Background

As part of refining user access and permissions within TDP, we are introducing a new set of regional users with ACF email domains who will be able to select the regions they are responsible for when requesting access, ensuring they only interact with relevant data. Currently, the system does not differentiate between regions, which could lead to confusion or inappropriate access to unrelated data. To address this, regional users will be presented with checkboxes to select one or more regions, defining their scope of access. Additionally, regional users will receive email notifications when their access is requested, approved, or denied, improving communication and transparency. This solution will also involve updates to the user model to allow multiple region selections and the possibility of null STTs for regions with no available data, as well as changes to the permissions model to align with roles like the Data Analyst to ensure consistent access control.

Acceptance Criteria

• When a user with an ACF email domain, they should be presented with the region checkboxes
• Regional user is emailed when access is submitted, approved, and/or denied.
• The regional user must select 1+ region(s).
• DAC should allow regional user with null STTs if region is selected.
• Testing Checklist has been run and all tests pass
• README is updated, if necessary

Tasks

• Create "central vs. regional" checkboxes
• Update email triggers
• Update the user model to allow for multiple region select and null STTs
• Update the role permissions (similar to Data Analyst role)
• Run Testing Checklist and confirm all tests pass

Supporting Documentation

• Requested Email Template
• Request Approved Email Template