Add Database Schema for Managing Edit Restrictions on Hybrid User Roles and Shared User Associations

[BimsaraBodaragama]

Description

The need for this feature arises from the requirement to share the parent organization's user with its sub organizations based on resource sharing policies.

Is your feature request related to a problem? Please describe.

Currently, there is no support for managing restricted edit operations for hybrid user roles or shared user associations. This limitation leads to:

• Inability to enforce granular edit permissions for hybrid roles or shared users.
• Difficulty in maintaining organization-specific edit restrictions.
• Lack of a structured approach to manage and track edit restrictions dynamically.

Describe the solution you would prefer

Introduce schema enhancements to:

• Add UM_EDIT_RESTRICTION to UM_HYBRID_USER_ROLE and UM_ORG_USER_ASSOCIATION to define edit restrictions with default values.
• Create a table, UM_HYBRID_USER_ROLE_RESTRICTED_EDIT_PERMISSIONS, to manage restricted edit operations for hybrid user roles.
• Create a table, UM_SHARED_USER_RESTRICTED_EDIT_PERMISSIONS, to manage restricted edit operations for shared user associations.
• Ensure schema compatibility across all supported databases, with cascading delete support and foreign keys for referential integrity.

Additional context

This schema will:

• Provide fine-grained control over edit operations for hybrid user roles and shared associations.
• Simplify the enforcement of organization-specific restrictions dynamically.
• Ensure secure and consistent handling of restricted edit permissions across the system.

Version

7.1

[BimsaraBodaragama]

You can track the PR here.