Permissions represent fine grained actions that can be mapped to functionality within a given system. Permissions are scoped to Namespace|keyword=Namespace which roughly correlate to modules or sections of functionality within a given system. A developer would code authorization checks in their application against these permissions. Some examples would be: 'canSave', 'canView', 'canEdit', etc. Permissions are aggregated by Roles|keyword=Role. Permissions can be maintained at runtime through a user interface that is capable of workflow; however, developers still need to code authorization checks against them in their code, once they are set up in the system.
Attributes
• Id - a system generated unique identifier that is the primary key for any Permission record in the system
• Name - the name of the permission; also a human understandable unique identifier
• Description - a full description of the purpose of the Permission record
• Namespace - the reference to the associated Namespace|keyword=Namespace
Relationships
• Permission to Role|keyword=Role - many to many; this relationship ties a Permission record to a Role that is authorized for the Permission
• Permission to Namespace|keyword=Namespace - many to one; this relationship allows for scoping of a Permission to a Namespace that contains functionality which keys its authorization checking off of said