hal helms wrote:
> Where Lee and I disagree...
I think I'm somewhere in between the two of you... although my
interpretation of where the two of you are at seems to change from post
to post. :)
Basically, I've got a table like this:
UserGroupID|Read|Write|Run|Skip|Jump
...and each user has a UserGroupID attached. Individual fuses don't know
and don't care about that UserGroupID, which seems to be what you're
suggesting... at the fuse level, everything looks like this:
<cfif qryPerms.skip>
<cffrolic>
<cfelse>
<cfwalkitoffbuddy>
</cfif>
However, I don't allow users to break out of their group template. If an
individual user needs to do something special that is outside the scope
of any group's definition, then I create a new group. It's not that I
consider that approach to be philosophically superior... in fact, it
feels a little "ugly" to Developer Me. OTOH, I'm also my own primary
client, and I have to actually *use* the stuff I build.
>From the perspective of someone wearing an admin's hat, allowing
individual users to break away from a group definition would just be
confusing. I'd rather check the "ArticleReaders" template for its
permissions list and know that all ArticleReaders share that security
definition than be forced to open each ArticleReader account and
investigate who has what flags set. This is one case where I would
choose to trade flexibility for ease of use.
--
Roger
==^================================================================
This email was sent to: [email protected]
EASY UNSUBSCRIBE click here: http://topica.com/u/?bUrFMa.bV0Kx9
Or send an email to: [EMAIL PROTECTED]
T O P I C A -- Register now to manage your mail!
http://www.topica.com/partner/tag02/register
==^================================================================
