Applying Linux Group Ideology to Web Applications
I have built a database driven web application that has a user and group system that works in a similiar way that Linux handles user access.
A users can access various resources, the resources are assigned to a single group and users can have many groups.
RedRanger can access a, b, c, x and y but not z
GreenRanger can only access a, b, c and x
BlueRanger can access a, b, c, x, y and z
Lets say that RedRanger needs to be denied access to resource a
if I remove him from group 33 he can no longer access b or c which is no good.
The only alternative is to change a's group and add everyone else to the new group, this isn't so bad for 3 users, but what about 3,000?
If this situation occurs often there will soon be a mess of groups.
What is the best approach to this problem?
|All times are GMT -5. The time now is 10:11 AM.|