Andrew Exercise

01_requirements.md

REQUIREMENTS

You need to design a programming module PERMISSIONS that would allow Caller to Grant a permission to a User.
Check if a User has a particular Permission.

Caller is an external system that uses our module (particularly it calls our API).

Permission is a user right to take an action or access a resource.
Permissions for resource access can be READ or WRITE.
For example, Caller can grant a permission ”reboot the server” (an example of action) OR write to a file “C:/readme.txt” (an example of resource) to a user Andrew.

Caller can grant Permissions directly to a User OR via Roles.
If Caller wants to grant Oermissions via Roles then Caller needs to register a Role, grant Permissions to the Role and then assign the Role to a User.

Caller can assign many Roles to a User.

As a note, our module (you are designing) doesn’t provide any dictionaries to Caller.
All objects (including Users) are created / managed by Caller. Our module provides ONLY functionality.

OUTCOME

NOTE: You don’t have to strictly use a specific programming language for the exercise.
You can use just a meta syntax that would give us an idea of your solution - we’re not going to compile it for sure :).

We would expect you to write module API (a list of functions with parameters) and design a database for the module.
A list of functions can look like this:

function AddEmployee(company, first_name, last_name, age): boolean;
function AddJob(company, first_name, last_name, age): boolean;
function IsEmployeeFired(employeeId): boolean;
...

If you want to pass an object as a parameter you can describe an object separately:

Class Company {
	String name;
	String address;
	Integer taxId;
}

Database design can be presented as a list of tables with most important fields (no need to define indexes, etc).
For example,

Table Companies {
	Id,
  	Name,
	Address,
	TaxId
}

Table Employees {
	Id,
	CompanyId, // this is a foreign key to Company
	FirstName,
	LastName,
	Job
}

02_database_design.md

03_class_structure.md

class User {
    String name;
    Array<Permission> Function permissions;
    Array<Role> Function roles;
}

class Role {
    String name;
    Array<Permission> Function permissions;
}

class Permission {
    String access;
    String resource;
}

04_module_functions.md

class Api {
    // USERS
    createUser(name, [permissionIds], [roleIds]) //POST /users
    getUser(userId) //GET /users/:id
    getUsers() //GET /users
    updateUser(userId, name) //PUT /users/:id
    destroyUser(userId) //DELETE /users/:id

    userHasPermission(userId, permissionId) //GET /users/:userId/permissions/:permissionId

    // PERMISSIONS
    createPermission(access, resource) //POST /permissions
    getPermissions() //GET /permissions
    getPermission(permissionId) //GET /permissions/:id
    updatePermission(permissionId, access, resource) //PUT /permissions/:id
    destroyPermission(permissionId) //DELETE /permissions/:id

    // ROLES
    createRole(name, [permissionIds]) //POST /roles
    getRole(roleId) //GET /roles/:id
    getRoles() // GET /roles
    updateRole(roleId, name, [permissionIds]) //PUT /roles/:id
    destroyRole(roleId) //DELETE /roles/:id

    // USER PERMISSIONS
    addUserPermission(userId, permissionId) //PUT /users/:userId/permissions/:permissionId
    getUserPermissions(userId) //GET /users/:id/permissions
    deleteUserPermission(userId, permissionId) //DELETE /users/:userId/permissions/:permissionId

    // ROLE PERMISSIONS
    addRolePermission(roleId, permissionId) //PUT /roles/:roleId/permissions/:permissionId
    getRolePermissions(roleId) //GET /roles/:id/permissions
    deleteRolePermission(roleId, permissionId) //DELETE /roles/:roleId/permissions/:permissionId

    // USER ROLES
    addUserRole(userId, roleId) //PUT /users/:userId/roles/:roleId
    getUserRoles(userId) //GET /users/:id/roles
    deleteUserRole(userId, roleId) //DELETE /users/:userId/roles/:roleId
}