User Access & Identity Management — business view

Technical trace: User Access & Identity Management

1. Business Summary

A single login lets each person access the work assigned to them across one or more brands, with the ability to substitute for a colleague when authorized, recover their password, and self-onboard via external forms (e.g., recruitment).

2. Business Value

Protects confidential commercial, financial, and personal data while letting a large distributed workforce operate across web, mobile, and connected tools.

3. Users / Stakeholders

Sales agents, account managers, project managers, vendor managers, finance, freelancers/agencies, candidates, system administrators.

4. Workflows

  • Standard login. A user enters credentials. The system identifies them, recognizes which brands they belong to, restores their language/timezone/theme, and links their session to ownCloud and (optionally) the TMS.
  • Trigger: User submits the login form.
  • Result: Authenticated session with brand/role/entity context.
  • Exception: Resigned users are blocked.
  • Login-as / on-behalf. An authorized user (e.g., a manager covering for a PM) can substitute for another user. The system keeps both identities so that audit can show "who did what on whose behalf".
  • Password reset. A token-bearing email lets the user set a new password.
  • Self-service onboarding via Cognito Forms. Candidates submit web forms; the system creates Contact/Resource/Candidate records and stores their CV/certificates.

5. Sub-Features

  • Multi-brand single login (one credential, multiple personas).
  • Login-as / on-behalf substitution.
  • Password reset token flow.
  • ownCloud credential propagation for shared file access.
  • Cognito Forms ingestion for recruitment.

6. Business Rules

  • One login can map to multiple users across brands; the user can switch persona within the session.
  • Substitution is recorded in both the original and effective identity.
  • The system grants admin override for users marked as administrators.

7. Data Entities

  • User — the operational person (links to brand, department, contact, picture).
  • Login — the credential record (login id, password hash, reset token).
  • Resource — the talent persona for vendors/freelancers.
  • Contact / Address / Country — used for timezone derivation.
  • Cognito log — audit of incoming form submissions.

8. Entry Points

  • Web login page; password reset page.
  • Mobile API login.
  • Cognito Forms webhook.

9. Inputs & Outputs

  • Inputs: credentials, reset tokens, web-form submissions, mobile API credentials.
  • Outputs: authenticated sessions, audit cookies, ownCloud credentials, recruitment records.

10. Integrations

  • Cognito Forms (recruitment).
  • ownCloud (file sharing).
  • TMS (feature-flag in session).

11. Calculations / Logic

  • Timezone derived from the user's contact address country.
  • Multiple personas resolved at login.

12. Status Lifecycle

  • Login: active / disabled / token-issued.
  • User: active / inactive / resigned.

13. Permissions

  • Administrators manage users and logins.
  • "Admin" flag bypasses many access checks.

14. Reports & KPIs

  • Last-login per user.
  • Recruitment-form submission counts.

15. Risks & Observations

  • Password copies stored in browser cookies (replay risk).
  • Password-reset tokens never expire.
  • No multi-factor authentication observed.
  • Brand-switching within a session is not audited.
  • Cognito flow has hard-coded manager assignments per form (operational shortcut, brittle).

16. Source Code Evidence

  • app/Controller/UsersController.php, LoginsController.php.
  • app/Controller/CognitoController.php.

← Deep dives index