Académique Documents
Professionnel Documents
Culture Documents
VCS_FSD_RAS
Version No. 1.0
VCS /Confidential
Prepared By
Inspected/Reviewed By
Approved By
NAME: ROLE:
VERSION HISTORY Version No. 0.1 1.0 Date Changed By Changes Made Draft 1. As per BA team comments, Division/ Department will be removed and same functionality will be handle in role creation. 2. Login page will be normal user ID, password login. If internal user also behave has external user, he/she can view the both the menu details.
2.0
November 7, 2006
Thiruvarul M
1. As per the TA team advice, UI of Internal Access Request to be changed to have single selection to be added multiple times than multiple selections. 2. As per the TA team advice, System will also be configured (Configuration File) to check whether the ERP data of Internal User is transferred, if not transferred validation of Internal User against the Organization data will not be done. 3. As per the TA team advice, Search Access Request Result to be changed not to do Approval or Rejection in the same page to be handling in Access Request View page only. 4. Add Program is removed by the advice of TA team and will be done using a batch program to include all the program details, only edit and delete program options will be available in VCS module. 5. As per the TA team advice, Load User Batch will be done by ETL tool extract not in the batch process.
Topic
Page No.
VERSION HISTORY ............................................................................................................................ 2 FUNCTIONAL SPECIFICATION DOCUMENT ................................................................................ 4 TABLE OF CONTENTS ....................................................................................................................... 4 INTRODUCTION .................................................................................................................................. 6 PURPOSE OF FSD .................................................................................................................................. 6 SCOPE OF THE PROJECT......................................................................................................................... 6 DEFINITIONS AND ACRONYMS .............................................................................................................. 6 REFERENCES ......................................................................................................................................... 6 GENERAL DESCRIPTION .................................................................................................................. 7 SYSTEM PERSPECTIVE........................................................................................................................... 7 SYSTEM FUNCTIONS /BUSINESS PROCESS ............................................................................................. 7 USER CHARACTERISTICS ...................................................................................................................... 8 ASSUMPTIONS, DEPENDENCIES AND RISKS ........................................................................................... 8 COMMON CONSIDERATIONS ......................................................................................................... 8 EXTERNAL INTERFACE SPECIFICATIONS ............................................................................................... 8 USER INTERFACE .................................................................................................................................. 8 HARDWARE INTERFACE ........................................................................................................................ 8 SOFTWARE INTERFACE ......................................................................................................................... 8 COMMUNICATION INTERFACE ............................................................................................................... 8 PERFORMANCE REQUIREMENTS ............................................................................................................ 8 ATTRIBUTES ......................................................................................................................................... 9 OTHER REQUIREMENTS ........................................................................................................................ 9 PROCESS FLOW: ................................................................................................................................. 9 INTERNAL USER REQUEST: ................................................................................................................... 9 EXTERNAL USER REQUEST: ................................................................................................................ 11 3. FUNCTIONAL REQUIREMENT (SCREENS USER INTERFACES) ................................... 12 3.1 RAISE INTERNAL USER ACCESS REQUEST..................................................................................... 12 3.2 RAISE EXTERNAL USER REQUEST ................................................................................................. 15 3.3 ACCESS REQUEST VIEW INTERNAL REQUEST............................................................................. 18 3.4 ACCESS REQUEST VIEW EXTERNAL REQUEST ........................................................................... 21 3.5 SEARCH FOR ACCESS REQUEST ..................................................................................................... 25 3.6 SEARCH ACCESS REQUEST RESULTS ............................................................................................. 27 3.7 ACCESS REQUEST APPROVAL (FROM MAIL HYPERLINK).............................................................. 28 3.8 ACCESS REQUEST HISTORY .......................................................................................................... 29 3.9 MY PENDING TASK ....................................................................................................................... 30 3.10 ADD, EDIT AND DELETE ROLES ............................................................................................. 31 3.11 USER SEARCH ............................................................................................................................. 32 3.12 USER RESULTS ............................................................................................................................ 34 3.13 USER ROLES MANAGEMENT ....................................................................................................... 35 3.14 PROGRAM LISTING ...................................................................................................................... 36 3.15 SEARCH PROGRAM ...................................................................................................................... 38 3.16 ADD/EDIT/DELETE APPLICATION FUNCTIONAL GROUPS ............................................................ 39 3.17 ASSIGN ROLES TO APPLICATION FUNCTIONAL GROUPS .............................................................. 40 3.18 APPLICATION SECURITY.............................................................................................................. 41
Page 4 of 56
3.19 LOGIN PAGE ................................................................................................................................ 42 3.20 CHANGE PASSWORD ................................................................................................................... 43 3.21 FORGET PASSWORD .................................................................................................................... 44 3.22 ADD/EDIT ANNOUNCEMENTS ..................................................................................................... 45 3.23 SEARCH ANNOUNCEMENTS ......................................................................................................... 46 3.24 ANNOUNCEMENTS RESULTS ....................................................................................................... 48 3.25 ANNOUNCEMENTS LISTING (MAIN PAGE) ................................................................................... 49 3.26 USER PROFILE ............................................................................................................................. 49 3.27 MENU.......................................................................................................................................... 51 3.28 MAIN PAGE ................................................................................................................................. 52 3.29 ALERTS/ REMINDER/ BATCH ....................................................................................................... 52 3.30 AUTHENTICATION COMPONENT ............................................ ERROR! BOOKMARK NOT DEFINED. 3.31 AUTHORIZATION COMPONENT. ............................................. ERROR! BOOKMARK NOT DEFINED. ANNEXURE .......................................................................... ERROR! BOOKMARK NOT DEFINED. SCREENS, FORMS AND REPORTS GIVEN BY THE USER .......... ERROR! BOOKMARK NOT DEFINED. TRACEABILITY TABLE .................................................... ERROR! BOOKMARK NOT DEFINED.
