Skip to main content

Overview

This document is a messy notepad of all the context from various documents like drawio which we initially used to design the Org domain, specifically roles and permissions for employers (term used in JodApp to refer to the user that posts/manage jobs)

You should use this as a starting point and then look at @../jodgig-api to determine the source of truth

Current JodGig Roles Overview

We have two types of user roles used in Gig. Internal and Partner roles.

  • INTERNAL - this type is used by the users employed by JOD.
  • PARTNER - this is the role type used by users of the partner companies of JOD. It is also called external users in some instances.

INTERNAL users are separated into other types:

  • SUPER_ADMIN - used by the main admin (JOD)
  • USER_ADMIN - a copy of SUPER_ADMIN but does not have permissions in some areas like updating permissions of roles.
  • INTERNAL - type of newly created roles within the internal
  • Super Hq Internal (SUPER_HQ_INTERNAL) - A user type used by JOD internal users to access HQ/Company dashboards. This user type can access all of the companies.

PARTNER users are separated into other types:

  • Super Hq External (SUPER_HQ_EXTERNAL)
    • Same as Super HQ Internal, the user can multiple HQ/Company but is restricted to have access only to the company linked to the account.
  • The linkage is stored in user_company table.
  • Use case for Super HQ External:
    • Multiple companies like Fairprice, but shared users like Finance Officer.
    • Create many outlets, and have 1 company.
    • Feature developed because the client high paying clien.

Hq User (HQ)

  • Is the admin/owner of the partner company.
  • Has the ability to manage all locations and settings within the company.

Area Manager (AREA)

  • Is used to be the manager of areas/outlets/locations.
  • This type of partner user can be assigned to multiple areas/outlets/locations within the company.

Location Manager(LOCATION)

  • Is used to be the manager of a location. A user with this type can only be assigned to a single location.

HQ - Read only

  • has the same type as HQ but this one doesn't have permission to update

Area manager + job approve(AREA)

  • Area manager that does have permission to approve or reject a pending job. ※ Roles in PARTNER type are fixed and cannot be edited or cannot add new roles.

Partner Roles are fixed

  • all companies share the same roles.
  • Role Update Overview tab shows how we will change this

Proposed resigned months back by my engineer

The following is a proposal doc from months back that for redesigning specifically roles and permissions .

Company Overview

The company may have many users and each company has one HQ Manager (owner).

There is also one user of the Company which is the Super HQ External that can access multiple HQ/company dashboard based on the assigned company to the user.

In the current setup, to handle the assigning of multiple HQ/company to a single users, we have a join table named user_company

Overview of updating User and Company

To improve the current relationship structure between users and companies, we may use a join table user_company. The table will provide a many-to-many relationship between users and companies, as each user can be associated with multiple companies, and each company can have multiple users.

With this structure update, we can handle not only the case of a super HQ external user who can access multiple companies but also the case where a manager can be assigned to multiple companies within the same group.

To handle the default company for a user who has access to multiple companies, we can add an is_default column in the user_company table. This column will indicate which company is the default for the user. When the user logs in, they will be redirected to the portal of the default company.

If the user has only one company, that company will automatically be treated as the default since it's the only company they are associated with.

Overview of updating User and Company

  • Admin Logs in
  • Navigates Manager Management Page
  • Select Existing Manager
  • System displays companies for assignment
  • Assigns companies to the Manager
    • optional: Set Manager's default company
  • Select available role from selected company
  • Save changes
  • Multiple company assignment successful!

We can keep the HQ Manager role for each company as its head role. Since each company will still have HQ Manager, the admin will have the permission which HQ Manager can access multiple companies from the admin portal.

HQ Manager A on the right can access both Company B and Company C while HQ Manager B and C can only access their own company.

While HQ Manager A can access multiple companies, the user can also set a default company that will be first access when log in.