Best practice for managing site roles and permissions?

I have a site I am working on that will have various pages that are access controlled based on user logins and role groups, where different groups will have access to certain pages and some of the same pages with slight modifications. Wondering what is the best practice for implementing this.

My planned approach is to separate my site into 3 controllers for the 3 roles I have and assign a session for each logged in user. Then I can check their role in each controller constructor and redirect to the appropriate controller or login page where necessary. There is a fourth role that will share MOST of the same functionality and page access so for these two I would implement checks to tweak the view as needed.

Any comments or suggestions on this approach would be great. Thanks!

As long as you'll stick with these four roles maximum, you can use some hard-coded permission checking. Setting the groups in hierarchical order with even unix-styled group ids (id = 1, 2, 4, 8, 16, ...) can come in handy for easier permission checking.

But as soon as you want to have more dynamic permissions and roles it's probably easier to use some ACL (access control list). There are some threads around this forum you might wanna have an eye on.

Digg   Delicious   Reddit   Facebook   Twitter   StumbleUpon  

  Theme © 2014 iAndrew  
Powered By MyBB, © 2002-2020 MyBB Group.