view release on metacpan or  search on metacpan

lib/App/Dochazka/REST/Docs/Workflow.pm  view on Meta::CPAN

parameter.

=head3 Retrieve one's own attendance/lock intervals

Although inactive employees are not authorized to enter new attendance/lock
intervals, they can retrieve their own past intervals, for example by browsing
in the web client, etc.

=head3 Generate reports

Inactive employees can use the C<POST genreport> operation to generate
reports from any report templates (Mason components) with ACL profile
'inactive' or below.


=head2 active

=head3 Add new attendance intervals

Active employees can add new attendance data ("intervals") subject to the
following limitations: 

=over

=item (a) only their own attendance - not that of other employees,

=item (b) attendance interval must not conflict with an existing lock interval,

=item (c) attendance interval must not extend past the end of the current month and, 

=item (d) attendance interval must not overlap with an existing interval.

=back

    Example 1: Employee 'pepik' tries to insert an attendance interval
               [1985-04-27 08:00, 1985-04-27 12:00) but there is a 
	       lock in place for that date. In such a case, the lock would have
               to be removed by an administrator, or 'pepik' would be out of luck.

    Example 2: Today's date is 2014-10-22 and 'pepik' attempts to insert
               an attendance interval [2014-11-07 08:00, 2014-11-07 08:30) -
	       this will not be possible until 2014-11-01..

New attendance data is added via POST requests on C<interval/new>.

=head3 Add new lock intervals

Active employees are authorized to lock attendance data by adding new lock
intervals subject to the following restrictions:

=over

=item (a) only on their own attendance,

=item (b) only on past attendance and up to the end of the current month,

=item (c) lock interval must not overlap with any other lock intervals.

=back

=head3 Modify one's own unlocked past attendance data

Active employees can modify/delete any existing attendance data, provided the
attendance intervals in question do not conflict with any lock.

=head3 Retrieve list of non-disabled activities

Since attendance data must be associated with a valid activity, active employees
are authorized to retrieve the entire list of non-disabled activities using
a GET request on the C<activity/all> resource.

=head3 Retrieve details of a particular activity

Active employees can look up the details of any activity (including 
disabled activities) by the activity's code or AID using GET requests on
C<activity/aid/:aid> and C<activity/code/:code>.

=head3 Edit one's own employee profile (certain fields)

Depending on the exact setting of the DOCHAZKA_PROFILE_EDITABLE_FIELDS site
parameter, active employees may be authorized to edit more fields than inactive
employees.

=head3 Generate reports

Active employees can use the C<POST genreport> operation to generate
reports from any report templates (Mason components) with ACL profile
'active' or below.


=head2 admin

=head3 Edit any employee's profile

Administrators can edit any employee's profile. The only limitation is that the
EID cannot be changed.

=head3 Create, read, update, and delete Mason components

Mason components are stored in the database and written out to the
filesystem every time the server starts. Since these components pose a
security risk, only administrators can work with them.

Non-administrator employees cannot view component source code, but they can
generate reports using the C<POST genreport> operation, which takes a
top-level component path, provided they have sufficient privileges to use
the component in question.



=head1 AUTHOR

Nathan Cutler C<ncutler@suse.cz>

=cut