Custom ACL Setup? Best Way?

C

Cy Huckaba

I am having a hard time trying to figure out the best way to implement a custom
ACL. Any thoughts or articles on best practices would be appreciated.

I have three groups with three permission levels. Employee, Client and Vendor;
each with User, Manager and Exec. permission levels. Assets can be protected by
giving groups or individual logins access. For example, Doc1 can be assigned to
All Employee groups and Doc2 can be assigned only to john_doe.

I don't know whether I should create one table with all possible roles like
Emp_User, Emp_Mgr, Emp_Exec, Client_User, etc. or do I separate them into two
tables Login_Type (with emp, client, vendor) and another for Login_Level (user,
mgr, exec).

That brings up the next issue of the best way to tag the Assets table. Do I just
use one ACL field that has roles & levels in one string (like
"emp_mgr;emp_exec;etc.")? Do I provide two ACL fields: one for login type, one
for permission level?

I know I can make something work, I'm just worried about scalability...what if
we add more types and levels later?

Any thoughts would be appreciated.

Cy Huckaba
Austin, TX
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Members online

No members online now.

Forum statistics

Threads
473,744
Messages
2,569,483
Members
44,903
Latest member
orderPeak8CBDGummies

Latest Threads

Top