Beefy Boxes and Bandwidth Generously Provided by pair Networks
Your skill will accomplish
what the force of many cannot
 
PerlMonks  

comment on

( #3333=superdoc: print w/replies, xml ) Need Help??

I've had to come up with access control mechanisms before and the only one I've been happy with makes extensive use of a database. Unfortunately, I haven't gotten around to making a decent module out of it, though it's been on my to-do list for quite a while, because the methods were written as HTML::Mason components and I just re-use the component rather than do the Right thing.

Essentially, it's a system of users, groups and access entities. Everything's assigned an entity. According to memberships between the users<->groups<->entities or users<->entities access is decided. Users explicitly granted or denied to the entity takes priority over users assigned to a group which then have permission granted or denied and the default permission takes effect if the other two come up emtpy.

It's a bit of a grand system, quite overkill for almost everything I've used it for, but I like it. =) If you'd like table definitions and SQL queries that drive it, I'd be happy to cough those up, just me know.

-Ducky

Update:Check this for a mess of SQL statements to create and query what I talked about above. So I coughed. There. =)

Update II: Since I've gotten some interest in these, here's a quick overview of the tables:

users ---------- user_id auto-incrementing, primary key name text, for human consumtion entities ---------- entity_id auto-incrementing, primary key name text, for human consumtion permission boolean, default permission groups ---------- group_id auto-incrementing, primary key name text, for human consumtion priority int, optional. to give one group priority over another group/entity membership ---------- group_id int, references groups table entity_id int, references entities table permission boolean, this group's permission on the entity user/entity membership ---------- user_id int, references users table entity_id int, references entities table permission boolean, this user's permission on the entity user/group membership ---------- user_id int, references users table entity_id int, references entities table
The ugly SQL to pull all these memberships together and determine a user's permission to a given entity based on what groups they're in and what permission has been assigned to them is available here (same link as above)

Update III: yeesh. Updated the link to my site.


In reply to Re: Application Access Control by ducky
in thread Application Access Control by notsoevil

Title:
Use:  <p> text here (a paragraph) </p>
and:  <code> code here </code>
to format your post; it's "PerlMonks-approved HTML":



  • Posts are HTML formatted. Put <p> </p> tags around your paragraphs. Put <code> </code> tags around your code and data!
  • Titles consisting of a single word are discouraged, and in most cases are disallowed outright.
  • Read Where should I post X? if you're not absolutely sure you're posting in the right place.
  • Please read these before you post! —
  • Posts may use any of the Perl Monks Approved HTML tags:
    a, abbr, b, big, blockquote, br, caption, center, col, colgroup, dd, del, div, dl, dt, em, font, h1, h2, h3, h4, h5, h6, hr, i, ins, li, ol, p, pre, readmore, small, span, spoiler, strike, strong, sub, sup, table, tbody, td, tfoot, th, thead, tr, tt, u, ul, wbr
  • You may need to use entities for some characters, as follows. (Exception: Within code tags, you can put the characters literally.)
            For:     Use:
    & &amp;
    < &lt;
    > &gt;
    [ &#91;
    ] &#93;
  • Link using PerlMonks shortcuts! What shortcuts can I use for linking?
  • See Writeup Formatting Tips and other pages linked from there for more info.
  • Log In?
    Username:
    Password:

    What's my password?
    Create A New User
    Chatterbox?
    and the web crawler heard nothing...

    How do I use this? | Other CB clients
    Other Users?
    Others lurking in the Monastery: (11)
    As of 2020-01-17 18:20 GMT
    Sections?
    Information?
    Find Nodes?
    Leftovers?
      Voting Booth?
      Notices?