09-03-2009, 02:00 PM
|
#18 (permalink)
|
|
The Contributor
Join Date: Mar 2009
Location: US
Posts: 76
Thanks: 0
|
You would simply take the if statement for the deny check and drop it below the if statement for the group and user allow check puesdo code would be
Code:
if usergroup in allowlist:
access is true
elseif user in allowlist:
access is true
if user in denyuserlist:
access is false
return access
For the friends list you are going to need to add the user'sId that references their account in the database along with the friendlistID such as
Code:
FriendsList Table
---------------------------
friendID userId
EDIT:
Quote:
|
True.. but that scenario would only occur if I set a user on the allowed list and then on the disallowed list aswell..
|
Yes this is true, but if the access is to a very critical system resource and you happen to forget that the code works this way and forget to remove them from the allow listing, they will still have access, a good basis to follow is that if someone is going to be denied something specifically for their account there is likely a good reason so you always |
|
|
|