| blob | 576664cc967e6d072e411c37db3a613a5789e3b1 |
1 User specification
2 ==================
4 Source: Webové služby rozhraní ISDS pro správu datových schránkek,
5 version 2.19 (2011-05-05)
6 Source: Webové služby rozhraní ISDS pro manipulaci s datovými zprávami,
7 version 2.28 (2012-07-27), pages 6–7
10 User types
11 ==========
13 Symbol Description
14 --------------------------------------------------------------------------
15 PRIMARY_USER User who owns the box (FO and PFO type boxes have one
16 owner, OVM box one or none owners, PO box any number)
17 ENTRUSTED_USER User with limited access to the box. Such user is
18 delegated by primary user or administrator for the
19 purpose of message reading or sending.
20 ADMINISTRATOR User who can add/remove/update other users to a box, but
21 who is not a owner of the box.
22 OFFICIAL
23 OFFICIAL_CERT
24 LIQUIDATOR Liquidator of a commercial organisation. Effectively
25 equivalent to PRIMARY_USER.
26 RECEIVER Receiver of a commercial organisation. Effectively
27 equivalent to PRIMARY_USER.
28 GUARDIAN A person who has the authority to care for the personal
29 and property interest of another person. Effectively
30 equivalent to PRIMARY_USER.
33 User authorizations
34 ===================
36 Each user has set of permissions to operate on given box.
38 Symbol Num Description
39 --------------------------------------------------------------------------
40 PRIVIL_READ_NON_PERSONAL 1 Permission to read incoming messages
41 PRIVIL_READ_ALL 2 Permission to read messages addresses only to
42 concrete person
43 PRIVIL_CREATE_DM 4 Permission to sent mesages, to download outgoing
44 messages
45 PRIVIL_VIEW_INFO 8 Permission to download list of messages, to
46 download data about delivery (`Dodejka') and
47 acceptance (`Doručenka')
48 PRIVIL_SEARCH_DB 16 Permission to search boxes
49 PRIVIL_OWNER_ADM 32 Permission to maintane a box (add users etc.)
50 PRIVIL_READ_VAULT 64 Permission to read messages from long term
51 storage (does not exists since 2012-05)
52 PRIVIL_ERASE_VAULT 128 Permission to delete messages from long term
53 storage
55 User type ADMINSTRATOR has implicit non-revokable permission PRIVIL_OWNER_ADM.
56 Administrator can add other permissions to anybody, even to himself.
58 User type PRIMARY_USER has implicit (non-revokable?) permissions 1–32.
60 In addition, internal users can have following permissions (to manage
61 (= create, update) boxes or request for box updates):
63 Symbol Num Description
64 -------------------------------------------------------------------------
65 PRIVIL_OR 256 Manage PO type boxes
66 PRIVIL_INSSPR 512 Manage PFO_INSSPR type boxes
67 PRIVIL_NOTAR 1024 Manage OVM_NOTAR type boxes
68 PRIVIL_EXEKUT 2048 Manage OVM_EXEK type boxes
69 PRIVIL_ADVOK 4096 Manage PFO_ADVOK type boxes
70 PRIVIL_DANPOR 8192 Manage PFO_DANPOR type boxes
71 PRIVIL_PFO 16384 Manage PFO* type boxes
72 PRIVIL_OVMPOZAK 65536 Manage OVM, PO_ZAK and OVM_REQ type boxes
73 PRIVIL_VAZBA 131072 Report imprisoning of a person etc.
74 PRIVIL_MV 32768 Ministery of interiors officer
75 who processes request (Service module)
76 PRIVIL_CZP 262144 Czech POINT officer who processes requests
77 (only for FO, PFO, PO_REQ box types)
78 PRIVIL_ADMADM 1048576 Manage internal users
79 PRIVIL_AD_DELIV 2097152 Store timestamp about credentials delivery
80 by off-line chanel
81 PRIVIL_ACTIVATE 8388608 Activate credentials on-line
82 PRIVIL_POST 524288 Access to help desk IS of Czech POST
83 PRIVIL_VAULT 33554432 Manage long term storage and commercial
84 message switcher
85 PRIVIL_BILLING 67108864 Access to billing data
86 PRIVIL_CONFIG 4194304 Low level configuration allowed (see
87 `Administrator manual for ISDS application
88 server' for more details)
89 PRIVIL_SUPERVISOR 16777216 Permission to start and stop application