Post on 21-Jan-2018
transcript
DG Systems, CBEC, New Delhi
CBEC-GST Application ACL Module
User Mapping
www.cbec.gov.in https://cbec-gst.gov.in
Introduction to
ACL Module
User
activation
User
mapping
request
Access to
CBEC-GST
Application
Topics for the session
All Departmental users of the application are Makers and ACL Admin (Comm admin) are Chekers.
Users request for Formation mapping, Transfer, Leave etc. in the application and ACL admin approves the same.
This system will effectively address the delay that happened in the mapping process earlier.
All department officers to check and confirm mapping done by ACL Admin to ensure that right formation and permissions are assigned.
Responsibility fixed for all officers with e-sign feature.
ACL Admin is not a profile but a permission set. Thus, any one can become ACL Admin in future. S
Importance of ACL for Department Officers
Introduction to ACL
Session-1
ACL authorizes users to use application as per their Roles and Responsibilities
ACL determines who has access to what data, and what actions user can perform on such data.
What is ACL Module?
Types of Users
Administrative users have the permissions to map SSOIDs to a formation/permission set
Admins can exist at various levels in the formation hierarchy, from All-India level all the way down to Divisional level.
India level (i.e., “India Admins”) will have the additional privileges to create/delete/edit formations, jurisdictions, permission sets
Other admins will only be allowed to do mappings
Normal users do not have the power to map users, but can just view their own mappings.
A normal user may request for additional charge etc. and a notification will be sent to the administrative user to process the same with required approvals.
Different Levels of Admin
INDIA ADMIN
ACL ADMIN -COMMISSIONERATE
ACL ADMIN - DIVISION
Concepts of Access Control Logic in CBEC GST Application
FORMATION JURISDICTION PERMISSION
Access Control Logic works on the basis of these three concepts:
CBEC has many verticals to handle different functions assigned to it.
Example
―Executive Setup( Field formations)
―Directorates ( Systems, DGGSTI, Audit, DRI etc., Appeal Commissionerates etc.,)
The functions of the verticals are unique and quite different and also the jurisdiction and individual Officers role.
In order to provide access to CBEC-GST software to the officers working in these verticals, in ACL Module a new concept has been introduced known as “Formation”.
Now the Officers of different verticals can be are mapped based on the Formation they are working.
CB
EC
Executive
Commissionerates
Directorates
Audit Commissionerates
Appeal Commissionerates
Non-CBEC Formations
Other CBEC Formations
Formation
Formation Mapping in ACL
Each officer is mapped to one or more field formations.L1
India
L2
(ex: Zone)
L3
(ex: Commte)
L4
(ex: Division)L4*
L5
(Ex: Range)
Ln (taxpayer)
i.e., GSTIN
Officer
Parent Formation Zone Commissionerate Division Type of Formation
Executive Setup Tamil Nadu Coimbatore Coimbatore -I Base Formation
Executive Setup Tamil Nadu Coimbatore (HQ) -Adjudication
AdditionalFormation
Executive Setup Tamil Nadu Coimbatore (HQ) -Statistics
AdditionalFormation
Example of Mapping to Multiple Formations
Parent Formation Zone Commissionerate Division Range Type of Formation
Executive Setup Tamil Nadu Coimbatore Coimbatore -I Range A Base Formation
Executive Setup Tamil Nadu Coimbatore Coimbatore – I -Refunds
AdditionalFormation
Executive Setup Tamil Nadu Coimbatore Coimbatore – I -RTI
AdditionalFormation
Additional Formations at Commissionerate Level
Additional Formations at Division Level
Jurisdiction is the functional area in which the Officer exercise his authority provided by the law.
The different veridical have different jurisdiction to execute the authority and it different Officer to officer.
The Officers of different verticals after mapping the “Formation” has to be assigned with “Jurisdiction”.
Executive
Zone
Commissionerate
Division
Range
Directorates
Zonal
Regional
Audit
Commissionerate
Circle
Group
Jurisdiction
Permissions are different set of privileges given to an officer to access and perform the allotted work in CBEC-GST software depending upon his functional powers as per law , formation and jurisdiction.
The officer can also now be assigned with Additional responsibility
Ex;
―ACL Admin
―Divisional Asst. Commr
―CPC Supdt
―CPC Inspector
―RSP
• Commissioner
• ADC/JC
• Hqrs AC/DVN-AC/DC
• Hqrs-Supdt/Range Supdt
• Inspectors
Executive Commissionerates
• Director General
• Addl. Director General
• ADDL/JD
• DD/AD
• Supdt / SIO
Directorates
• Commissioner
• ADC/JC
• Hqrs AC/DVN-AC/DC
• Hqrs-Supdt/Audit Supdt
• Inspectors
Audit
Permissions
Permission Mapping in ACL
And in each such formation, the officer has one or more permission sets.
L1
India
L2
(ex: State/Zone)
L3
(ex: Commte)
L4
(ex: Division)L4*
L5
(Ex: Range)
Ln (taxpayer)
i.e., GSTIN
Officer Permissions B, Permissions C
What is new to user in the ACL module ?
From the ACL Module itself, send request for the mapping and activation
Viewing the
―Base permission allotted in various modules
―TASK of other formations
Sending intimations to ACL Admin
―About transfer from a formation
―Addl. Charge request.