Page 5 of 56
Introduction
Purpose of FSD
This Functional Specification Document (FSD) specifies the general factors like the external interfaces, evolution or growth path of the system, functional requirements, user characteristics and the assumptions, dependencies and risks associated with the system. In addition certain common considerations like external interface specifications, User interface, hardware interface, software interface, performance requirements, attributes such as availability and security and additional requirements are specified in the FSD. The intended audience for the FSD is the Project Manager, Project Leader, the Team members and the customer. The objectives and goals of the software system are as follows: 1. Registration of new user. 2. Security Management of VCS system. 3. Login and Main page. 4. User and Role Management.
The scope of the project is design and develops Registration and Security module in VCS application. The application to be developed in ASP.Net and Oracle / SQL Server/ DB2.
andThis sub-section defines all terms, acronyms and abbreviations used in the
project and explain all conventions of nomenclature, special symbols used, etc.
Explanation Active Server Pages in .Net Framework Vendor Collaboration Solutions. Enterprises Resource Planning Business Object - Reporting tool Reporting tool
References
Vendor Collaboration Solutions Vision and Scope document. Vendor Collaboration Solutions Architecture document. BI Architecture document (.ppt) VCS Non functional requirements document (Version ) Registration and Security Prototype (wire frame).
Page 6 of 56
General Description
This section describes the general factors affecting the software and its requirements.
System Perspective
This sub-section highlights the additional information or insights gained into the application: 1. Master data Extraction from ERP Systems. The same will be excluded from this project scope. However the same will be covered as a separate module in VCS project.
System Functions This sub-section summarizes the functional requirements of the project. /Business Process
Business Requirements/ Process BR-RAS-01 BR-RAS-02 BR-RAS-03 BR-RAS-04 BR-RAS-05 BR-RAS-06 BR-RAS-07 BR-RAS-08 BR-RAS-09 BR-RAS-10 BR-RAS-11 BR-RAS-12 BR-RAS-13 BR-RAS-14 BR-RAS-15 BR-RAS-16 BR-RAS-17 BR-RAS-18 BR-RAS-19 BR-RAS-20 BR-RAS-21 BR-RAS-22 BR-RAS-23 BR-RAS-24 BR-RAS-25 BR-RAS-26 BR-RAS-27 BR-RAS-28 BR-RAS-29 BR-RAS-30 BR-RAS-31 Internal User Access Request External User Access Request Access Request View Internal Request Access Request View External Request Search Access Request Search Access Request Results Access Request Approval (From Mail Hyperlink) Access Request History My Pending Task Add/Edit/Delete Roles User Search User Listing User Role Management Program Listing Search Program ADD/ EDIT/ DELETE Application Functional Group Assign Roles to Application Functional Group Application Security Login Page Change Password Forget Password Add Announcements Search Announcements Announcements Result Announcements Listing (Main Page) User Profile Menu Main Page Alerts/Reminder/Batch Authentication Component Authorization Component
Page 7 of 56
User Characteristics
The following user groups in VCS have access to this application. 1. All Internal Users 2. All Suppliers belong to that organization. 3. VCS Admin 4. VCS Approver (s) 5. Purchase User. 6. Supplier Coordinator.
and
1. External data from ERP systems should be available in VCS during system testing. 2. Security of Cognos and BO Report is handled by the same procedure detail here.
Common Considerations
This section specifies considerations or expectations that are common across all functional requirements stated in the FSD.
User Interface
Hardware Interface
NA
Software Interface
Communication Interface
Nil
Performance Requirements
Page 8 of 56
Attributes
Nil
Other Requirements
1. All the list/dropdown boxes will have the data listed in ascending order unless the order is explicitly stated. 2. Also all the hyperlinks links should have mouse over text. The status bar should have meaningful text (Tool tip) when mouse over on hyperlinks. 3. Paging logic should be applied to listing screen when the number of records exceeds VCS Paging size set in the configuration file. 4. Tool tip is available to as much of functional or technical or validation details as per the need and help of the user.
Process Flow:
Internal User Request:
Page 9 of 56
Internal user submits online request for access System verifies if user already has access Yes
No
Approved? Yes System adds user and Roles to the database System e-mails User ID and Password to user
No
Page 10 of 56
External User Request: External user submits online request for access System validates supplier code with Supplier Master No
Valid Supplier?
Has access?
Any user from the supplier registered Yes System notifies Supplier coordinator for approval
Page 11 of 56
Reference / Look up
Internal user has provision to raise request for accessing the VCS system (Outside the security boundary in login page) by submitting an online form. System will enable to create the VCS admin with configuration for internal user approval. Later VCS Admin will provide the approver rights to the other VCS approvers. System should have a provision for configuring approver through user profile screen. Requester should provide the following details like Email ID/Organization Id, location information (like manufacturing facility), the organization role, reporting manager name / email-id, etc. As a one time event, ETL will take the enterprise user details and load into VCS system. The system should check whether the user is a valid internal user of the organization by checking with the user data extracted from enterprise systems. System will also be configured (Configuration File) to check whether the ERP data of Internal User is transferred, if not transferred above said validation will not be done. The system shall have the capability to verify if a requestor already has access to VCS by using the e-mail address / Unique ID which is in the VCS database. If the requestor already has access, then the system shall have the capability to alert them. The system should check duplicate request by verifying that the user already raised the request and if it found any, it should alert the user. The system shall have the capability to notify the appropriate Approver for approval by mail with a copy the requestors manager for information. If there is no approver, VCS Admin will be mapped as approver followed by mail sent to assign appropriate approver. The system will assign status Submitted when the request is raised.
Requirement Description
Users / Actors
Page 12 of 56
Field name
User ID
Max Lengt h 60
Validation etc.,
1. Check for max and min length. 2. Check for entry of only @,. special character. 3. Should allow string and numerical type. If the User ID is not Email ID, System request for Email ID.
Email ID
Yes/N o
Sting
60
User Name
Yes
String
100
Data from Organiza tion table if data is available Or Empty Data from Organiza tion table if data is available Or Empty Empty
UI Fields Table
No
String
20
Roles
Yes
String
50
Purchase Groups
No
String
50
Business Units
No
String
50
Region
No
String
50
Country
No
String
50
1. Check for max and min length 2.Check for no entry of special character 3. Should allow string type not numerical. 1. Check for max and min length. 2. Should allow numerical type. 3. Check for entry of only -special character. 1. Allow multiple selections. 2. Data should load dynamically. 1. Allow multiple selections. 2. Data should load dynamically. 3. Should have an entry of All Purchase User Group 1. Data from database. 2. Allow multiple selections. 3. Should have an entry of All Business Unit 1. Allow multiple selections.
