Details
Assignee
UnassignedUnassignedReporter
Aaron NeslinAaron NeslinTester Assignee
Dennis BridgesDennis BridgesLabels
Priority
TBDDevelopment Team
ThunderjetTestRail: Cases
Open TestRail: CasesTestRail: Runs
Open TestRail: Runs
Details
Details
Assignee
Unassigned
UnassignedReporter
Aaron Neslin
Aaron Neslin
Tester Assignee
Dennis Bridges
Dennis Bridges
Labels
Priority
TBDDevelopment Team
Thunderjet
TestRail: Cases
Open TestRail: Cases
TestRail: Runs
Open TestRail: Runs
Created October 19, 2023 at 4:40 PM
Updated July 11, 2024 at 6:12 PM
Purpose:
84
Organizations - Currently, the ability to view interface credentials is all or nothing with permissions. We would like to be able specify at the interface level who has access to credentials. For example, for an organization, perhaps everyone can access the reports interface credentials, but only acquisitions managers should be able to access invoice/payment portal interface credentials for that same organization.
For Multi-institution organizations this would also be true. That certain organizations would have only certain people that should be able to see the confidential information. Particularly because organization are not just vendor organization
May want to restrict the credentials for specific interfaces (Payment portals or something with more restricted licensing) some of these portals contain more sensitive information than others. Generally those are stored other places.
Platforms are also created as organizations and creds associated with them can be more sensitive
User story statement(s):
As an acquisitions manager
I need to restrict viewing of interface log in credentials
So that I can keep the log in information secure
Scenarios:
Scenario: Create Restricted interface type
Given a tenant is configured with interface type
When a user views organization setting
and the user can make changes to organization settings
Then they can see interface types
and mark interface types as restricted
Scenario: Create permission View restricted interfaces credentials
Given there is a user
When the user is assigned permissions
Then the user can be given permission to view restricted interfaces credentials
Scenario: View restricted interfaces credentials
Given Given there is an interface
and the interface has a type that is marked as restricted
and a user has permission to view restricted interfaces
When a user views the interface
Then the user will be able to see interface credentials
Scenario: Prevent user from viewing restricted interface credentials
Given there is an interface
and the interface has a type that is marked as restricted
and a user does not have permission to view restricted interfaces
When a user views the interface
Then the user will not be able to see interface credentials