Security, Roles & Audit¶
RBAC System (Szerepkor-alapu hozzaferes-vezerles)¶
HellaBooking implements role-based access control through 25 SystemFunctions mapped to user types via the SystemFunctionUserLink table.
Complete Access Matrix¶
| Function | Allowed User Types |
|---|---|
| BookingCalendar | Casual visitor, Club member, Trainer, Receptionist, Club manager, Janitor, Guest coach |
| Bookings | Receptionist, Club manager |
| Customers | Receptionist, Club manager |
| ClubConfiguration | Club manager |
| SeasonConfiguration | Club manager |
| TrainingPackages | Club manager |
| Trainings | Trainer, Club manager |
| UserMetrics | Trainer, Club manager |
| Financials | Casual visitor, Club member, Club manager |
| CustomerOrientation | Club manager, Technical |
| WifiRelays | Trainer, Receptionist, Club manager, Janitor |
| Queries | Receptionist, Club manager |
| Reports | Club manager |
| AdminOperations | Club manager |
| TrainingSummary | Casual visitor, Club member |
| CourseSubscription | Casual visitor, Club member |
| CampaignOffers | Receptionist, Club manager |
| News | Receptionist, Club manager |
| Groups | Receptionist, Club manager |
| VideoRecording | Casual visitor, Club member, Club manager |
| PurchaseCredit | Casual visitor, Club member |
| PurchaseTrainingCredit | Casual visitor, Club member |
| Subscription | (no active links observed) |
| UserAdmission | (no active links observed) |
| Tournaments | Casual visitor, Club member, Club manager |
Inaktiv funkciok (Inactive Functions)
Subscription and UserAdmission exist as system functions but have no active user type mappings. These may be reserved for future use.
Club User Management (Felhasznalok)¶
Navigate to Klub konfiguracio -> Felhasznalok (/Club/User) to manage internal club accounts.
Supported account types:
- Receptionist (Recepcios) -- booking and customer management
- Trainer (Edzo) -- training and attendance management
- Club manager (Klubvezeto) -- full administrative access
- Janitor (Gondnok) -- facility and relay management
- Technical (Technikai) -- system/technical support
Audit & Logging¶
Audit Log (Auditnaplo)¶
The AuditLog table tracks granular field-level changes with the following columns:
| Column | Purpose |
|---|---|
| AuditType | Type of change (insert, update, delete) |
| TableName | Affected table |
| TablePK | Primary key of affected row |
| ColumnName | Modified column |
| OldValue | Previous value |
| NewValue | Updated value |
Jelenlegi allapot (Current State)
The AuditLog table currently contains 0 rows. Audit logging infrastructure exists but is not yet actively populated.
Event Log (Esemenynaplo)¶
The EventLog table stores application events with EventCode and EventMessage fields.
Error Log (Hibanaplo)¶
The ErrorLog table captures application errors with full diagnostic detail:
FileName,LineNumber,Method-- code locationErrorMessage,StackTrace-- error detailUrl,IP-- request context
Login Log (Bejelentkezesi naplo)¶
The LoginLog table records authentication attempts:
LoginName,User_ID-- identityLoginTime,LoginIP-- contextSuccessFlag-- success/failure indicator
History Tables (Torteneti tablak)¶
Automatic history tracking is implemented for key entities via a SaveChanges() override in SCMContext.Partial.cs:
| Table | Trigger |
|---|---|
ReservationHistory |
On reservation modification |
AttendanceHistory |
On attendance modification or deletion |
SubscriptionHistory |
On subscription modification |
Error Notification (Hibaertesitesek)¶
System errors are routed to configured recipients via dedicated distribution lists:
| Parameter | Purpose |
|---|---|
SystemErrorClubEmailList |
Club-level error notifications |
SystemErrorEmailList |
System-wide error notifications |
SystemPaymentErrorEmailList |
Payment error notifications |
SystemInfraErrorEmailList |
Infrastructure error email notifications |
SystemInfraErrorSMSList |
Infrastructure error SMS notifications |