Previous
¶ User Roles
¶ What it is
User role identification is a process to understand and identify all the possible user roles in the system based on the personas. Usually, a sheet would be created to list all the roles and their privileges. More technically, it would be great to determine if RBAC (Role-based access control) or ABAC (Attributes-based access control) approach should be applied during this stage.
¶ Why it is useful
In most systems, especially internal ones, different user roles are required to offer access control and provide additional functionalities to other user groups. E.g., an admin can manage all the users, a manager can work with a specific team and assign tasks, and an operator can perform specific tasks.
It is confident that the design team will create the UX design, and the development team will design the architecture only after the user roles are clearly defined.
¶ When to use it
User role identification should be executed before creating the wireframe, user story writing, and the system architecture, as it is the very core of the system.
¶ How is it done
- The basic Information on the user roles could be gathered from the persona definition, the team structure, the existing chain of approval, and the user roles defined in the legacy system.
- Work with the stakeholders to define the roles and their privileges in the system. The reality needs to be mapped into the system appropriately. The granularity of roles and privileges should be designed carefully.
- Think about the further technical details, including
- If ABAC or RBAC or a more suitable method should be applied.
- If the roles or privileges could be inherited.
- If the roles or privileges could be overridden.
¶ Do's & Don't
Do's
- Work with stakeholders closely in the whole process as they understand this topic much better and more accurately.
- The flexibility and the extensibility must be considered.
Don't
- Refrain from over-engineering when designing the roles and privileges model.
¶ Tools needed
¶ Example
