db_table
, report
, and excel_file
.
Each user has specific roles, and our authorization system is structured according to the confidentiality levels of these sources.
For instance, two users ask the same question: "Can you provide a list of all current clients, their contact details, and agreements?"
The response data is pulled from three different database tables:
db_table
, report
, and excel_file
—based on a user’s role within an organization or team and the confidentiality level assigned to each resource. This framework ensures that access permissions are applied consistently and securely across all resources.
confidentiality_level
attribute to define access restrictions. The levels include:
director
, team lead
, and team members
.director
and the team lead
.director
.db_table
, report
, excel_file
) has a view
permission defined using the confidentiality
rules, which verifies the confidentiality level of the document/entity. The rule works as follows:
4
):
director
role in the organization can view resources labeled with the 4
confidentiality level.3
):
directors
of the organization and leads
of the relevant team.2
):
leads
, team members
, and directors
of the organization.1
):
member
of the organization can access these resources.