Page 13 of 56
database Master
Plant
No
String
50
No
String
50
Empty
No
String
60
Empty
No
String
20
Empty
Remarks
No
String
150
Empty
2. Data should load dynamically based on filter condition. 3. Should have an entry of All Country 1. Allow multiple selections. 2. Data should load dynamically based on filter condition. 3. Should have an entry of All Plant 1. Check for max and min length. 2. Check for no entry of special character. 3. Should allow string type not numerical. 1. Check for max and min length 2 Check for entry of only @,. special character 3. Should allow string and numerical type. 1. Check for max and min length. 2. Should allow numerical type. 3. Check for entry of only -special character. 1. Check for max and min length.
Business Rules
1. If Unique ID is not Email ID of the requestor, system should request for Email ID in addition to Organization ID. (Set in configuration file). 2. User cannot request for access if he/she already has access. 3. User is checked for valid user against the configuration domain email id (e.g. intellectus softwarelab.com). 4. One or more multiple selection in the location and business units can be made. 5. One or more roles can be selected by an internal requestor. 6. The system should check whether the user is a valid internal user of the organization by checking with the user data extracted from enterprise systems. 7. The system should check duplicate request by verifying that the user already raised the request, system shall have the capability to verify if a requestor already has access to VCS by using the e-mail address / Organization ID which is in the VCS database. If the requestor already has access, then the system shall have the capability to alert them. 8. Requests for access have to be approved by the Approver/ Coordinator based on the plant / Country/Region/ Purchase User Group and Business Units requestor. If there is no approver, the mail
Page 14 of 56
should send it to VCS Admin for allocating the approver; with default he /she as approver (ensure not to send approval mail to VCS for this request). Approver has to be selected dynamically and assigned for the request on a logical basis. If the User request for the role of approver, he/she should be assigned with VCS Admin has the approver. On entering the unique user id, email-Id, user name, phone number has to be populated from the organizational user base, if available. By default all countries should be populated. The values in the drop down for Country are dependent on the selection of Region. By default all plants will be populated. The values in the drop down for Plant are dependent on the selection of country.
Hard Warnings
1. 2. 3. 4. 5.
If all mandatory fields are not completed. If the requestor already has access to VCS System. If the requestor raised a duplicate request If the user does not belong to organizational user. If the User provides data more than max length and less than minimum length. 6. When user enters not required special characters.
Soft Warnings
Nil
Post Conditions
1. Request is saved to database upon validation and mail notifications are sent. 2. Status of Submitted is assigned to the request. 3. Change History should be created.
Email Notification
1. To the appropriate Approver / Coordinator for approval of the request. 2. To the requestors manager for informational purpose. 1. Organizational users master details should be available in VCS database.
Assumption
Change in History
1. 2. 3. 4.
Reference / Look up
Page 15 of 56
External user (supplier) shall have the capacity to request access to VCS by submitting an online form. The system shall have the capability to verify if a requestor already has access based on the e-mail address, which is the user ID with that supplier code. If the requestor already has access, then the system shall have the capability to alert them. The system shall have the capability to validate the external requestor by using the supplier code and deny the request if supplier code is not in VCS database. System should automatically assign the first approver of the supplier request as supplier coordinator. But system should give the flexibility to change the supplier coordinator through admin. The system shall have the capability to notify the suppliers coordinator for approval of the request from a user at that supplier. If there is no supplier coordinator for that supplier, the system shall have the capability to notify the suppliers Purchase User (logically find any one of them in case of multiple Purchase User). If the system does not found any Purchase User then the request should make VCS Admin as the approver of that request. The system should assign status Submitted.
Requirement Description
Users / Actors
All Suppliers Field name Supplier Code Mandat ory Yes Control Name String Max Length 20 Default Value Empty. Validation etc., 1. Check for max and min length. 2. Check for no entry of special character. 3. Should allow string and numerical. Non editable field. Supplier Organization name. If data does not load from master allow the user to enter the value. 1. Check for max and min length 2.Check for no entry of special character 3. Should allow string type not numerical.
Yes
String
50
User Name
Yes
String
100
Empty
Page 16 of 56
Email ID
Yes
String
60
Empty
Plant
No
String
50
No
String
50
Remarks
No
String
150
Empty
1. Check for max and min length 2 Check for entry of only @,. special character 3. Should allow string and numerical type. 1. Check for max and min length. 2.Check for no entry of special character 3. Should allow string and numerical. 4. Multiple selections allowed. 5. Dropdown auto populated based on the supplier code. 6. Should have an entry of All Plant 1. Check for max and min length. 2. Check for no entry of special character except -. 3. Should allow numerical. 1. Check for max and min length.
Business Rules
1. Supplier Email Id with supplier code should be Unique. 2. Based on the supplier code, plant will be auto populated from the database. 3. A request cannot be submitted if the supplier code does not exist in VCS system (Supplier detail are coming from Master). 4. A user cannot request for access if he/she already has access. 5. System should automatically assign the first approver of the supplier request as supplier coordinator. 6. The system shall have the capability to notify the suppliers coordinator for approval of the request from a user at that supplier. If there is no supplier coordinator for that supplier, the system shall have the capability to notify the suppliers Purchase manager (To find Purchase User group, find out the item supplied by the supplier and from Item master find out the Purchase User Group(s). If the system does not found any Purchase User Group then VCS Admin will be assigned has approver and mail will be send to set the approver. 7. Against the selected Purchase User group find out the search for Role of the user has BUYER/COMMODITY MANAGER (this value is set in configuration file), if found set that user as Approver for that request.
Page 17 of 56
8. If there is more than one approver, mail should send it to one of the approvers by logical means (who is having less pending task count), if he/she could not respond, admin can reassign the request to another approver. 9. VCS Admin cannot approve any request for external user. VCS Admin can assign any approver for that request. 10. One or more locations (Plant) can be selected by an external requestor.
Hard Warnings
1. 2. 3. 4. 5.
