Hierarchy has indispensable control in an organization. It directs information processing in a sequential manner. Implementation of hierarchical tree where allows an official to monitor the progress of the sub-employees, also prevents sub-employees from viewing the activity of senior officials.
About Hierarchical Tree (HT)
The work(s) in an organization is cascaded in different levels. On a whole, these levels define the structure of an organization. The structure, if represented in pyramid form provides essential information about the roles and functions of each level. As for the smooth operations of an organization, it is critical to have a structure, hence the information accessible by each level should also follow hierarchy.
The pyramid structure shows how the information circulates in an organization. The staff has a large number of employees working in different segments of a project is provided with specific and least information about a subject. The parallel staff members are restricted from accessing each other’s progress and also from any information available with upper levels of the hierarchy. The managers at second level can follows the same principle, but can access the progress of respective sub staff under them. This structure is continued to top level i.e. CEO of an organization can access all the progress of VP, Director, Manager and Staff.
Just as an Architect may build a 3-D model of the space to help building owners visualize better, programmers can whip together some key aspects of the system to incrementally help the stakeholders see how things will work. These are great communication tools, but many times fall short of providing the stakeholders a wholistic view.
In this paper, the solution of this requirement is presented on architectural level that well suits your application prototype.
The role of a level (ex: manager) is to administer the progress of sub-employees (ex: staff) and collect the fringes to produce a complete report. The sub-employees have only required fringes and cannot gain the access to complete information. This structure creates a valid and authorization control for each role level. An organization prefers to store all the information of a company on a centralized server. The users quench their respective information from server using a secure login process which restricts their access according to their roles.
Role Based Access
The application that connects server and user uses the role feature to discrete the accessibility to individual users. The permissions to access any entity(s) and records are stored in role. When a user login to application, the allocated role is looked in application and assigned permissions to record is given to user. This technique allows employees to access only limited part of information from company’s centralized database but does not fulfill the pyramidal requirement of data monitoring in organization.
User Based Security
The entities having records that are user sensitive in nature are associated with user entity. When user based security is applied to that entity, users can see only respective records. It means manager can see the records associated with manager only and staff employees can only access their records. If user based security is leveraged, the user sensitive records will be accessible to all persons using the application.
The solution to pyramid structure is hierarchical tree. When two entities are associated with each other, the records of one entity display the data from records of another entity by providing reference of that entity’s record.
User security allows a user to see only respective records of entity 1 and 2. But with reference assignment, when a user views records of entity 2, he can also see the record of entity 1 also that is associated with that record.
Turanto uses reference link to implement hierarchical tree in its application. The benefit of using Turanto is that users only need to prototype the application according to their needs and generate it without programming a single line. This feature is not default and requires few settings to activate.
Self-association of user
The entities that are user sensitive and needs user based security are associated with user entity. The user entity is the default entity in Turanto applications. This entity is embraced with unique login id that user uses to login into application. While creating a new entity if ‘person’ is selected, the entity inherits all general properties of a person. For a company, it could be employees. When an employee has to report to another employee (of any role) a self-association is created.
The self-association of employee entity refers that records of employee entity can refer another employee records. In above figure, one employee record can refer many employee records. This self-association connects the employees of different levels in organization’s pyramid.
When a self-association is created in application model, application enables the hierarchy option. This option is present in admin section -> User Based Security.
When Hierarchy is selected, Turanto application uses the reference assignment to create an exception in user based security. This exception allows other users to see the record of another users who comes at lower levels of hierarchy.
The figure shows the records of single entity (self-association) which has user associated (directly) with it. The blue lines are the reference lines. According to this, R11 has given reference of R8 in one of its property. Hence, the owner of R8 can view the records of a user (in all entities) who owns R11. Similarly, R4 can view records of R8 and also R11. Here, R9’s owner cannot see R10 and R11 records because no reference is assigned. At last, R1 owner can see all records.
This hierarchy when applied in one entity, all user sensitive entities (associated directly or indirectly with users) follows the hierarchy rule as exemption to user based security. On every else thing, conventional security rules follow.
An example application to show hierarchical security is created for user’s reference. The application is created using Turanto™ cloud application development tool. The application has two entities: Employee and Employee Assets. Employee entity is selected as person hence, all general elements of person are configured by default. A self-association of Employee is present and an association of ‘Employee Assets’ with ‘Employee’ is created. In generated application three roles are created: Employee, Manager and CEO. Hierarchy is enabled in user based security (In admin section).
Application Hierarchy is defined as:
Hierarchical tree is an important feature for an organization. The reference assignment provides a complete solution for tree requirements in application that connects company’s database and intended users. The Turanto™ based application integrates hierarchical tree in an effortlessly with simple with few prototype settings. Thus, this system enables an organization to reduce risk in new system development and helps engage the end users quicker, while enabling the developers to deliver a more complete system quicker.