Permissions Management Workflow for Inbound Ops Team - department-of-veterans-affairs/caseflow GitHub Wiki

Granting Permissions

Organization Permissions can be given to users via the Organization Team Management page. Checkboxes for the permissions options come from the organization_permission table. This workflow was released with the Correspondence initiative as a way for organization admins to be able to grant Inbound Ops Team users different access levels to interacting with the correspondence workflow.

Permissions Table Structure

• The organization_permission table holds organization permissions
• organization_permission has a default_for_admin option that grants permission rights to an admin, even if the admin doesn't have a permission assigned to them
• Organization Users are assigned permissions via the organization_user_permissions table that joins organization_permissions to organization_users

Inbound Ops Team Permissions

1. Superuser: Split, Merge, Reassign - grants user ability to split, merge, and assign/reassign correspondences. This permission is defaulted for admin users of the Inbound Ops Team organization.
2. Auto-Assignment - allows correspondences to be auto assigned to Inbound Ops Team Users and Inbound Ops Team Superusers via the Auto Assignment algorithm.
3. Receive "NOD Mail" - Allows Inbound Ops Team users to work NOD correspondences. This permission is a child of the Auto Assign permission. Users that do not have this permission will not be assigned NOD mail by the Auto Assignment algorithm.

Backend User Checks

These Inbound Ops Team checks are found within the user.rb model and are used to define the user, superuser, and supervisor logic for the Correspondence workflow.

inbound_ops_team_supervisor?

inbound_ops_team_superuser?

inbound_ops_team_user?