We are writing a specification for an Apache/modperl based data 
entry/update system that will operate against an Oracle database.

I am a Perl/modperl novice.
This will be a lightly loaded Web Server (less then a dozen concurrent 
"sessions", 100s of updates/hour).
Users will log in. I assume that we will use Apache Session and URL 
rewriting to manage user sessions.

Users will have a profile defining which actions are allowable.
Since there are so many cool Perl tools out there, I would like a sanity 
check on our proposed Privilege Management approach.
The number of privileges will start at less than 20 and will certainly 
never grow to more than 50.

-----------------------------
We will have a user table
We will have a table for actions that lists each possible action.
We will have a join table linking users to allowable actions.

Each screen has a defined list of possible actions.  This information is 
"hardcoded" into the entry logic for the screen.
When a screen is sent to the user, the possible action is checked and 
enabled/disabled based on the user privilege.
The maintenance screen for these tables will be in Oracle forms.
----------------------------

Is there a better way?

Thanks!

p.s.  What I would love to see is the ability for each display object that 
links to an action to set it's own enabled/disabled state. Not sure how 
this might be accomplished in a Web environment.


--Robert Monical
--Director of CRM Development
[EMAIL PROTECTED]


Reply via email to