go ahead... be a heretic | |
PerlMonks |
Re: Application Access Controlby ducky (Scribe) |
on Sep 24, 2001 at 04:53 UTC ( [id://114227]=note: print w/replies, xml ) | Need Help?? |
I've had to come up with access control mechanisms before and the only one I've been happy with makes extensive use of a database. Unfortunately, I haven't gotten around to making a decent module out of it, though it's been on my to-do list for quite a while, because the methods were written as HTML::Mason components and I just re-use the component rather than do the Right thing. Essentially, it's a system of users, groups and access entities. Everything's assigned an entity. According to memberships between the users<->groups<->entities or users<->entities access is decided. Users explicitly granted or denied to the entity takes priority over users assigned to a group which then have permission granted or denied and the default permission takes effect if the other two come up emtpy. It's a bit of a grand system, quite overkill for almost everything I've used it for, but I like it. =) If you'd like table definitions and SQL queries that drive it, I'd be happy to cough those up, just me know. -Ducky Update:Check this for a mess of SQL statements to create and query what I talked about above. So I coughed. There. =) Update II: Since I've gotten some interest in these, here's a quick overview of the tables: The ugly SQL to pull all these memberships together and determine a user's permission to a given entity based on what groups they're in and what permission has been assigned to them is available here (same link as above) Update III: yeesh. Updated the link to my site.
In Section
Seekers of Perl Wisdom
|
|