09-02-2009, 08:34 PM
|
#10 (permalink)
|
|
The Prestige
Join Date: Sep 2007
Location: Sweden, Stockholm
Posts: 1,080
Thanks: 115
|
Quote:
Originally Posted by ioan1k
Yes this is true,
But you would only need to setup the resources in a different named manner.
For your blog example
feature_blog
page_blog
Each blog "owner would have say"
23_blog - 23 being their userId
Which then permissions can be set, it may seem a bit more complicated but it would be fairly the same as a naming convention that can be easily modified to suit your needs rather than having multiple methods that perform the same logic, which once your code starts scaling could lead to future bugs.
A few more examples would be
"23_blog_post_415_comment_edit" -> Resource:: UserId -> 23 Blog PostId -> 415 Comment editing
"page_aboutme_view" -> Resource:: About me page viewing
"widget_25_15_view" -> Resource:: WidgetId->25 UserId -> 15 Viewing
|
Ahhh! Actually that sounds very good.
My only concern about that is.. won't there be like.. TONS of entries in that database table that has the resources?? And won't it be quite resource-demanding to search through the table if it contains tens of thousands of permission sets?
__________________
|
|
|
|