more or less. you have a table of groups with the associated permissions. (edit, delete, etc).
then a table with the group(s) to which a user belongs. otherwise, correct. -----Original Message----- From: Paul Giesenhagen [mailto:[EMAIL PROTECTED]] Sent: Monday, July 29, 2002 4:55 PM To: CF-Talk Subject: Re: Multiple User Authorization So you have table that holds the users information and their roles say, edit,delete,gifts,orders,settings <--- those are the rolls that a user has access too. Then when the user logs in, you build a structure that is request.security.edit/request.security.delete ...with all of the users approvals... and save that struct to a session/client variable? Then are you doing a simple <cfif NOT ("request.securtity.edit")> ...go to login </cfif> Am I going down the right path? Paul Giesenhagen QuillDesign ----- Original Message ----- From: "Dan Haley" <[EMAIL PROTECTED]> To: "CF-Talk" <[EMAIL PROTECTED]> Sent: Monday, July 29, 2002 3:38 PM Subject: RE: Multiple User Authorization > Not NT ... we did something similar to what he's suggesting. We set up > 'roles' in a lookup table in the database, then in our user maintenance > screen we can check which roles a user has. This comma-delimited string of > numbers goes into their 'state' that we maintain also in the database. When > a page loads we create a structure called request.security and fill it with > boolean values for all the roles. Then on any page you can check for > request.security.name_of_some_role and if true, they are a member. > > Dan > > -----Original Message----- > From: Paul Giesenhagen [mailto:[EMAIL PROTECTED]] > Sent: Monday, July 29, 2002 1:32 PM > To: CF-Talk > Subject: Re: Multiple User Authorization > > > No, these will be individuals and not groups. Are you talking about > permissions on an NT box? > > Paul Giesenhagen > QuillDesign > > > would a group style set of permissions be a good idea? give permissions > to > > the groups, then assign people to them (NT/Win2K ACLs, really). it'll cut > > down on overhead a bit. > > > > -----Original Message----- > > From: Paul Giesenhagen [mailto:[EMAIL PROTECTED]] > > Sent: Monday, July 29, 2002 4:05 PM > > To: CF-Talk > > Subject: Multiple User Authorization > > > > > > I am looking for suggestions on a user authorization method. > > > > Basically, I have multiple users with various different access levels > > thourghout the application. Some can get into some places while others > > can't, and even some can get in everywhere. > > > > There are basically 20 different location restrictions. My question would > > be what would be the best way/practice to tackle this. > > > > Here is what I have come up with (but think it's a bit cumbersome). > > > > Setup table with the 20 different access columns > > (editor,admin,colors,settings,gifts ect...) and give them a 1 or 0 > > > > Then when the user logs in build a struct with the access levels and check > > the struct for that access level (1) when entering a page if 0, send them > > away to the beggining. > > > > Seems a bit cumbersome ... so I am looking for alternatives. > > > > Any thoughts? > > > > I appreciate your input > > > > Paul Giesenhagen > > QuillDesign > > > > > > > > > > ______________________________________________________________________ Get the mailserver that powers this list at http://www.coolfusion.com FAQ: http://www.thenetprofits.co.uk/coldfusion/faq Archives: http://www.mail-archive.com/[email protected]/ Unsubscribe: http://www.houseoffusion.com/index.cfm?sidebar=lists
