Jeff Watkins <[EMAIL PROTECTED]> writes: > Now if you have a VERY small user community, applying permissions directly to > the user isn't a bad model. And I run into this a lot with clients. Mostly > when I encounter this model it's after they've grown from a small number of > users to many hundreds or even thousands. In these cases, the permissions are > often controlled by different application specialists and no one quite knows > what the definitive set of permissions actually is for a given group or role.
I prefer using groups even for small ammounts of users. One can, then, create one group per user if it is needed. When groups of users need one common permission, then a new group can be created and users can be assigned to it. I find that this -- one user/groups and several users/group with permissions dealt with by group -- are the best approach. -- Jorge Godoy <[EMAIL PROTECTED]>