# Membrane Roles ## User stories * The application starts with a list of admin agents (progenitors) * An administrator can assign a role to any agent (including the "Admin" role) * An administrator can unassign a role to any agent * A validation rule can check whether any agent had a certain role at any moment in time ## Entry relationship diagram ```mermaid graph LR subgraph paths all_roles -->|editor| all_roles.editor all_roles -->|admin| all_roles.administrator end subgraph agent_id all_roles.administrator --> alice_id all_roles.editor --> bob_id bob_id -->|agent_id->role_assignment| all_roles.editor alice_id -->|agent_id->role_assignment| all_roles.administrator end ``` ### Validation #### Entries * "path": * Create / Delete: valid if the author of the entry had the "Admin" role assigned at the time of creation or deletion * Update: not valid * "links": * Create / Delete: valid if the author of the entry had the "Admin" role assigned at the time of creation or deletion ### GraphQl schema ```gql type MembraneRole { name: String! members: [Agent!]! } extend type Query { allRoles: [MembraneRole!]! } extend type Agent { roles: [MembraneRole!]! } extend type Mutation { assignMembraneRole(roleName: String!, agentId: ID!): Role! unassignMembraneRole(roleName: String!, agentId: ID!): Role! } ```