| blob | eb9d6df065bdc55f9178768fb0f58c97a56e9057 |
1 User specification
2 =================
4 Source: Webové služby rozhraní ISDS pro správu datových schránkek, verzion 2.6
5 (2009-11-18) [DataBox_ws.pdf]
8 User types
9 ==========
11 Symbol Description
12 --------------------------------------------------------------------------
13 PRIMARY_USER User who owns the box (FO and PFO type boxes have one
14 owner, OVM box one or none owners, PO box any number)
15 ENTRUSTED_USER User with limited access to the box. Such user is
16 delegated by primary user or administrator for the
17 purpose of message reading or sending.
18 ADMINISTRATOR User who can add/remove/update other users to a box, but
19 who is not a owner of the box.
20 OFFICIAL
23 User authorizations
24 ===================
26 Each user has set of permissions to operate on given box.
28 Symbol Num Description
29 --------------------------------------------------------------------------
30 PRIVIL_READ_NON_PERSONAL 1 Permission to read incoming messages
31 PRIVIL_READ_ALL 2 Permission to read messages addresses only to
32 concrete person
33 PRIVIL_CREATE_DM 4 Permission to sent mesages, to download outgoing
34 messages
35 PRIVIL_VIEW_INFO 8 Permission to download list of messages, to
36 download data about delivery (`Dodejka') and
37 acceptance (`Doručenka')
38 PRIVIL_SEARCH_DB 16 Permission to search boxes
39 PRIVIL_OWNER_ADM 32 Permission to maintane a box (add users etc.)
40 PRIVIL_READ_VAULT 64 Permission to read messages from data safe
41 PRIVIL_ERASE_VAULT 128 Permission to delete messages from data safe
43 User type ADMINSTRATOR has implicit non-revokable permission PRIVIL_OWNER_ADM.
44 Administrator can add other permissions to anybody, even to himselv.
46 User type PRIMARY_USER has implicit (non-revokable?) permissions 1–32.
48 In addition, internal users can have following permissions (to manage
49 (= create, update) boxes or request for box updates):
51 Symbol Num Description
52 -------------------------------------------------------------------------
53 PRIVIL_OR 256 Manage PO type boxes
54 PRIVIL_INSSPR 512 Manage PFO_INSSPR type boxes
55 PRIVIL_NOTAR 1024 Manage OVM_NOTAR type boxes
56 PRIVIL_EXEKUT 2048 Manage OVM_EXEK type boxes
57 PRIVIL_ADVOK 4096 Manage PFO_ADVOK type boxes
58 PRIVIL_DANPOR 8192 Manage PFO_DANPOR type boxes
59 PRIVIL_PFO 16384 Manage PFO* type boxes
60 PRIVIL_OVMPOZAK 65536 Manage OVM, PO_ZAK and OVM_REQ type boxes
61 PRIVIL_VAZBA 131072 Report imprisoning of a person etc.
62 PRIVIL_MV 32768 Ministery of interiors officer
63 who processes request (Service module)
64 PRIVIL_CZP 262144 Czech POINT officer who processes requests
65 (only for FO, PFO, PO_REQ box types)
66 PRIVIL_ADMADM 1048576 Manage internal users
67 PRIVIL_AD_DELIV 2097152 Store timestamp about credentials delivery
68 by off-line chanel
69 PRIVIL_ACTIVATE 8388608 Activate credentials on-line
70 PRIVIL_POST 524288 Access to help desk IS of Czech POST
71 PRIVIL_VAULT 33554432 Manage safe and commercial message switcher
72 PRIVIL_BILLING 67108864 Access to billing data
73 PRIVIL_CONFIG 4194304 Low level configuration allowed (see
74 `Administrator manual for ISDS application
75 server' for more details)
76 PRIVIL_SUPERVISOR 16777216 Permission to start and stop application