If all mandatory fields are not completed. If the requestor already has access to VCS System. If the requestor raised a duplicate request If the Supplier code not available in VCS. If the User provides data more than max length and less than minimum length. 6. When user enters not required special characters.
Soft Warnings
Nil.
Post Conditions
1. Status of Submitted is assigned to the request. 2. Mail should be sent to approver. 3. Change history should be created.
Email Notification
Assumption
System assumes that one supplier can have multiple supplier code and for each supplier code login, supplier has to make a separate request and got approved from the approver. For a single supplier code, more than one supplier can raise access request, in such a scenario, supplier name and supplier e-mail id should be different, else system will not allow the user to raise the access request.
Change in History
1. 2. 3. 4.
Page 18 of 56
VCS Admin should be given flexibility to assign any approver for each request. Approver can approve or reject the request either by clicking the hyperlink in the mail or through search Access Request or through the Pending Task. When Approver approves the access request, system should create the user and necessary roles should be added and mail should be send to the requestor; with User ID (which will be the Email ID) and auto generated password. The system shall have the capability to assign Roles for internal users at an appropriate level e.g. global, one or more regions, one or more Business Unit, one or more plants, etc. based on the rules e.g. commodity director has global access while a senior Purchase User may have global or regional access. The status should be changed to Closed.. When the request is rejected, auto mail should be send to the requester with reason for rejection. The status should be changed to Rejected.. Change history will be updated accordingly. VCS Admin should be given facility to assign any other user as Approver for that request.
Users / Actors
Mandato ry Yes
Max Length 6
Validation etc., 1. Auto generated field. 1. Data to load from database. 1. Data to load from database. 1. Data to load from database. 1. Data to load from database. 1. Data to load from database. 2.Check for max and min length 3.Check for no entry of special character
Yes
String
Yes
String
60
UI Fields Table
Email Id
Yes
String
60
User Name
Yes
String
100
Approver Name
Yes
String
50
Page 19 of 56
4. Should allow string type not numerical. 5. Look up of Approver(s) only for VCS Admin. On selecting the Approver, new value should replace the old value. Purchase Groups User Role(s) Yes String 50 Disable d Disable d Disable 1. Data to load from database. 1. Data to load from database. 1. Data to load from database. 1. Data to load from database. 2. Data to filter based on previous selection. 1. Data to load from database. 2. Data to filter based on previous selection. 1. Data to load from database. 1. Data to load from database. 1. Data to load from database. 1. Check for max and min length. 2. When request is rejected the comments is a mandatory field.
Yes
String
50
Region
Yes
String
50
Country
Yes
String
50
Disable
Plant
Yes
String
50
Disable
Reporting Manager Name Reporting manager email-Id Contact Phone Reason Comments /
Yes
String
50
Disable
Yes
String
60
Disable
No
String
20
Disable d Enable d.
Yes/No
String
150
Business Rules
1. On Accepting the request, user and user roles should be added into the system. 2. On rejecting the request, the user should enter the reason for rejection. 3. On assigning the approver, the mail should send to the approver with the request details. Assign button should be enabled only for VCS Admin for which the request belongs to him. 4. VCS Admin should be given flexibility to assign any approver for the requests assigned to him/her. 5. VCS Admin cannot edit the Approver Name directly in the text box. Admin
Page 20 of 56
should use lookup feature to assign the same. 6. Mostly VCS Admin should reassign the Approver for a request, in extreme cases can approve the request, in that case information mail should be send to concern approver. 7. By default all countries should be populated. The values in the drop down for Country are dependent on the selection of Region. 8. By default all plants will be populated. The values in the drop down for Plant are dependent on the selection Region and country.
Hard Warnings
1. User should enter the reason for rejection when they are rejecting the request in the remarks field. 2. If the User provides data more than max length and less than minimum length. 3. When user enters not required special characters.
Soft Warnings
None
For approved requests: 1. Status changed to Closed. 2. Add the users into VCS database with user ID as the e-mail address or Employee ID will be fetch from VCS database and set as User ID. 3. Assign the user to appropriate Role. 4. Send an electronic notification to the user with the user ID and password. 5. Change history to be created. Post Conditions For rejected requests: 1. Status changed to rejected. 2. Send an electronic notification to the requestor, reason for rejection. 3. Change history to be created. For Assigning: 1. Send an electronic notification to the Approver. 2. Change history to be created.
Email Notification
1. When the request is rejected; includes reason for rejection in the message. 2. Send User ID and password if and when the request is approved. 3. Send request details to Approver on assigning. 4. When the VCS Admin approved any request other than the request pertaining to him, the approver will be notified. 5. The mail content should be set in the configuration file.
Assumption
None
Change History
in
1. 2. 3. 4.
Page 21 of 56
Reference Look up
The supplier coordinator or Purchase User shall have the capacity to approve or reject a request. Approver can approve or reject the request either by clicking the hyperlink in the mail or through search Access Request or through the Pending Task. When Approver approves the access request, system should create the user and necessary roles should be added and mail should be send to the requestor; with User ID and auto generated password. When the supplier request is approved, it should check whether the any user belongs that supplier is already approved. If no user is approved, then the system should automatically assign this user as Supplier Coordinator to facilitate approval of any other users belongs to that same supplier. When the request is rejected, auto mail should be send to the requester with reason for rejection. The status should be changed to Rejected.. Change history will be updated accordingly. VCS Admin should have the facility to approve any access request (through search access request). If VCS Admin approves the request, then the system should send the mail to the approver of that request also. VCS Admin should be given flexibility to assign any approver for the requests assigned to him/her
Requirement Description
1. For Internal Request For approved requests: Status changed to Closed. Add the users into VCS user database with user ID as the e-mail address or Employee ID will be fetch from VCS database and set as User ID. Assign the user to appropriate Role(s). Send an electronic notification to the user with the user ID and password. Change history to be created. For rejected requests: Status changed to rejected. Send an electronic notification to the requestor, reason for rejection. Change history to be created. 2. For External Request For approved requests: Status changed to Closed.
Page 22 of 56
Add the users into VCS database with user ID as the e-mail address. Assign the user to appropriate Role(s). Send an electronic notification to the user with the user ID and password Change history to be created.
