Use Case 00: Present User Information
From Earth Science Information Partners (ESIP)
Use Case <tbd> Present User Information
for
EIE
Earth Science Information Exchange
Revision History
Michael Burnett
12/8/05
Initial Draft
0.1
1.Use Case Identification
1.1.Use Case Number
tbd
1.2.Use Case Name
Present User Information
2.Use Case Definition
This use case describes the interactions available to present user information.
2.1.Actors
- 1.User
2.2.Business Rules
- 1.User information will only be presented to authenticated user themselves and EIE Administrators. (i.e. – Users can’t see detailed info on other users).
- 2.Guest users can not see “My Info”.
2.3.Preconditions
- 1.User is registered with EIE.
2.4.Normal Flow
- 1.User opens EIE Portal and logs in. (See Alternate Flow 1 and Alternate Flow 2)
- 2.User navigates to “My Info” section. (Note: poor name!)
- 3.EIE presents page presenting User information. This page includes links for update and personalization.
2.5.Alternative Flows
1.EIE Administrator logs in, authentication rules still hold
- a.EIE Administrator logs in to EIE (See Alternate Flow 2)
- b.EIE Administrator navigates to “User Management”
- c.EIE presents “User Management” page, including a list of registered users.
- d.EIE Administrator selects an individual User, and chooses to “view” User info.
- e.Use Case continues with Step 3.
2.User not authenticated
- a.EIE logs the security violation.
- b.EIE returns a denied message to the user.
- c.Use case terminates.
2.6.Postconditions
2.6.1Normal Flow
- 1.None
2.6.2Alternate Flow 1
- 1.None
2.6.3Alternate Flow 2
- 1.Message is displayed, indicating a permission violation
- 2.EIE has logged the security violation.
- 3.Use case terminates.
2.7.Extension Points
- Personalization
- Update User Information
2.8.Special Requirements
Security requirements for visibility of user information
2.9.Assumptions
- 1.Users are guests by default
2.10.Notes
none
2.11.Issues
- 1.Do we log “View” events for metrics?
- 2.Is there a public view of user information? Can this be managed by group?