Delegation Model
Understanding how user delegation relationships work in Rahal
Delegation Model
This page explains the core concepts behind Rahal's delegation system and how delegation relationships are structured.
Core Concepts
Delegator and Delegate
A delegation relationship always involves two parties:
| Role | Description | Example |
|---|---|---|
| Delegator | The user who owns the travelers and grants access to another user | An executive who wants their assistant to book travel |
| Delegate | The user who receives access and can act on behalf of the delegator | An executive assistant who books travel for their boss |
Direction of Access
The delegation direction determines who can access whose data:
- A delegates to B means B can access A's travelers
- B does NOT get access to make A view B's travelers
This is a one-way relationship. If two users need to access each other's travelers, two separate delegations must be created.
Delegation Types
Rahal supports two delegation types that serve different organizational needs.
User-to-User
The most common type. One user explicitly grants access to another user.
- Both users must be active members of the same company
- Creates a direct relationship between two specific users
- The delegator appears in the delegate's list of people they can book for
Company-Wide
A user receives access to all users' travelers within a company. Instead of needing individual delegations from each person, the delegate can search for and access any user's travelers.
- The delegate can search for any user in the target company
- No individual delegator is required (though optionally, access can be restricted to specific users)
- The delegate sees a search interface instead of a fixed list of delegators
Company-wide delegations are ideal for travel coordinators, office managers, or anyone who needs to book travel for many people across the organization.
Delegation Properties
Each delegation record contains the following properties:
| Property | Description |
|---|---|
| Type | User-to-User or Company-Wide |
| Delegator | The user granting access (optional for unrestricted company-wide delegations) |
| Delegate | The user receiving access |
| Company | The company context for this delegation |
| Scopes | Array of permission scopes granted |
| Is Active | Whether the delegation is currently active |
| Created At | When the delegation was created |
| Updated At | When the delegation was last modified |
Company Scope Requirement
Delegations are always scoped to a specific company.
For user-to-user delegations, both users must be active members of the same company. For company-wide delegations, the delegation targets a specific company, and the delegate can access travelers of users within that company.
Relationship Uniqueness
For user-to-user delegations, the combination of delegator, delegate, and company must be unique. You cannot create duplicate delegations for the same user pair in the same company.
For company-wide delegations without a specific delegator, only one such delegation can exist per delegate per company.
If you need to modify an existing delegation (e.g., add or remove scopes), update the existing delegation rather than creating a new one.
Active vs Inactive Delegations
Delegations can be temporarily disabled without being deleted:
| State | Effect |
|---|---|
| Active | Delegate can access delegator's travelers and perform granted actions |
| Inactive | Delegation exists but is not enforced; delegate cannot access delegator's data |
This allows administrators to temporarily suspend delegation access without losing the delegation configuration.
Traveler Access
When a delegation is active, the delegate gains access to all travelers owned by the delegator. There is no partial traveler access - it's all or nothing.
The specific actions the delegate can perform depend on the granted scopes.
Policy and Budget Attribution
When a delegate creates a booking for a delegator's travelers:
Key points:
- The delegator's policy is used for compliance evaluation
- The delegator's budget is consumed
- The booking appears in the delegator's booking history
- Reports and analytics attribute the booking to the delegator
This ensures that travel policies are enforced correctly based on the actual traveler's role, not the person making the booking.
Delegation Lifecycle
| Action | Result |
|---|---|
| Create | New delegation is created in active state |
| Deactivate | Delegation is paused but preserved |
| Reactivate | Delegation is resumed |
| Revoke/Delete | Delegation is permanently removed |
Related Concepts
- Scopes - Understanding delegation permissions
- Booking Flow - How delegation affects the booking process