Step 2: Configure Security Schema

Security is handled through role-based access control. In LeaveMaster, different user roles—Employee, Manager, and Admin—determine what actions a user can perform and what data they can access.

Security Schema for my Leave Request App

The following Roles are needed for my leave request app

• Employee: Can submit, modify, or cancel their leave requests.

• Manager: Can view team members' requests and approve or reject them.

• Admin: Has full control over the system, including user management and access to all leave requests.

Each action/query in the system is preceded by a Precondition to check user roles, ensuring only authorized users can perform specific tasks.