| blob | 04f0554cfdfcf95b8364c18752d0bd091b117277 |
1 User specification
2 =================
4 Source: Webové služby rozhraní ISDS pro správu datových schránkek,
5 version 2.19 (2011-05-05)
8 User types
9 ==========
11 Symbol Description
12 --------------------------------------------------------------------------
13 PRIMARY_USER User who owns the box (FO and PFO type boxes have one
14 owner, OVM box one or none owners, PO box any number)
15 ENTRUSTED_USER User with limited access to the box. Such user is
16 delegated by primary user or administrator for the
17 purpose of message reading or sending.
18 ADMINISTRATOR User who can add/remove/update other users to a box, but
19 who is not a owner of the box.
20 OFFICIAL
21 OFFICIAL_CERT
22 LIQUIDATOR Liquidator of a commercial organisation. Effectively
23 equivalent to PRIMARY_USER.
26 User authorizations
27 ===================
29 Each user has set of permissions to operate on given box.
31 Symbol Num Description
32 --------------------------------------------------------------------------
33 PRIVIL_READ_NON_PERSONAL 1 Permission to read incoming messages
34 PRIVIL_READ_ALL 2 Permission to read messages addresses only to
35 concrete person
36 PRIVIL_CREATE_DM 4 Permission to sent mesages, to download outgoing
37 messages
38 PRIVIL_VIEW_INFO 8 Permission to download list of messages, to
39 download data about delivery (`Dodejka') and
40 acceptance (`Doručenka')
41 PRIVIL_SEARCH_DB 16 Permission to search boxes
42 PRIVIL_OWNER_ADM 32 Permission to maintane a box (add users etc.)
43 PRIVIL_READ_VAULT 64 Permission to read messages from data safe
44 PRIVIL_ERASE_VAULT 128 Permission to delete messages from data safe
46 User type ADMINSTRATOR has implicit non-revokable permission PRIVIL_OWNER_ADM.
47 Administrator can add other permissions to anybody, even to himselv.
49 User type PRIMARY_USER has implicit (non-revokable?) permissions 1–32.
51 In addition, internal users can have following permissions (to manage
52 (= create, update) boxes or request for box updates):
54 Symbol Num Description
55 -------------------------------------------------------------------------
56 PRIVIL_OR 256 Manage PO type boxes
57 PRIVIL_INSSPR 512 Manage PFO_INSSPR type boxes
58 PRIVIL_NOTAR 1024 Manage OVM_NOTAR type boxes
59 PRIVIL_EXEKUT 2048 Manage OVM_EXEK type boxes
60 PRIVIL_ADVOK 4096 Manage PFO_ADVOK type boxes
61 PRIVIL_DANPOR 8192 Manage PFO_DANPOR type boxes
62 PRIVIL_PFO 16384 Manage PFO* type boxes
63 PRIVIL_OVMPOZAK 65536 Manage OVM, PO_ZAK and OVM_REQ type boxes
64 PRIVIL_VAZBA 131072 Report imprisoning of a person etc.
65 PRIVIL_MV 32768 Ministery of interiors officer
66 who processes request (Service module)
67 PRIVIL_CZP 262144 Czech POINT officer who processes requests
68 (only for FO, PFO, PO_REQ box types)
69 PRIVIL_ADMADM 1048576 Manage internal users
70 PRIVIL_AD_DELIV 2097152 Store timestamp about credentials delivery
71 by off-line chanel
72 PRIVIL_ACTIVATE 8388608 Activate credentials on-line
73 PRIVIL_POST 524288 Access to help desk IS of Czech POST
74 PRIVIL_VAULT 33554432 Manage safe and commercial message switcher
75 PRIVIL_BILLING 67108864 Access to billing data
76 PRIVIL_CONFIG 4194304 Low level configuration allowed (see
77 `Administrator manual for ISDS application
78 server' for more details)
79 PRIVIL_SUPERVISOR 16777216 Permission to start and stop application