C
Cy Huckaba
I am having a hard time trying to figure out the best way to implement a custom
ACL. Any thoughts or articles on best practices would be appreciated.
I have three groups with three permission levels. Employee, Client and Vendor;
each with User, Manager and Exec. permission levels. Assets can be protected by
giving groups or individual logins access. For example, Doc1 can be assigned to
All Employee groups and Doc2 can be assigned only to john_doe.
I don't know whether I should create one table with all possible roles like
Emp_User, Emp_Mgr, Emp_Exec, Client_User, etc. or do I separate them into two
tables Login_Type (with emp, client, vendor) and another for Login_Level (user,
mgr, exec).
That brings up the next issue of the best way to tag the Assets table. Do I just
use one ACL field that has roles & levels in one string (like
"emp_mgr;emp_exec;etc.")? Do I provide two ACL fields: one for login type, one
for permission level?
I know I can make something work, I'm just worried about scalability...what if
we add more types and levels later?
Any thoughts would be appreciated.
Cy Huckaba
Austin, TX
ACL. Any thoughts or articles on best practices would be appreciated.
I have three groups with three permission levels. Employee, Client and Vendor;
each with User, Manager and Exec. permission levels. Assets can be protected by
giving groups or individual logins access. For example, Doc1 can be assigned to
All Employee groups and Doc2 can be assigned only to john_doe.
I don't know whether I should create one table with all possible roles like
Emp_User, Emp_Mgr, Emp_Exec, Client_User, etc. or do I separate them into two
tables Login_Type (with emp, client, vendor) and another for Login_Level (user,
mgr, exec).
That brings up the next issue of the best way to tag the Assets table. Do I just
use one ACL field that has roles & levels in one string (like
"emp_mgr;emp_exec;etc.")? Do I provide two ACL fields: one for login type, one
for permission level?
I know I can make something work, I'm just worried about scalability...what if
we add more types and levels later?
Any thoughts would be appreciated.
Cy Huckaba
Austin, TX