For rejected requests: 1. Status changed to rejected. 2. Send an electronic notification to the requestor, reason for rejection. 3. Change history to be created.
Users / Actors
Mandato ry Yes
Max Length 6
Validation etc., 1. Auto generated from database 1. Data to load from database. 1. Data to load from database. 1. Data to load from database. 1. Data to load from database. 1. Data to load from database. 1. Data to load from database. 2.Check for max and min length 3.Check for no entry of special character 4. Should allow string type not numerical. Look up of Supplier(s) only for VCS Admin. 1. Data to load from database.
Request Status Supplier Code Supplier Name User Name UI Table Fields Email Address Approver Name
Yes
String
Yes
String
20
Yes
String
50
Yes
String
100
Yes
String
60
Yes
String
50
Contact Phone
No
String
50
Disable d
Page 23 of 56
Reason / Comments
Yes/No
String
150
1. Check for max and min length 2. When request is rejected the comments is a mandatory field.
Business Rules
1. On Accepting the request, user and user roles should be added into the system. 2. On rejecting the request, the user should enter the reason for rejection. 3. When VCS Admin approves the request, the approver should be notified. 4. Approver Name should be an editable field, if approver is a person not specified in the approver field then he/she should update this field and submit.
Hard Warnings
1. User should enter the reason for rejection when they are rejecting the request. 2. If the User provides data more than max length and less than minimum length. 3. When user enters not required special characters.
Soft Warnings
None
For approved requests: 1. 2. 3. 4. 5. Post Conditions Status changed to Closed. Add the users into VCS database with user ID as the e-mail address. Assign the user to appropriate Role(s). Send an electronic notification to the user with the user ID and password Change history to be created.
For rejected requests: 1. Status changed to rejected. 2. Send an electronic notification to the requestor, reason for rejection. 3. Change history to be created. For Assigning: 1. Send an electronic notification to the Approver. 2. Change history to be created.
Email Notification
1. When the request is rejected, mail will be sent to requestor with the reason for rejection in the message. 2. When the request is approved, send the User ID and password. 3. Mail to approver, when the request is assigned to any other approver. 4. When the VCS Admin approved any request other than the request pertaining to him, the approver will be notified. 5. Mail content to be set in the configuration file
Assumption
None
Change History
in
1. 2. 3. 4.
Page 24 of 56
Reference / Look up
The VCS Administrator/Approvers shall have the capacity to search and view requests for status. Supplier coordinator can search only their supplier access request. Approver can search for the requestor based on the following criterias: Access Request Id, Approver name, Requestor Unique Id, Type (Internal/External), Supplier Code, Request From Date, Request to Date, Region, Plant. If the user search with Access Request Id, then it should open the Access Request in view screen.
Requireme nt Description
Users Actors
VCS Administrators VCS Approvers. Supplier Coordinator. Purchase Users Mandator y No Control Name String Max Length 20 Default Value Internal / External Validation etc.,
No
Integer
1. If Access Request is entered, other field should be disabled. Editable 1. Data to load based on the session login. VCS Admin should have privilege to look for Approver through Approver lookup. 1. User enterable or User lookup. 1. User enterable or Supplier lookup
No
String
60
User Id
No
String
60
Empty
Supplier Code
No
String
20
Empty
Page 25 of 56
No
Date
Empty
1. Check user enter date is in date format. 1. Check user enter date is in date format. To Date should be greater than from date.
No
Date
Empty
2.
Region
No
String
50
1. Data to load from database. 1. Based on the region, the respective country to be populated. 1. Data to load from database. 2. Data to be filter based on previous selection. 3. Based on the Region, all the plants to be populated. 4. Based on the Country, all the plants to be populated. 1. Data to load from database. Any of the following Submitted, Closed, and Rejected.
Country
No
String
50
Plant
No
String
50
No
String
50
Yes
String
50
Business Rules
1. By default all countries should be populated. The values in the drop down for Country are dependent on the selection of Region. 2. By default all plants will be populated. The values in the drop down for Plant are dependent on the selection Region and country. 3. If the Access Request Id is entered, all the other fields should be disabled. 4. Supplier can search only their users request alone.
Hard Warnings
1. 2. 3. 4.
If the Access Request Id is not available in the database. If the to date is less than from date. When user enters not required special characters. If the User provides data more than max length and less than minimum length.
Soft Warnings
None
1. Search results in a listing screen or Access Request View screen. Post Conditions 2. Details of the request can be viewed by the user by clicking on the hyperlinked request
Page 26 of 56
None
None
3. The VCS Admin / VCS Approver(s) / Supplier Coordinator / Purchase User shall have the capacity to search and view requests for status.
Mandator y No
Max Length 6
Default Value
Validation etc., 1. If Access Request is entered, other field should be disabled. 2. On clicking Access Request Id, it should take it to Access Request View Page. 1. Data to load from database. 2. Data to be filter based on previous selection. First Name Space Last Name should be concatenated. 1. Data to load from database. 2. Data to be filter based on previous selection. 3. Supplier code space Supplier Name should be concatenated.
No
String
User Name
No
String
100
Supplier (Should be visible only when the selection is made for external user only
No
String
50
Page 27 of 56
No
Date
Empty
1. Check user enter date is in date format. 1. Data to Load from database based on the session login. 1. Data to Load from Database. 2. Should have hyperlinked to display Access Request History screen.
No
String
100
No
String
20
Business Rules Hard Warnings Soft Warnings Post Conditions Email Notification Assumptio n Change in History
None
None
None
None
None
None
Reference Look up
Requirement Description
1. When the user clicks the hyperlink in the mail, the login page should be opened. 2. On entering the user Id and Password, this should validate the user Id and should redirect the user to the Access Request View Page if it is valid or it should throw an error message if it is Invalid. /
Users
Page 28 of 56
Actors
Mandator y Yes
Max Length 60
Default Value
Validation etc., 1.
Yes
String
10
Password masked.
should
be
Business Rules
Based on the logged user details with the Associate Request Id, it should check the request belong to that logged in user and if it does not belong to that logged in user it should through an error message or it should disable the Accept / Reject button. All the Business Rules pertaining to Access Request view page should be applicable.
