- Standing in the wrong place when the Commanding Officer assigned collateral duties
- Be eligible for & receive a 'Top Secret' Security Clearance, which involved a 10 year Background Investigation. Yes, guys actually went around and interviewed people that didn't know me very well.
- Pass a written & physical 'do this' exam, though the details of that process are now muddy.
Our Platform as a Service currently includes 345 Actionable items (Privileges), the sum of which comprise the Access Control List, control of which is usually reserved for the Account Admin. In fact, even viewing the ACL requires specific Privileges. These Privileges can be selected in any combination and when Saved (as a group) are named. That name is called a Role. Users are assigned to a specific Role, usually done by the Account Admin.
A data entry operator would not need 'Objects->Checkout settings->Add Payment system' in order to do data entry nor would a CEO with the equivalent of a 'Top Secret Clearance' require 'Objects -> Solutions-> Delete SaaS Solution package'. Most damage is unintentional and it is part of the Account Admin's job to ensure that the CEO does not see a button, say "What does this do?" and potentially nuke 70 hours of work. (Account Admin forgot to schedule auto-backup).
Younicycle's ACL and Roles are based on PostgreSQL, but the basic concept of Knowledge Management predates any database or computer system.
My next post will include a video that shows how to use the built-in Access Control List to build a Role and assign Users to the Role. Knowledge of SQL is not required as it is a simple select and click web interface.
Double-thanks for reading. Boring but important.