[eluser]Unknown[/eluser]
I have a site I am working on that will have various pages that are access controlled based on user logins and role groups, where different groups will have access to certain pages and some of the same pages with slight modifications. Wondering what is the best practice for implementing this.
My planned approach is to separate my site into 3 controllers for the 3 roles I have and assign a session for each logged in user. Then I can check their role in each controller constructor and redirect to the appropriate controller or login page where necessary. There is a fourth role that will share MOST of the same functionality and page access so for these two I would implement checks to tweak the view as needed.
Any comments or suggestions on this approach would be great. Thanks!