Hard Warnings
If the User provides data more than max length and less than minimum length. If user provided invalid Login ID or Password. If mandatory fields are not provided.
None
None
Reference Look up
Requirement Description
Change history should display the changes made, status, modified user and modified date pertaining to the login user. By default the history should be sorted by descending order. If should capture the changes in a separate row and mail notification in a
Page 29 of 56
separate row.
Users Actors
Mandator y Yes
Max Length 20
Default Value
Validation etc.,
Yes
String
200
UI Fields Table
Date
10
Modified User
String
50
Business Rules Hard Warnings Soft Warnings Post Conditions Email Notification Assumption Change in History
Change history should be sorted by descending order. Change description should be available from database
Pending Task
1. Business Requirement-RAS-09 2. Prototype. 1. Based upon the logged in user, count of all the pending access requests for the logged in user should be populated in the home page. 2. On clicking the hyperlink, this should navigate the user to the Access request
Page 30 of 56
listing screen.
Users Actors
Mandator y
Control Name
Max Length
Default Value
Business Rules Hard Warnings Soft Warnings Post Conditions Email Notification Assumption Change in History
None None
None None
Reference Look up
Requirement Description
By default all the roles should be listed and user should be given provision to add/edit/delete. If the users are already mapped to any roles, then the roles should not be deleted. Role Id should not be editable.
Users Actors
VCS Administrators
UI Fields Table
Mandato ry Yes
Max Length 6
Validation etc., 1.Check for max and min length 2.Check for no entry of
Page 31 of 56
special character 3. Should allow only numerical Role Name 1.Check for max and min length 2.Check for no entry of special character 3. Should allow string type not numerical. If the users are already mapped to any roles, then the roles should not be deleted. Role Id should be system generated unique Id. Yes String 50 Empty
Business Rules
Hard Warnings
When we are deleting the roles, which is already mapped to any user. All Mandatory fields should be entered. If the User provides data more than max length and less than minimum length. When user enters not required special characters.
None Data saved to database. None None 1. Date & Time 2. Modified user
User Search.
Reference Look up
Requirement Description
System will help the admin to view the user with the following search criteria User ID. User Type. Region Plant Country Business Units Supplier Code User Name Roles
Page 32 of 56
Users Actors
VCS Administrators
Mandato ry No
Max Length 60
Validation etc., Admin can have option to have look Internal / External
User Type
No
String
20
Empty
Region
No
String
25
1. Data to load from database. 1. Data to load from database. 2. Data to be filter based on previous selection. 1. Data to load from database. 2. Data to be filter based on previous selection. 1. Data to load from database. Empty
Country
No
String
25
No
String
25
No
String
50
No
String
20
No
String
50
Empty
Roles
No
String
50
No
String
50
If user enters, User ID, all other fields to get disable and upon clicking search, user will be moved to Role Management instead of User listing. By default all countries should be populated. The values in the drop down for Country are dependent on the selection of Region. By default all plants will be populated. The values in the drop down for Plant are dependent on the selection Region and country
Hard Warnings
When user enters not required special characters. If the User provides data more than max length and less than minimum length.
Page 33 of 56
None
None None
Reference Look up
Requirement Description
System will display the following details in the user listing screen User Id User Name Business Units Location User Contacts/Phone Roles VCS Admin can edit and delete (soft delete) a user in this result page.
Users Actors /
VCS Administrators
Field name User ID / Email Id User Name UI Fields Table Business Unit
Mandator y
Max Length 60
Default Value
Validation etc., 1. Data to load from database. 1. Data to load from database. 1. Data to load from database. 1. Data to load from database.
String
100
String
50
Location
Page 34 of 56
Roles
String
50
Contact Number
Phone
String
50
Business Rules
1. User Id should be hyperlinked. On clicking the user Id, it should navigate the user to the user roles management screen. 2. Header should display the selected search fields. 3. Admin have a provision to delete the user. User deletion should be logical delete. 4. When user is deleted Status field in database to be updated to Inactive status from Active Status.
Hard Warnings Soft Warnings Post Conditions Email Notification Assumption Change in History
None
None
None None
Requirement Description
1. By default all the roles for the selected user should be listed with the following details - Role Name - Region - Plant - Country - Business Unit 2. VCS Admin should have a provision to add one or more roles to the user. 3. VCS Admin can edit/delete the exiting roles.
Users Actors
VCS Admin.
Page 35 of 56
Max Length 50 50
Default Value
Validation etc., 1. Data to load from database. 1. Data to load from database. 1. Data to load from database. 2. Data to be filter based on previous selection. 1. Data to load from database. 2. Data to be filter based on previous selection. 1. Data to load from database.
Yes
String
50
Yes
String
50
Business Units
Yes
String
50
Business Rules
By default all Internal Users are mapped with All Internal user Roles and all Suppliers are mapped to All Suppliers. These roles cannot be deleted. User Information should be displayed on Header. By default all countries should be populated. The values in the drop down for Country are dependent on the selection of Region. By default all plants will be populated. The values in the drop down for Plant are dependent on the selection of country
Hard Warnings Soft Warnings Post Conditions Email Notification Assumption Change History in None
None
None
Program Listing
Page 36 of 56
Look up
VCS Admin can view all Programs entry and further perform edit and delete.
VCS Administrators.
Mandato ry Yes
Max Length 50
Default Value
Validation etc., 1. Data to load from database. 2. Data to be filter based on previous selection. 1. Data to load from database. 2. Data to be filter based on previous selection. 1. Data to load from database. 2. Data to be filter based on previous selection. 1. Data to load dynamically based on previous entries.
Screen Name
Yes
String
50
UI Fields Table
Screen/Object Description
Yes
String
50
Parent Application
Yes
String
50
Yes
String
75
Empty
Business Rules
1. 2. 3. 4.
Program name and Application Name should be unique. Provision to edit and delete existing Programs. On deleting, it should ask for a confirmation message. Program details will be added by batch process.
None
None
None
None
None
Page 37 of 56
Change History
in
Search Program
VCS Administrators.