―Intimation about Leave/ out office
Mapping Request by the User
Session-2
In this session let us try under stand how to map in the ACL module:
―Do you have your SSO-ID?
―Which formation do you belong to?
―What is your Area of Operation (ZCDR)?
―What are your key Responsibilities in your current posting?
The new user request the ACL Admin to get access permission.( Offline work)
Access permission to software is given by the Saksham Team
User requests for mapping to a particular formation and permission
ACL Administrator of that formation receives a notification
If ACL Administrator approves, user is mapped now to the formation
User notified of mapping
Advantages:
―Long delays in mapping eliminated
―Onus is on user to raise a request and ensure timely mapping.
First time user: Workflow
Request for
mapping to CBEC-
GST Application
through ACL Admin
Mapping to a
Commissionerate
and application by
SI
Request for the
formation and
permission by the
user
Mapping of the
user by ACL Admin
Checking for the
proper mapping
Steps involved for user mapping
Workflow
Tax Payer
Saksham Seva
Maps the user to
CBEC-GST software
intimates to All India
admin and ACL Admin
ACL Admin
Sends request to
Saksham Seva to Map
the user to CBEC GST
Software
User
Login to the CBEC-GST
Software. Sends
request through
software to map him to
the formation and
jurisdiction
Off line
saksham.seva@icegate.gov.in
User
ACL Admin
Maps the user to the
formation and
jurisdiction Views the request
status and starts
working
Opening screen
21
Ctrl+Alt+Del
Open IE Browser
Enter URL http://appstore.cbec.gov.in
Citrix login page
Application page
First time log in screen
Sending Formation Request –Screen-1
Step-2 –Selection of Formation Type
Step -3 Selection of Formation
Submission of request along with attachment, if any
Submission confirmation
Confirmation of submission
Check the submission status
Notification for the request made
Mapping the user by the ACL Admin
Session-3
Request lands to ACL Admin Dash Board
Initiating action –ACL Admin
Viewing the mapping request
Mapping the permission set
Check for the permission given
Confirmation
Approval of mapping
Reading the notification-Raised
Login to check mapping by ACL Admin
Session-4
ACL Menu
Dynamic menu after mapping the user to formation, jurisdiction and permission
Menu after grating the permissions
View request status
View the permissions
Transfer request
Additional Charge request-Select the formation
Leave and Out of office
Leave requests
Basics of ACL Module
How to activate the user for CBEC-GST Application
Sending mapping request to ACL Admin by user after first time
login
Mapping the user by ACL Admin for formation, jurisdiction and
permissions,
Sending transfer request/additional charge / leave intimation to
ACL Admin
Recap
Difference Between ACES and CBEC GST
Session- 5
ACL - ACES vs GST
ACES CBEC-GST
Works for CDR only
SSOID mapped to a particular
Designation/Commissionerate offline (by
SI helpdesk)
SI performs on SSOID
creation/updation and gives authentication
to access the application including the
jurisdiction (Com’te)
Works for various verticals
SSOID along with all the details will be
created in SI. Authentication is done in SI
and Authorisation is done in GST
Differences (cont.)
ACES CBEC-GST
Only one officer of the same designation
can be mapped in the same CDR
jurisdiction
Officers of the same designation having
similar privileges (say DSR), cannot
perform concurrently at various formations
Many officers of the same designation
can be mapped in SZCDR formation. In
such cases, the workflow would happen
on round-robin-load balancing basis -
CPC officers
Officers of the same designation at
various formations CAN perform
concurrently
Differences (cont.)
ACES CBEC-GST
ACL Admin, i.e. COM ADMIN is a
profile. He/she cannot perform in any
other CDR formations, say in a Range
concurrently, since it would lead to
workflow conflicts.
Only Two Types of Administrators viz.
HQADMIN & COM ADMIN are available
ACL Admin, i.e. COM ADMIN is not a
profile. It is a Permission Set. He/she can
perform in any other CDR formations, say
in a Range besides Admin.
Many Administrators viz. INDIA ADMIN
at all India level and ACL ADMINs at State
/ Commissionerate, etc.
Differences (cont.)
ACES CBEC-GST
For every officer mapping, the admin
was selecting the list of transactions
manually, by creating duplicate roles and
role groups.
In GST , India Admin creates a standard
permissions set for all which is available
for mapping.
Differences (cont.)
ACES GST
One SSO ID couldn’t be mapped to
multiple formation and no additional
charge could be given.
Whenever, designation is changed,
access privileges are not altered in the
application automatically.
One SSO ID can be mapped to multiple
formation and additional charge also can
be given.
Whenever, designation is changed, the
permission set and the formation are
made as NIL automatically by GST
Application based on the inputs from SI
(SSO ID updation) dataflow.
Activity and Q&A
Session-5
During user mapping, permissions are mapped first. Later, each formation and jurisdiction is mapped based on the permission given. Agree or Disagree.
Only India Admins have the additional privileges to create/delete/edit formations - Agree or Disagree.
An ACL user has an option to change his formation in the application using the ‘Transfer’ feature. - Agree or Disagree.
Permission sets can also be created by ACL Admins in the application - Agree or Disagree.
Can Normal User prepone / advance his/her leave - Agree or Disagree.
Activity- Agree / Disagree
Thank You