mercredi 5 août 2015

System for Permission / Access Control Tracking (PHP+MYSQL based)


Have searched the web extensively, but no luck in this domain. Basically I have a simple requirement, currently when a user at our company requires System Access / E-Mail / Internet Access / Etc. they have to fill out a form, get the relevant authorized signatories and then send it to the IT Department for processing, in which we then mark who has completed that job and file it. This is a very old-school and manual system in my opinion and im looking for a "Paperless method" based on PHP and MYSQL, hosting this on a seperate web server to address this concern. So a few aspects I thought about this;

  • Need to develop a form to capture the user's requirements (by navigating to an url)
  • After the user submits, we (IT Department) need to assign an senior staff member of that department to authorize the permissions / request online.
  • Thats IT! Of course we will need audit trails to track who did what and when, as well as a place to search for a user based on their name or at least their employee number (which will make mandatory in the form), a way to backup and restore the database and a section to create users as well as authorized senior management who will be doing the approvals.
  • If we can get a system to upload the scanned form (as a picture) additionally, to be saved in the db as well, that would be an added advantage as well as being able to configure an SMTP server to enable notifications.
  • Prefer (but not mandatory) if the web app has security in mind, so that its not vulnerable to XSS, SQL Injection, etc.

I'm surprised that with all the talented developers we have out there, no one has come up with an open source (php and mysql based) system readily available, so thought we could develop such a system as it would prove to be very useful to almost all companies big and small. I have looked into role-based access control and Identity Access Management but both those are not applicable, too advanced or over-kill for the task at hand.

Anyone familiar with a solution or can develop one, please let me know so that the whole community can benefit from this.



via Chebli Mohamed
Publié par à
Libellés :

Aucun commentaire:

Enregistrer un commentaire

Inscription à : Publier les commentaires (Atom)