Field name Application/ Module Name Screen Name UI Fields Table Screen/Object Description
Mandato ry No
Max Length 50
Default Value
Validation etc., 1. Data to load from database. 1. Data to load from database. 2. Data to be filter based on previous selection. 1. Data to load from database. 2. Data to be filter based on previous selection.
No
String
50
No
String
50
Business Rules Hard Warnings Soft Warnings Post Conditions Email Notification Assumption
None
None
None
None
None
Page 38 of 56
Change History
in
Reference Look up
Requirement Description
The VCS Administrator shall have the capacity to create, edit and delete functional groups.
Users Actors
VCS Administrators
Field name Functional Groups code UI Fields Table Functional Groups desc
Mandatory Yes
Max Length 6
Default Value
Validation etc., 1.Check for max and min length 2.Check for no entry of special character 3. Should allow only numerical 1.Check for max and min length 2.Check for no entry of special character 3. Should allow only string.
Yes
String
50
Business Rules
a. By default all the functional groups should be populated. b. If functional Groups are already mapped to program, then it should not allow the user to delete. c. If functional Groups are already mapped to Security groups, then it should not allow the user to delete. d. User should not create 2 functional Groups with the same name.
Hard Warnings
If all mandatory fields are not completed. When user enters not required special characters. If the User provides data more than max length and less than minimum length
None
Page 39 of 56
None None
Reference Look up
VCS Admin can map the Application Functional Groups to User Roles. More than one Role can be mapped to Application Functional Groups. Field name Role Name Functional Group Name
VCS Administrators Mandatory Yes Control Name String Max Length 50 Default Value Validation etc., 1. Data to load from database. 1. Data to load from database.
UI Fields Table
Yes
String
50
Business Rules
By default all the mapped Roles and the functional group name should be listed. User should be given a filter to search with Roles. More than one Role shall be mapped to same functional Groups. One Role shall be mapped to more than one functional Groups.
Hard Warnings Soft Warnings Post Conditions Email Notification Assumption Change in
If same functional Group and Role is mapped again. If all mandatory fields are not completed.
None
None None
Page 40 of 56
History
1. 2. 3. 4.
Application security
Reference Look up
Requirement Description
VCS Administrator should map the Application Functional Groups to Application Programs. More than one functional Group can be mapped to same program. One functional group can be mapped to more than one program.
Users Actors
VCS Administrators
Mandatory Yes
Max Length 50
Default Value
Validation etc., 1. Data to Load from database. 1. Data to load from database. 2. Data to be filter based on previous selection. 1. Data to load from database. 2. Data to be filter based on previous selection.
Yes
String
50
UI Fields Table
Yes
String
50
Business Rules Hard Warnings Soft Warnings Post Conditions Email Notification If all mandatory fields are not completed.
None
None
Page 41 of 56
None
REG&SEC-19
Login Page
Reference Look up
Requirement Description
The User login to the system with login and password. System should allow User to enter User Id and password. Authentication details will be encrypted and also stored in the database in the encrypted format only. Validation can be done with encrypted text contents and authentication credentials should not be available in decrypted format. On first time user login to VCS system, User will be advised to change password by redirecting to change password page.
Users Actors
VCS Administrators Mandato ry Yes Control Name String Max Length 60 Default Value Validation etc., 1.Check for max and min length 2. Check for no entry of special character except @ and . 1.Password should be masked. 2. Check for max and min length
Yes
String
10
Business Rules
1. 2. 3. 4. 5.
Password should be masked. Link to raise Access Request. Link to forget password page should be provided. Contact us page should be provided. System is enabled with Form authentication on expire of session; user should be redirected to login page.
Hard Warnings
1. 2. 3. 4.
Invalid Login details whether the user id or password is Invalid. If all mandatory fields are not completed. When user enters not required special characters. If the User provides data more than max length and less than minimum length
Page 42 of 56
Soft Warnings
None
Post Conditions
1. This should take the user to Main Page on successful. 2. All the Session variables to be set on successful. 3. If all mandatory fields are not provided.
None
None
Change Password
Reference Look up
Requirement Description
System should allow User to change the password on need, User will be redirected to change password page on first time login and on initiating forget password based on configuration settings.
Users Actors
VCS Administrators
Mandator y Yes
Max Length 10
Default Value
Validation etc., 1.Password should be masked. 2. Check for max and min length 1.Password should be masked. 2. Check for max and min length 1.Password should be masked. 2. Check for max and min length
New Password
Yes
String
10
Confirm Password
Yes
String
10
None
If all mandatory fields are not completed. When user enters not required special characters.
Page 43 of 56
If the User provides data more than max length and less than minimum length
None
None
None
Forget Password
Reference Look up
Requirement Description
Forget password will be available outside the system security boundary. System should have provision for recovery of forget password by User. On click of forget password by the user, the system will post by email auto generated password. Auto Email is send to VCS Admin. On login, User will be advising the user to change password based on configuration settings.
Users Actors
All Internal Users All External Users Mandatory Yes No Control Name String String Max Length 60 10 Default Value Validation etc., 1. Check for max and min length
Check with database whether valid User ID. On valid User ID, auto generated password will be send to User and database will be updated with new auto password against this User ID.
Hard Warnings
If User ID is not provided. When user enters not required special characters.
Page 44 of 56
If the User provides data more than max length and less than minimum length
None
Auto generated password is send to requested User Informative emails send to VCS Admin.
None
Add/Edit Announcements
Reference Look up
1. Business Requirement RAS - 22 2. Prototype Provision to add announcements with the following details 1. Announcements title 2. Announcements description 3. Roles 4. Business Units 5. Region 6. Country 7. Plant 8. Publishing Date 9. Expiration date 10. Attachments
Requirement Description
Users Actors
VCS Administrators
Default Value Empty Empty Data to load from database Data to load from Database
Validation etc.,
UI Fields Table
Business Unit
No
String
50
Page 45 of 56
Region
No
String
50
Country
No
String
50
Plant
No
String
50
Data to load from Database Data to load from Database Data to load from Database
Attachment
No
BLOB
Yes Yes
Date Date
20 20
Empty Empty
Data to be filter based on previous selection. Data to be filter based on previous selection. 1. Multiple attachments to be saved in file server. 1. Should accept future date 1. Expiration Date should be greater than Publishing date.
