On Aug 27, 2009, at 9:02 PM, Ben Dunlap <bdunlap@xxxxxxxxxxxxxxxxxx>
wrote:
Sort of. Create two tables a login table with user details and a
specific
field for a ROLE.
Then create a roles table that lists the various permissions. I
store this
[8<]
This process is significantly simpler when managing users, it's
easier to
adjust permissions on one role than to edit a bunch of users when
something
changes.
In this mechanism, does a "role" differ significantly from a "group"?
I have to admin a CRM system that has both roles /and/ groups, and it
always seems a bit excessive. But maybe there's some benefit to roles,
as such, that I'm not seeing.
Thanks, Ben
Yes, they offer an additional layer of granularity on permissions. The
apps I write use groups and role to limit acces to certain
functionality. The roles determine functional access to records, ie
what the user can do with them. The groups membership determines what
records the user can see. E.g. If a user has membership in groups A
and B, they can see all records from created by or assigned to both
groups. A user who belongs to group B only, can only view the records
having group B membership.
Bastien
Sent from my iPod
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
