[cgiapp] app authorization patterns, best practices?
Ron Savage
ron at savage.net.au
Fri Mar 23 19:04:49 EDT 2012
Hi Brett
On 24/03/12 05:30, B. Estrade wrote:
> A practical case I am looking at right now is that I have form that
> is used to manage user data. There are 3 roles - User, Manager, and
> Admin. Each one has the types of permissions you'd expect (User can
> manage himself, Manager can manage his Users, Admin can do anything).
Did you try class inheritance? The base class would be user, i.e.
minimal features. A manager gets the manager sub-class and admin -
derived from manager - gets the admin sub-class, which gives them a more
inclusive form.
--
Ron Savage
http://savage.net.au/
Ph: 0421 920 622
More information about the cgiapp
mailing list