Business Rules
1. Announcements are created and saved for future date. 2. Announcement description should be a word control to edit and style the content (Optional). 3. Attachment should be stored in the file server and should be available for download later. File server path will be taken from configuration file. 4. By default all countries should be populated. The values in the drop down for Country are dependent on the selection of Region. 5. By default all plants will be populated. The values in the drop down for Plant are dependent on the selection of country
Hard Warnings
1. When mandatory fields are not provided 2. When user enters not required special characters. 3. If the User provides data more than max length and less than minimum length
None
None
None
Search Announcements
Page 46 of 56
Reference Look up
Requirement Description
Provision to search announcements 1. Announcement Title 2. Roles 3. Business Units 4. Region 5. Country 6. Plant 7. Date
Users Actors
VCS Administrators
Mandatory No No
Max Length 50 50
Default Value Empty Data to load from database Data to load from Database Data to load from Database Data to load from Database Data to load from Database Empty Empty Data to load from Database
Validation etc.,
Business Unit
No
String
50
No
String
50
Country
No
String
50
Plant
No
String
50
No No No
20 20 20
Business Rules
1. By default all countries should be populated. The values in the drop down for Country are dependent on the selection of Region. 2. By default all plants will be populated. The values in the drop down for Plant are dependent on the selection of country.
1. When user enters not required special characters. 2. If the User provides data more than max length and less than minimum length
None
None
Page 47 of 56
None
None
None
Announcements result
Reference Look up
Based on the search criteria announcements listing will be populated. 1. 2. 3. 4. 5. 6. 7. 8. Announcements title Announcements description Roles Business Units Region Country Plant Status
Requirement Description
Users Actors /
User can edit/ delete the announcement User should also provide with a link to add announcement.
VCS Administrators
UI Fields Table Business Rules Announcement Title will be a hyper link on click of which has to load the Announcement Listing.
None
None
Page 48 of 56
Notification
None
None
Announcements Listing
Reference Look up
Requirement Description
1. Announcements Lists all the top 5 latest announcements based on the user profile. 2. More links (Bread-crump) should be provided and on clicking it should take the user to Announcements listing screen.
Users Actors
VCS Administrators
UI Fields Table Business Rules Hard Warnings Soft Warnings Post Conditions Email Notification Assumption Change History in
Title Description
None
None
None
None
Page 49 of 56
REG&SEC-26
User Profile
Reference Look up
Requirement Description
1. Following user information should be displayed User Name User Email-Id Location Contact Phone Number Roles Business Units Language 2. For Suppliers the following information should be displayed. User Name User Email-Id Supplier code Supplier Name Phone Language
Users Actors
UI Fields Table Business Rules Provision should be given user to update his phone number. User can select a language option default language setting will be English.
Hard Warnings
When user enters not required special characters. If the User provides data more than max length and less than minimum length.
None
None
None
None
Page 50 of 56
3.27 Menu
RequirementId Short Desc / Screen Name REG&SEC-27
Menu
Reference Look up
Requirement Description
System should have main page which has navigation menus for the User to move to specific location of the application Use to create breadcrumb. Menus should appear based on the user roles.
Users Actors
VCS Administrators.
Field name Screen Label Program ID UI Fields Table Screen Path Order Parent
Default Value
Validation etc., 1. Check for max and min length 1. Check for max and min length 1. Check for max and min length
Business Rules Hard Warnings Soft Warnings Post Conditions Email Notification Assumption Change History in
None
None
None
None
Page 51 of 56
REG&SEC-28
Main Page
Reference Look up
Requirement Description
This page we will integrate the following features and controls o Menu o Top Navigation Bar o Announcements o My Task o User Profile o Change Password o Forms download. o Logout All transaction pages are accessed by Internet through secured port. While the in Intranet environment it will be under firewall control.
Users Actors
VCS Administrators
UI Fields Table Business Rules Hard Warnings Soft Warnings Post Conditions Email Notification Assumption Change in History On click of Logout button, all user session details should be killed.
None None
REG&SEC-29 - 1
Page 52 of 56
Look up
Requirement Description
If the Access Request is not approved in a week, then the reminder mail notifications will be sent to the Approver everyday. Mail should have a hyperlink and on clicking the link, we should navigate to Access Request listing screen. Mail should have the count of Pending Access Request. Should have facility to configure the batch frequency, time duration (week after the request date).
Users Actors
VCS Administrators
UI Fields Table Business Rules Hard Warnings Soft Warnings Post Conditions Email Notification Assumption Change History in
None
None
None
None
None
None
REG&SEC-29 - 2
Requirement Description
If the Access Request is not approved within 15 days then the Access Request should be escalated to VCS Admin, with a copy to Approver. Mail should have a hyperlink and on clicking the link, we should navigate to Access Request listing screen. Mail should have the count of Pending Access Request. Should have facilitated to configure the batch frequency, time duration (week after the request date).
Page 53 of 56
Users Actors
VCS Administrators
UI Fields Table Business Rules Hard Warnings Soft Warnings Post Conditions Email Notification Assumption Change History in
None
None
None
None
None
None
REG&SEC-30
Authentication Component
Requirement Description
The User login to the system with login and password. System should allow User to enter User Id and password. Authentication details will be encrypted and also stored in the database in the encrypted format only. Validation can be done with encrypted text contents only and authentication credentials should not be available in decrypted format.
Users Actors
NA
None
NA.
Page 54 of 56
Hard Warnings Soft Warnings Post Conditions Email Notification Assumption Change History in
None
None
None
None
None
None
REG&SEC-31
Authorization Component
Requirement Description
Once the Authentication is through, Based on the user roles, the objects related to the logged in user will be identified. All the session informations should be set. If User tries to manipulate the link and try to access the VCS system, the component has to block the user to further process and he/she should be redirected to login page. The component should also bind the role with menu like hide and show etc /
Users Actors
NA
UI Fields Table Business Rules Hard Warnings Soft Warnings Post Conditions Email Notification Assumption
None
NA
None
None
NA
None
Page 55 of 56
None
Page 56 of 56