User and Rights Management

This is where administrative users with exclusive rights can decide the roles and the actions that other users can play and perform in questionnaire management processes.

In particular, these users can:

• browse existing users.

  This is a routine activity and provides a summary view of the user population, particularly who can do what in questionnaire management processes.

  Typically, the activity is supported by a range of filtering and search mechanisms.

• grant and revoke permission to and from users.

  Actions that trigger processes correspond to permissions, either over the whole system (e.g. create a specification), whole classes of resources (edit all specifications), or individual specifications, campaigns, and questionnaires (e.g. edit the agrprod specification).

  The system relies on the permissions of the current user to authorize or deny the corresponding actions, or else to increase or reduce the visibility of resources.

• assign and remove roles to and from users.

  The actions performed by users in questionnaire management are often correlated and identify consistent and well-defined usage profiles: the design of specifications, the administration of a campaign, the filling of a questionnaire, etc. These actions can be assigned to users at once as roles: administrator, manager, designer, and editor.

  Roles are a convenience for right management, and are not used by the system to authorize actions or filter resources. Authorization remains fine-grained and based excusively on permissions, possibly implied by roles.

  The system's solution to user and rights management transcends the context of questionnaire management. Permissions are defined only on datasets and roles are replaced by groups (permissions are assigned to groups and inherited by any user in the group). Permissions on arbitrary selections are supported.

  Within this general framework, the system does not currently restrict the creation of questionnaires and questionnaire specifications to administrators, though it keeps track of the acting user and associates it with resources. Questionnaire loading and ingestions are then subjected to the privileges of the recorded user over the target dataset and dataset selection.

  Overall, the system follows its standard authorization for input/ouput operations and introduces no specific arrangements for questionnaire management.