Rice KIM and selected uses cases

Course Deadline Extended

Old and New Payroll Clerks

Gina, an administrative assistant in the Department of Chemistry, vacates her position in the department to take a new position in the Office of the Comptroller. Gina has been the department's payroll clerk for a number of years. The department chair chooses his executive assistant, Marcus, to take over as payroll clerk for the department. As payroll clerk, Marcus will need access to sensitive payroll information about non-exempt employees in the department, but will not need access to faculty salary information or student records. The department chair logs into an access management system and designates Marcus as the new payroll clerk for the Department of Chemistry. In so doing, he grants Marcus a collection of rights within various financial applications appropriate for a departmental payroll clerk in his department, and Gina (who is still employed by the university and still recognized by the authorization system as a user) has her payroll clerk privileges for the Chemistry department revoked.

Actors in this use case:

• Gina, the current Chemistry payroll clerk.
• Marcus, the new Chemistry payroll clerk
• Sally, the Chemistry Payroll Supervisor

How this scenario might be represented by KIM:

Principals

Gina, Marcus, and Sally are all defined as principal entities in the KIM system.
As entities, KIM has various fields defined for each of them including

• Name
• Principal ID
• Primary Home Department Code

  Name	Principal ID	Entity Type	Home Dept.	email address
  Gina	100	Person	Chemistry	gina@ucsd.edu
  Marcus	101	Person	Chemistry	marc@ucsd.edu
  Sally	102	Person	Chemistry	sally@ucsd.edu

Group Definitions:

Suppose the following groups have been defined.

KIM Types:

The KIM type identifies the set of qualifier attributes (fields). These qualifiers are used to separate different instances of types of group.

In this case, each of the above groups has a KIM type of "Departmental".
The Departmental Group Type defines a single attribute

• DepartmentCode
  This separates these groups by department. For example:  Chemistry payroll clerks from Medical Center payroll clerks.

Group Assignments:

Group Assignments at the beginning of  this scenario could be as follows:

Gina is assigned to the Finance Admin Assistants group.
Marcus is currently an executive assistant.
Sally is assigned as a Dept. Char and is also included the Business Officer group. (This is not pertinent to the use case, but was included here to demonstrate that groups can be assigned to groups)

Roles:

Two roles are defined in this scenario: Payroll Clerk, and payroll supervisor.
The roles, and the relevant permissions and responsibilities are shown here.

Payroll Clerk

• Type:   Departmental
• Permissions:
  • Can View Payroll: Non-Exempt
• Responsibilities:
  • Approve Document:  Timesheet

Payroll Supervisor

• Type: Departmental
• Permissions:
  • CanViewPayroll: All
  • MakeOrganization Group Changes
• Responsibilities:
  • FYI Document: Timesheet

Role Assignments:
In this example, the groups are assigned to the roles.

Permissions / Responsibilities

Permissions and Responsibilities use templates to define the related attributes.

Approve Document Responsibility
       ApproveTemplate
            Type: Departmental
            Qualifiers:
                     Document Type:  Timesheet
                     Route Status:    Enroute

FYI Document Responsibility
      FYI Template
            Type: Departmental
            Qualifiers:
                     Document Type:  Timesheet
                     Route Status: Approved&

CanViewPayroll:Non-Exempt Permission
       CanViewPayroll Template
            Type: Departmental
            Qualifiers:                      Employee Exempt Status:   Non-Exempt

CanViewPayroll:All Permission
       CanViewPayroll Template
            Type: Departmental
            Qualifiers:                      Employee Exempt Status:   Exempt, Non-Exempt

Use Case Action:
To replace Gina with Marcus,  the department chair:

• Modifies Gina's Group Assignment, by setting the "Active To Date" with her end date.
• Adds Marcus to the FinanceAdminAssistants group with his start date as the "Active From" Date

Alternate Implementations
This model could have been created in a number of ways.
For example, it is not necessary to use groups at all, Gina and Marcus could have been assigned directly to their roles, instead of implicitly through their group assignments. If this were the case, it would be the role assignments that would be added/changed instead of the group assignments.

Dorm Access for Residential Advisors

Professional Organizatioins and Federations

Drug Restocking Approval

Nurse Wilson notices during a routine inventory review that the Oncology ward's drug cabinet is running low on a particular anti-emetic drug. The anti-emetic is a scheduled substance, so her request to the Pharmacy for restocking requires approval by both her supervisor and an attending physician in Oncology. The Pharmacy system detects the approval requirement and routes the request to the head Oncology nurse, then to the on-call Oncologist for approval before filling the order.

*A possible Kuali Rice solution:*This use case could be achieved within Kuali Rice by using a combination of the KEW workflow module and the KIM identity management module. Suppose a Pharmacy Purchase Requisition Workflow document has been defined.

The route path of the document has been defined as: