- Users associated to the project and their respective role.
- Data is specific to the project.
- The PM_PROJECT_USER_ROLES table will have at least two roles per USER_ID and PRODUCT_ID combination.
- The "Hive Management Track" role establishes the amount of control a user has in a project.
- The "Data Protection Track" role establishes the detail of data that may be seen by the user.
- The "Custom Track" role establishes individual roles which might be needed for a specific application.
- The roles are in hierarchical order, similar to the Data Protection Track, so that the roles on top gain the permissions from the ones below.
- Although the table will only contain the role for the highest level of detail the user can see, other roles to see less detailed data will also be automatically granted.
- If a cell requires other unique roles for a user, these can be added to the PM_PROJECT_USER_ROLES table, but there will not be any recognized hierarchy to those roles.
- For roles that span across all projects, the PROJECT_ID column in the PM_PROJECT_USER_ROLES table will have an "@" sign.
- For roles that span across all users (for a project), the USER_ID column in the PM_PROJECT_USER_ROLES table will have an "@" sign.
- At a minimum, a user / project combination will have a role from the Data Protection Track and the Hive Management Track (Custom Track is optional).
Data Protection Track |
Hive Management Track |
Custom Track |
DATA_PROT |
MANAGER |
EDITOR |
DATA_DEID |
USER |
|
DATA_LDS |
|
|
DATA_AGG |
|
|
DATA_OBFSC |
|
|
PM_PROJECT_USER_ROLES |
|
|
PK |
PROJECT_ID |
varchar(50) |
PK |
USER_ID |
varchar(50) |
PK |
USER_ROLE_CD |
varchar(255) |
|
|
|
