Authentication and Authorization module user stories

As a user I want the module to have a set of permissions including read, write, execute and ownership.

As a user I want the module to have a set of entities including tables, columns, rows and screens.

As a user I want the module to have a structure containing users and groups. Users can be part of groups. Both can have permissions on entities. If multiple permissions apply to an entity the narrower ones override the broader ones.

As a user I want to be able to change permissions (grant, revoke) for the entities I own. The permissions are strictly limited to the entity. No information from linked entities will show up if permissions have not been given.

As an administrator I want to be able to manage users and groups.

As an administrator I want to have the possibility to forward permissions from an entity to others.

As a public user I want to see all the entities I am entitled to see without logging in.

As an investigator I want to be able to share the permissions on all entities belonging to my investigation with other users or groups.