Access control system, access control method, and access control program

The invention claimed is: 1 . An access control system comprising: a processor; a display coupled to the processor; a memory coupled to the processor, the memory storing instructions that when executed by the processor, configures the processor to: manage a chain of tasks as a model; assign a role to an executor of each of the tasks to manage the role, the role permitting access to one or more of the tasks, set a function-specific API for each of a plurality of functions, each API being usable by the role according to a function-specific access authority of the role to perform the respective functions of the APIs, the function-specific access authority permitting the function to be performed on more than one task, set a task-specific access authority for the role to generate task access authority information, when access from the executor of the task is received via an API, determine whether the role has the function-specific access authority for the function of the API, and upon determining the role has the function-specific access authority for the function of the API, refer to the task access authority information based on the role assigned to the executor and perform access control, and display, on a screen of the display, one or more tasks for which access of the role is permitted, and display the model including the chain of tasks, each task being indicated by a node having a different visual characteristic indicating whether the role has access to the task indicated by the node, each node being connected by a link. 2 . The access control system according to claim 1 , wherein the processor is configured to: generate function access authority information based on the function-specific access authority and the role, and receive an operation permitted in both the task access authority information and the function access authority information. 3 . The access control system according to claim 2 , wherein the processor is configured to refer to the function access authority information when access from the executor of the task is received, refer to the task access authority information when access is permitted in the function access authority information, and receive an operation in which access is permitted in the task access authority information. 4 . The access control system according to claim 1 , wherein the processor is configured to display, on the display, operation screens individually provided for each of a constructor who constructs the model, an applier who performs a setting operation of the access authority, and the executor. 5 . The access control system according to claim 1 , wherein the processor is configured to manage an execution history of the supply-related tasks as case data. 6 . The access control system according to claim 1 , wherein the processor is configured to manage a model for a chain of tasks including a task of collecting a sample from a patient, a task of transporting the sample, a task of producing a drug using the sample, a task of transporting the drug, and a task of administering the drug. 7 . An access control method, executed by a computer, the method comprising: managing a chain of tasks as a model; assigning a role to an executor of each of the tasks to manage the role, the role permitting access to one or more of the tasks; setting a function-specific API for each of a plurality of functions, each API being usable by the role according to a function-specific access authority of the role to perform the respective functions of the APIs; a task access authority setting step of setting a task-specific access authority for the role to generate task access authority information; an access control step of, when access from the executor of the task is received via an API, determining whether the role has the function-specific access authority for the function of the API, and upon determining the role has the function-specific access authority for the function of the API, referring to the task access authority information based on the role assigned to the executor and performing access control; and displaying, on a screen of a display, one or more tasks for which access of the role is permitted, and display the model including the chain of tasks, each task being indicated by a node having a different visual characteristic indicating whether the role has access to the task indicated by the node, each node being connected by a link. 8 . A non-transitory computer readable medium storing an access control program causing a computer to execute steps comprising: managing a chain of supply-related tasks as a model; a role management step of assigning a role to an executor of each of the tasks to manage the role, the role permitting access to one or more of the tasks and setting a function-specific API for each of a plurality of functions, each API being usable by the role according to a function-specific access authority of the role to perform the respective functions of the APIs; a task access authority setting step of setting a task-specific access authority for the role to generate task access authority information; an access control step of, when access from the executor of the task is received via API, determine whether the role has the function-specific access authority for the function of the API, and upon determining the role has the function-specific access authority for the function of the API, referring to the task access authority information based on the role assigned to the executor and performing access control; and displaying, on a screen of a display, one or more tasks for which access of the role is permitted, and display the model including the chain of tasks, each task being indicated by a node having a different visual characteristic indicating whether the role has access to the task indicated by the node, each node being connected by a link.