Access Control List(s)?
View Single Post
09-02-2009, 08:34 PM
Join Date: Sep 2007
Location: Sweden, Stockholm
Originally Posted by
Yes this is true,
But you would only need to setup the resources in a different named manner.
For your blog example
Each blog "owner would have say"
23_blog - 23 being their userId
Which then permissions can be set, it may seem a bit more complicated but it would be fairly the same as a naming convention that can be easily modified to suit your needs rather than having multiple methods that perform the same logic, which once your code starts scaling could lead to future bugs.
A few more examples would be
-> Resource:: UserId -> 23 Blog PostId -> 415 Comment editing
-> Resource:: About me page viewing
-> Resource:: WidgetId->25 UserId -> 15 Viewing
Ahhh! Actually that sounds very good.
My only concern about that is.. won't there be like.. TONS of entries in that database table that has the resources?? And won't it be quite resource-demanding to search through the table if it contains tens of thousands of permission sets?
View Public Profile
Send a private message to Tanax
Visit Tanax's homepage!
Find More Posts by Tanax