> I'm
> wondering how other people handle delivering different tools to different
> levels of users...
Chris,
I have some experience in that area, but I'm not sure how much use it'll be
to you.
Basically, the idea is to change the security model, rather than the
structure of your code. Instead of defining, say, four types of users, I
define the specific attributes that each user can have. So instead of
hard-coding permissions like so:
Guest = read-only
Verified = read, write
Moderator = read, write, move
Admin = read, write, move, delete
I just create a set of binary attributes for each user:
read = true|false
write = true|false
move = true|false
delete = true|false
The result is more work for the database, but the code for displaying
interface elements and so on becomes very simple...
<cfif USER.READ>
display stuff
</cfif>
With this approach, the "type" of user simply becomes a human-readable label
slapped on a set of attributes which can be derived from the attributes
themselves:
<cfif USER.DELETE>
<cfset USER.TYPE = "Admin">
</cfif>
Make sense?
--
Roger
------------------------------------------------------------------------------
To Unsubscribe visit
http://www.houseoffusion.com/index.cfm?sidebar=lists&body=lists/fusebox or send a
message to [EMAIL PROTECTED] with 'unsubscribe' in the body.
