-1

I need to finish a task in my homework. I need to include a use case diagram. I have the following situation I have a master, admin, manager, seller and attendant users. It is like this, master is the root user. It is the only user on the system if none was created. The master user can create an admin. The admin is like the master user. The manager can see statistics. The seller can change an order status. The attendant can view the list of products on the system.

master can view statistics, change order status, view product list
admin can view statistics, change order status, view product list
manager can view statistics, change order status, view product list
seller can change order status, view product list
attendant can view product list

As you can see the set of rights that user can perform are getting filtered as the hierarchy goes down. How can I represent this in a use case diagram. Don't think I am lazy. I searched online and I was more confused than before.

2
  • 4
    How to represent permissions in UML use case diagram Commented Dec 1, 2020 at 0:11
  • 1
    This sounds like a Role-Based Access Control (RBAC) problem. It's common to find the concept of a Role (e.g. your attendant, seller, manager, etc.) being modelled as a separate entity/concept to Permission. -- i.e. A role may have many different permissions, while a permission may be granted to many different roles. Commented Dec 1, 2020 at 1:20

2 Answers 2

2

As you can see the set of rights that user can perform are getting filtered as the hierarchy goes down.

Do not fall into the trap of thinking that anything you observe is therefore an immovable truth.

It is indeed currently the case that when you order the list in that way, that the roles sequentially only "lose" access, never gain anything. But that does not mean that:

  • this is a hard and fast rule you can rely on
  • this is always going to be the case
  • you should hinge your role definitions on this phenomenon

To make it easier to understand, let's use a different context. My car has four wheels. It also has one steering wheel. It also has four cup holders.

Should I now design cars with the philosophy that a car must have as many cup holders in a car as it has wheels or vice versa? Should exactly 20% of the wheels on a car be a steering wheel, and the other 80% a road wheel? All of these observations are true for my car, after all...

The simple answer here is "no". Just because it's true of my car today doesn't mean that it's true for every car, or that it's a rule I should define or start relying on.


Back to your example, rather than trying to define your roles as some contrived dependent hierarchy that relies on this "sequential access filtering" observation, it's significantly better to define user roles independently.

That is to say that you define a bunch of roles, and a bunch of access rights. And then you list which access rights a particular role has.
This is essentially the list you already have in your question, but without the implication that there is some order between the definition of each role.

By defining them independently, that will make it easier for you to change one use role without needing to consider the impact that this change will have on other roles (which would depend on this role if you defined your use cases hierarchically).

If, for example, your attendants suddenly get access to something that the sellers don't get access to, then your entire system collapses, because your arbitrary rule is now invalidated. Think of how much work that would be to correct, if your use cases were used as a guiding measure for code implementations, documentation and support staff training.

Comparatively, if roles had always been defined independently, this would amount to a simple "hey role X now also has access to Y", which is significantly easier to code/explain/document.

0

The Actors in a Use Case diagram can have inheritance between them. So the Actor with the least privilege would be at the base of the inheritance tree, and the others would inherit from it.

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.