Authorization Characteristics (Associations)
The I2A2 authorizer DBM supports authorization tests by maintaining a set of associations with every PUID. The associations
are called characteristics.
A characteristic describes something associated with the PUID or the person identified by the PUID. Most characteristics
are derived from official University records, but there are provisions in I2A2 for establishing
private characteristics
Some examples of characteristics derived from University records include student or employee status, and course enrollment.
Lifetime of a Characteristic
A characteristic number lasts forever. Once assigned to a characteristic, it will never be re-assigned to another, even
though the characteristic itself may become deprecated.
When a characteristic becomes deprecated -- e.g., for a course that has been dropped from the University academic catalog --
its number will never be re-used for another course. Its name will be set empty and attempts to use its characteristic number
will return an error with the explanation that the characteristic is no longer valid.
Characteristic Names, Numbers and Macro
When characteristics are tested they are usually identified by number. They may be identified by a name, although names are
long, hard to type, and must be enclosed in double quote ('"') marks. They may also be identified by pre-defined macros.
Some examples of their use may be found with the detailed explanation of
Boolean expressions.
Characteristic Values
The value of a given characteristic for a specific PUID is either true, the characteristic is associated with the PUID; or
false, the characteristic is not associated with the PUID.
These true or false values, often called Boolean values, are suitable for using as operands in logical
Boolean expressions, also called
characteristic expressions. The expressions can combine Boolean values in tests that involve complicated combinations of or,
and, and negation.