Use Case <tbd> Present User Information

for

EIE

Earth Science Information Exchange

Revision History

Michael Burnett

12/8/05

Initial Draft

0.1

1.Use Case Identification

1.1.Use Case Number

tbd

1.2.Use Case Name

Present User Information

2.Use Case Definition

This use case describes the interactions available to present user information.

2.1.Actors

• 1.User

2.2.Business Rules

• 1.User information will only be presented to authenticated user themselves and EIE Administrators. (i.e. – Users can’t see detailed info on other users).
• 2.Guest users can not see “My Info”.

2.3.Preconditions

• 1.User is registered with EIE.

2.4.Normal Flow

• 1.User opens EIE Portal and logs in. (See Alternate Flow 1 and Alternate Flow 2)
• 2.User navigates to “My Info” section. (Note: poor name!)
• 3.EIE presents page presenting User information. This page includes links for update and personalization.

2.5.Alternative Flows

1.EIE Administrator logs in, authentication rules still hold

• a.EIE Administrator logs in to EIE (See Alternate Flow 2)
• b.EIE Administrator navigates to “User Management”
• c.EIE presents “User Management” page, including a list of registered users.
• d.EIE Administrator selects an individual User, and chooses to “view” User info.
• e.Use Case continues with Step 3.

2.User not authenticated

• a.EIE logs the security violation.
• b.EIE returns a denied message to the user.
• c.Use case terminates.

2.6.Postconditions

2.6.1Normal Flow

• 1.None

2.6.2Alternate Flow 1

• 1.None

2.6.3Alternate Flow 2

• 1.Message is displayed, indicating a permission violation
• 2.EIE has logged the security violation.
• 3.Use case terminates.

2.7.Extension Points

• Personalization
• Update User Information

2.8.Special Requirements

Security requirements for visibility of user information

2.9.Assumptions

• 1.Users are guests by default

2.10.Notes

none

2.11.Issues

• 1.Do we log “View” events for metrics?
• 2.Is there a public view of user information? Can this be managed by group?