Application groups, their privileges and dashboards - saayam-for-all/docs GitHub Wiki

image

This visual illustrates the hierarchical structure of the platform’s Role-Based Access Control (RBAC) system. Each concentric circle represents a user role, with permissions expanding outward from Beneficiary to Super Admin. The roles are arranged based on their level of access and responsibility within the system.

Users are grouped into role specific groups - Beneficiaries, Volunteers, Stewards, Admins and Super Admins. These groups get roles with specific privileges. A given user can be in one or more user groups. When a user logs into the application, based on their group membership, they can access more than on dashboard.

  • Beneficiaries are the end-users who can submit and manage help requests, track their status, and communicate with volunteers. These users can file help requests for themselves and also file help requests for others. A Beneficiary Dashboard shows My Requests in one tab and Others Requests in another tab.
  • Volunteers assist beneficiaries by accepting and progressing requests, and can take on leadership roles. A Voluntary Dashboard shows all the help requests that are being managed by this logged in user. Logged in user could be the lead volunteer for some requests or he/she could be the helping volunteer for the other requests.
  • Stewards facilitate operations by matching requests with volunteers and reassigning tasks as needed. A Steward Dashboard shows all the help requests that are YET TO be matched. Stewards can match these help requests with approximately matched volunteers based on fuzzy logic. Stewards can also query for already matched requests and modify the lead volunteer if needed based on the request from the beneficiary.
  • Admins manage platform settings, user roles, integrations, and dashboards to ensure smooth functioning. An Admin Dashboard shows our entire organization status, number of users, volunteers, help requests etc. Admins also manage the volunteer promotion processes, conflict resolutions etc. Admins can also do some data deletions, termination of volunteers or removal troubling/misbehaving users etc.
  • Super Admins hold the highest level of control, overseeing admins and handling platform-wide functions such as system backups and security. A Super Admin dashboard shows metrics about our AWS infrastructure status, errors, provisioning etc.

Each role inherits the capabilities of the inner roles and adds new permissions aligned with their responsibilities, ensuring secure, streamlined, and scalable platform operations.