ROLE_NAME

The identifier of the KIM role that is implicated in this relationship.

TYPE_MASK

Mask or actual transaction code. This is a Java regular expression that will be matched to the transaction codes (TRANSACTION_TYPE) within the KSA system. Any user with a role of (KIM_ROLE_ID) can use all transaction codes that match with the pattern in this field.

Block Types and Overrides

Table: ACNT_BLOCK_OVERRIDE

Stores block override information.

Column

Description

ID

Autonumbered primary key.

ACNT_ID_FK

Account to which the override is applied.

CREATOR_ID

Creator of the override.

CREATION_DATE

Date/time stamp of creation.

EXPIRATION_DATE

Date/time stamp of expiration of override.

BLOCK_TYPE_ID_FK

Pointer to the block type that is overridden. This can be null if this is an administrative override.

REASON

Human readable reason why the block was overridden.

RULE_ID_FK

Link to the rule that this override will dis-apply. If multiple rules need to be overridden, then multiple overrides will be supplied.

ENABLED

If true, all blocks on the account are suspended.

  • No labels