We have a "standard" admin plug in to add/edit users and assign rights to
them based on an AdminRights table in the db.
When you select a user the app displays a dynamic list of rights which can
be assigned as check boxes.
This is very flexible as for each application you just change the list of
rights in the db of that application and voila the admin now shows these
rights.
Then in Index.cfm you can control access to each and every circuit or
fuseaction action by verifying the user has the needed rights.
We use binary masks and the bitAnd function as the applications don't need
more than 31 different rights.
But for a completely flexible system use unique ID's for each right and list
functions.
HTH,
Noam
----------
From: Ben Koshy [SMTP:[EMAIL PROTECTED]]
Sent: Saturday, 26 May 2001 23:40
To: Fusebox
Subject: Back-End admins with FB?
Thought I'd try this question again sine things are quiet now and
everyone
ignored me during the flap about XFB Standards:
=======================================
Thought I'd tap the knowledge out there on how you guys handle
administration of various circuit applications and the central
application.
Alot of times you want to write circuit applications so that they
can be
re-used in other applications. In addition, alot of modules have
administrators associated with them which manage content, data that
the user
normally doesn't have access or has controlled/granular access to.
Anyway I
was wondering how you people handle administration in FuseBox.
Whether you
do it on a circuit by circuit level or do you write an admin circuit
which
manages all the security and the admin fuseactions. Furthermore,
how do you
provide standardized security for the circuits and their fuses. I
know
we've seen the example where including the act_secure.cfm from the
security
circuit provides the security. I suppose if you adhere to this
standard or
any standard you're okay. I've always liked a centralized admin,
others
seems to embed the admininistration into each circuit/app.
Goal: To create an application-wide administrator that centralizes
site
administration
One Idea:
=========
Create a file that is a plain HTML menu (dsp_admin.cfm) that
triggers the
various fuses like:
<b>User Functions<b><BR>
<a href="/secure/index.cfm?fuseaction=adduser">Add
User</a><BR>
<a href="/secure/index.cfm?fuseaction=deluser">Delete
User</a><BR>
Then have a script which crawls the applications looking for these
dsp_admin.cfm files and incorporate them dynamically into an admin
center.
What are others doing out there?
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Structure your ColdFusion code with Fusebox. Get the official book at
http://www.fusionauthority.com/bkinfo.cfm
Archives: http://www.mail-archive.com/[email protected]/
Unsubscribe: http://www.houseoffusion.com/index.cfm?sidebar=lists
