Liquid Fire Posted April 9, 2008 Share Posted April 9, 2008 I am just wondering how people think permission system should be. I can think of 2 major type that i have seen. The first which is the way i prefer because it seems quite flexible is have some sort of identifier and the a permission type. for instance i have a management system that have permission setup based on system and module. a system could be "CMS" and a module for that system could be news. Now the permissions would be something like "edit, view, delete, etc..." and this way i can give a user the permission to view/edit news but not delete by giving them a record in the user_permissions table with cms, news, view with status of "active" and another record with cms, news, view with status of "active". to take away a permission i would just set the user permission record to inactive. the down side to this is there are more record per system/module combo. The other way is to use bit-wize operators and just a level like 4, 16, 32, etc... The reason i don't like that is it is a bit more complex to understand and hard to see what permissions a user has just by looking at the database. Which way do you prefer or maybe there is a different method i have not mentioned that you like? Link to comment https://forums.phpfreaks.com/topic/100347-permission-system/ Share on other sites More sharing options...
keeB Posted April 10, 2008 Share Posted April 10, 2008 http://en.wikipedia.org/wiki/Access_control_list Link to comment https://forums.phpfreaks.com/topic/100347-permission-system/#findComment-513523 Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.