Modeling ACL requirement
Posted: Fri Aug 07, 2009 12:47 pm
by Anonymous >> Thu, 10 Mar 2005 11:38:42 GMT
I have a situation where I have a user that can belong to a set of groups. I also have items that belong to folders.
I need to model a scenario where I can get an ACLEntry class on both the Item and Folder class which represents the allowed facilities for a specific User object. Bear in mind that the amalgamted information will come form a specific user ACLEntry for the User and for the Groups the user belongs to.
Where the heck do I start from please. Do I have a list of acl entries for groups and an ACL entry for the User on the Item and Folder object with an accessor that combines the 2. Given this would also be the same for a Folder is it possible to model a more efficient solution.
I suspect the main issue is that, in database terms, the list of ACL entries is determined by the item (Item or Folder), the user and the groups they belong to. This is a none trivial relationship.
Many thanks
Ian Cox
I have a situation where I have a user that can belong to a set of groups. I also have items that belong to folders.
I need to model a scenario where I can get an ACLEntry class on both the Item and Folder class which represents the allowed facilities for a specific User object. Bear in mind that the amalgamted information will come form a specific user ACLEntry for the User and for the Groups the user belongs to.
Where the heck do I start from please. Do I have a list of acl entries for groups and an ACL entry for the User on the Item and Folder object with an accessor that combines the 2. Given this would also be the same for a Folder is it possible to model a more efficient solution.
I suspect the main issue is that, in database terms, the list of ACL entries is determined by the item (Item or Folder), the user and the groups they belong to. This is a none trivial relationship.
Many thanks
Ian Cox