Articles Tagged with Access Control
-
Martin Radosta - Record level security based on SQL
Written on 2008-12-04 13:26:00 in CakeFest, CakePHP,
Viewed 39176 times 292 CommentsMartin's presentation was based around a behavior that he wrote to provide access control using SQL. In designing a solution, martin came up with a few criteria. The solution must be generic, it only requires 4 fields on any table that will be using the behavior. It should perform quickly and not create a lot of extra queries. The solution he searched for also needed to provide a few features. It should provide permissions for read write and delete. Permissions are assigned by role, with users having many roles. This system is similar to ACL but different, in that it stores the permissions for each record. Martin's behavior uses a permission system similar to the unix file system, with a owner, group, world access. This was implemented as series of bit masks. Unlike the unix filesystems, these permissions are summed and stored as one field. The 4 fields mentioned earl...
