Solved

PHP User Permissions

Posted on 2013-10-29
3
288 Views
Last Modified: 2013-10-29
I am working on a complete overhaul of our corporate intranet, and I'm looking for guidance regarding setting up user permissions.

Currently, we have about 65 applications, 350 users nationwide, and functions within each application.

Not all users have access to all applications, and if an employee does have access to an application, they may not have access to all functions within.

My line of thinking right now is this:
- Assign each application a unique Id.

- Assign each user permissions to the application ID's that they would need.

- Create a functions table that would hold function names, such as canEdit, canConvert,  canDelete, etc.

- Assign each user access to the functions they would need by either a 1 or a 0 value in the database table.

There clearly isn't a right or wrong answer to this, but I wanted to consult with an expert to get their opinion on my issue, as the articles I've read on the subject do not really clarify how many users or functions they are dealing with.

Thanks in advance!
0
Comment
Question by:t3chguy
  • 2
3 Comments
 
LVL 109

Accepted Solution

by:
Ray Paseur earned 500 total points
ID: 39608688
I think you're on fairly firm ground with that kind of a design

You would have a one-to-many relationship between persons and applications, and a one-to-many relationship between person+application and permissions.  This would allow you to add or remove persons easily, join applications to persons, and allocate permissions to each person independently of the various applications they would use.  Initial setup may be a bit of work, but table maintenance will be a breeze for the administrator.
0
 
LVL 1

Author Closing Comment

by:t3chguy
ID: 39608752
Thank you sir!  Glad I got that clarification.  I'm going to be posting this same question in a MySQL section to see if a DBA can help layout these tables.

As a side note, you'll be pleased to know that my new revision of this corporate intranet will be utilizing PDO!
0
 
LVL 109

Expert Comment

by:Ray Paseur
ID: 39608802
+1 for PDO!  Thanks for the points and thanks for using EE, ~Ray

And just a note for going forward... You can choose up to three Zones when you post a question, so you can get a little more intellectual cross-pollination that way.
0

Featured Post

Courses: Start Training Online With Pros, Today

Brush up on the basics or master the advanced techniques required to earn essential industry certifications, with Courses. Enroll in a course and start learning today. Training topics range from Android App Dev to the Xen Virtualization Platform.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Password hashing is better than message digests or encryption, and you should be using it instead of message digests or encryption.  Find out why and how in this article, which supplements the original article on PHP Client Registration, Login, Logo…
Nothing in an HTTP request can be trusted, including HTTP headers and form data.  A form token is a tool that can be used to guard against request forgeries (CSRF).  This article shows an improved approach to form tokens, making it more difficult to…
Explain concepts important to validation of email addresses with regular expressions. Applies to most languages/tools that uses regular expressions. Consider email address RFCs: Look at HTML5 form input element (with type=email) regex pattern: T…
This tutorial will teach you the core code needed to finalize the addition of a watermark to your image. The viewer will use a small PHP class to learn and create a watermark.

786 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question