SPECIFIC AUTHORIZATION FUNCTIONS(特殊登录功能)
原文
Problem description
The file Employee in a time registration and planning system contains personal data and indicates whether someone is a project leader, a supervisor, or an employee. An employee can be authorized to fulfill one or several of these roles. The combination of these roles determines which transactions the user can carry out. For example, only the project leader can add activities to a project, whereas other project members are not authorized to do this.
Should the file Employee be counted when determining the complexity of the transaction Add activities? After all, is this not a form of authorization?
Discussion
In order to be able to determine whether a user is allowed to carry out a certain transaction, the file Employee must be read. This is an internal logical file (not an FPA table) and should therefore be included in the count when determining the complexity of the transaction.
Solution
Include the file Employee as a referenced internal logical file when determining the complexity of the external input Add activities.
翻译
问题描述
时间登记和计划系统中的员工档案包含个人数据,并指示某人是项目负责人、主管还是员工。员工可以被授予一个或多个角色。这些角色的组合决定了用户可以执行哪些事务。例如,只有项目负责人可以向项目中添加活动,而其他项目成员无权这样做。
在确定添加事务活动的复杂性时,是否应计算员工档案?然后,这不是一种授权形式吗?
讨论
为了能够确定是否允许用户执行特定事务,必须读取员工档案。这是一个内部逻辑文件(不是FPA表),因此在确定事务复杂性时应包括在计数中。
解决方案
在确定外部输入添加活动的复杂性时,将员工档案作为参考的内部逻辑文件。