So for a complex app I would typically assign a permission to every action that could be performed, then I would be assigning various (maybe hundreds of) permissions to different user groups. But on top of that I would like to add or restrict individual permissions on a user by user basis. My current process for managing that would be for the database to be queries to find out if user X was allowed to perform action Y. Is it realistic to use the cflogin roles to store literally zillions of permissions?
----- Original Message ----- From: "Sean A Corfield" <[EMAIL PROTECTED]> To: "CF-Talk" <[EMAIL PROTECTED]> Sent: Saturday, August 17, 2002 3:52 PM Subject: Re: Single Login - Multiple Apps > On Friday, August 16, 2002, at 08:26 , Todd wrote: > > Sean, Ray... maybe you clean up my desire to ignore those tags. > > <cflogin> > You will be assimilated! > <cfloginuser name="borg" role="drone"/> > </cflogin> > > :) > > > Or... am I thinking about this the wrong way? For example, if I have a > > CMS > > app, an author might not be able to publish something, but an editor > > can. However, if I decided to make a new group (without making a code > > change) and assign them publishing rights, I can without having to change > > code. > > So the roles are granular things like: > publisher > reviewer > i.e., the things that your CFCs might align with. > > Then in your cflogin, when you do your authentication, you can retrieve > the group for that user and then the roles for that group and use > cfloginuser to remember the roles (not the group). > > That way you can control the roles (CF) that each group has independently. > > Sean A Corfield -- http://www.corfield.org/blog/ > > "If you're not annoying somebody, you're not really alive." > -- Margaret Atwood > > ______________________________________________________________________ Signup for the Fusion Authority news alert and keep up with the latest news in ColdFusion and related topics. http://www.fusionauthority.com/signup.cfm FAQ: http://www.thenetprofits.co.uk/coldfusion/faq Archives: http://www.mail-archive.com/[email protected]/ Unsubscribe: http://www.houseoffusion.com/index.cfm?sidebar=lists
