> > >Maybe a silly question -- but is your security REALLY at the level of a >*single* run-mode? > >In my experience, security is usually applied to a group of run-modes. For >instance, you might allow a valid user to access the group of run-modes >"search_form", "search_widgets", and "view_widget". You would only allow >administrators to access the group of run-modes "add_widget", >"edit_widget_form", "update_widget_properties", and "delete_widget". > >Does this describe your situation? If so, why don't you simply break your >application into multiple applications, by required authority? Each >application could then have its own instance script. The instance scripts >might be located in your "Document Root" like this: > The only question is flexibility. If I wanted to change the delete_widget to allow a different group to have access to it how would I do that? Would I have to physically move the mode?
Here are the details. I have users in different groups with different permissions. Employees -------------------- John - Manager Mary - Tech Permissions -------------------- Tech - view_widget, search_form, Manager -edit_widget, delete_widget, update_widget, view_confidential_stuff The company that will use this software wanted to be able to change thier minds. For example, "I think techs should be able to edit and delete widgets but they don't need to view confidential stuff". Does your method still work under these circumstances? I am excited about not having to include permission checking the CGI::App module but I don't see how to fully implement it in this app. -- Thanks, Kenny Pyatt President Design Shack www.dshack.com --------------------------------------------------------------------- Web Archive: http://www.mail-archive.com/[email protected]/ To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
