We roll our own mostly. Using a list of available "action". Each user then either has or has not permission for the "action". To trap an action we use a function that passes the user's ID as well as the password that was logged and thirdly the action's ID. The actions also have a Master Action so if for instance you want to allow a user to all Invoice functions/actions then there is no need to verify individual actions.
With this you can go as deep as you want. The only negative is we never developed it to the point where it is very easy to implement as you need to have the action's ID handy. However it is very easy to manage the user's permissions using a list and check boxes. It's not perfect bu once done it's much better than 4D's way of doing it (not that it's bad but it just doesn't allow for as tight a control as we needed). Cheers ----- Jim Labos - infobase -- Sent from: http://4d.1045681.n5.nabble.com/4D-Tech-f1376241.html ********************************************************************** 4D Internet Users Group (4D iNUG) Archive: http://lists.4d.com/archives.html Options: https://lists.4d.com/mailman/options/4d_tech Unsub: mailto:[email protected] **********************************************************************
