Just to throw in my two pennies worth:
I have a CMS where there are about 20 websites which use the same
editor, file upload etc.
I do this the following way - I have a table with the web site
specifics in, like the various upload directories, image directories
etc, and then a User table.
Well, here's what I do.
I use Active Directory groups to manage access to different areas of our
intranet. There are a few instances where I create pseudo groups from
our main business system, but in the near future, that's going to change
to use Active Directory as well.
I have an OU, in AD,
I'm building a content management application targeted at
small-businesses.
I quite agree with Barney's description.
What you describe here would be role based security.
However, for small business, a permission based security would probably
be more appropriate.
Depends how small is you small
Hi all,
I'm building a content management application targeted at
small-businesses. Currently, I am using group-level security
(individual users are assigned to groups, groups are granted or
declined rights at the page level). Unfortunately, this method
requires that I hard code the groups that
The typical name for that arrangement is role based security, and
it's typical counterpart is permission based security. To align the
terminology, let me restate what you said.
With role based security, your application has a set of defined roles
that users are assigned to. These roles are then
Barney gave a pretty good overview. When I wrote AccessMonger, I
pretty much followed the same model he describes. Permissions give
you absolutely granular control over literally anything you please,
but as your system grows you could potentially wind up with zillions
of permissions. To help
6 matches
Mail list logo