Access - Tokens

From Cyclos4 Wiki
Jump to: navigation, search

Description

A token represents an identifier. It can be associated to a user so that the latter can be referenced by providing this value. Common types of tokens: NFC, RFID, bar codes and swipes.

Business rules

Tokens are managed by users themselves, or by admins / brokers. They have a status, which can be:

  • Unassigned: Means it is not assigned to a user;
  • Pending activation: Once a token is assigned to a user it can be activated. Until the token is activated it remains in the pending activation state.
  • Activation expired: If the token isn't activated within a specified period of time, it shifts to the activation expired state. This state can be reverted by modifying the activation deadline.
  • Active: The token is operational.
  • Blocked: The token is temporarily blocked, and cannot operate.
  • Expired: The token has reached the expiry date. This state can be reverted by modifying the expiry date.
  • Canceled: The token has been canceled and this state cannot be reverted.


A token cannot have the same value as another unless they have different types.

A token can hide its value to the assigned member according to the setting defined in the token type.

Tokens can be imported, see: Imports_quick_steps#Token_import

Notifications

N/a

Page: Tokens

Will show in the menu one link per visible token principal type.

Security

Roles:

  • Administrator
  • Broker

View permission:

  • For admin / broker, needs to have view access over token type.

Page sections

Search page (filters)

Fields Type Rules
User User selection The user associated to the token
Activation date DatePeriodField Activation date range
Expiry date DatePeriodField Expiry date range
Status Multi selection The token status
Group Multi selection The groups of the users associated to the tokens.
Actions
Add Action button Opens the token details page to create a new token.

Search result (list*)

* Automatically shows all tokens of the selected type

Fields Type Rules
User Profile link The user associated to the token
Value / Label Text If NFC the label is shown. Otherwise, the token value.
Activation date Date The token activation date, blank if it has not been activated.
Expiry date Date The token expiry date, blank if it has no expiry date (because it has not been activated or it doesn't expire).
Status Text The token status


Page: User tokens

Will show in the user profile one link per enabled (and visible to admin/broker) token principal type

Security

Roles:

  • Admin
  • Broker
  • Member

View permission:

  • For admin / broker, needs to have view access over token type and the token type needs to be enabled for the user.
  • For member, the token type needs to be enabled.

Page sections

Search result (list*)

* Automatically shows all tokens of the selected type and user


Fields Type Rules
Value Text The token value
Activation date Date The token activation date, blank if it has not been activated.
Expiry date Date The token expiry date, blank if it has no expiry date (because it has not been activated or it doesn't expire).
Status Text The token status
Actions
Activate new Action button Only available for members that have permission to activate tokens of the selected type. Opens a window to input a the token value to be activated. The value should match an unassigned token or a token that has been assigned to the user but it's still pending to be activated. If the user performs ten invalid attempts to activate a token it will be disconnected, blocked and a user alert will be created. Tokens shouldn't follow sequential numbers to prevent an unwanted token activation.
Add Action button Only available for admins and brokers that have permission to create tokens of the selected type. Opens the token details page to create a new token of the selected type associated to the selected user.


Page: Token details

Security

Roles:

  • Member
  • Broker
  • Admin

Permissions: This page can be reached if the logged user is admin or broker and has the permission to view the type of token or the member has the token type enabled.

Page sections

Details page

Fields Type Rules
User User selection / Profile link Optional. The user assigned to the token. Once a user is assigned to a token it cannot be changed or unassigned. A profile link will be displayed after the token is assigned.
Value Text Required. Once the token is created the value cannot be changed.
Activate now Boolean Optional. Only available when creating a token that has an assigned user or assigning a user to a saved token. If checked, the user will be assigned and activated.
Status Text Read only. This field will display the token status.
Activation deadline Date / Text This field will be displayed once the token is assigned and until the token is activated. If the token is assigned but doesn't have an end for the activation period a text will be displayed saying that it doesn't have an activation deadline. If the logged user has the change dates permission over the token type then the date can be modified by changing at the date field or by clicking at the change activation deadline action button when it's a text. If the status of the token is activation expired then the admin/broker can restore the status to pending activation by changing this to a future date. The field can also be left blank to indicate that the activation period won't end.
Expiry date Date / Text This field will be displayed once the token is activated. If the token is activated but doesn't have an end for the active period a text will be displayed saying that it doesn't expire. If the logged user has the change dates permission over the token type and the token is not canceled, then the date can be modified by changing at the date field or by clicking at the change expiry date action button when it's a text. If the status of the token is expired then the admin/broker can restore the status to active by changing this to a future date. The field can also be left blank to indicate that it won't expire.
Actions
Save Action button Saves the token information.
Activate Action button Activates the token. Only visible for admin of broker that has the permission over the token type. Visible when the token has status: Pending activation.
Block Action button Blocks the token. Visible for admin, broker or member that has the permission over the token type. Visible when the token has status: Active.
Cancel Action button Cancels the token. Visible for admin, broker or member that has the permission over the token type. A token can be canceled at any time.
Change deadline Action button Only visible if the admin or broker has the change dates permission over the token type, has no activation deadline and the token status is one of the following: pending activation, activation expired. When this button is clicked a date field is displayed to enter an activation deadline.
Change expiry date Action button Only visible if the admin or broker has the change dates permission over the token type, has no activation deadline and the token status is one of the following: active, blocked, expired. When this button is clicked a date field is displayed to enter an activation deadline.