I have users, groups, resources and permissions. And a nice GUI to manage it
all.
A resource (such as user management, product management) has permissions
created for it.
A group has resources assigned to it
A user is in a group or groups.
When a user logs in, all permissions for all groups he is a member of are
loaded into session.permissions.
In my code I use a UDF to check that a user has permission to perform a
function or view a page.
<cfif request.hasPermission('permission name')>
Allow content
<cfelse>
<cfoutput>#request.noaccess#</cfoutput>
</cfif>
--
Snake
-----Original Message-----
From: Baz [mailto:[EMAIL PROTECTED]
Sent: 07 January 2006 10:32
To: CF-Talk
Subject: User, Permission Management
Hi,
I'm curious how people are handling session/user/permission/login management
these days...
Have most of you implemented your own custom solutions? Do a lot of people
use cflogin? Are people using CFC roles?
How are people handling checking permissions for each page? Do you check
against data stored in memory? Do you query on each request? Let's say that
there are regular users and admins, how verify which one they are?
Just curious,
Cheers,
Baz
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~|
Message: http://www.houseoffusion.com/lists.cfm/link=i:4:228692
Archives: http://www.houseoffusion.com/cf_lists/threads.cfm/4
Subscription: http://www.houseoffusion.com/lists.cfm/link=s:4
Unsubscribe:
http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=11502.10531.4
Donations & Support: http://www.houseoffusion.com/tiny.cfm/54
