We are writing a specification for an Apache/modperl based data
entry/update system that will operate against an Oracle database.
I am a Perl/modperl novice.
This will be a lightly loaded Web Server (less then a dozen concurrent
"sessions", 100s of updates/hour).
Users will log in. I assume that we will use Apache Session and URL
rewriting to manage user sessions.
Users will have a profile defining which actions are allowable.
Since there are so many cool Perl tools out there, I would like a sanity
check on our proposed Privilege Management approach.
The number of privileges will start at less than 20 and will certainly
never grow to more than 50.
-----------------------------
We will have a user table
We will have a table for actions that lists each possible action.
We will have a join table linking users to allowable actions.
Each screen has a defined list of possible actions. This information is
"hardcoded" into the entry logic for the screen.
When a screen is sent to the user, the possible action is checked and
enabled/disabled based on the user privilege.
The maintenance screen for these tables will be in Oracle forms.
----------------------------
Is there a better way?
Thanks!
p.s. What I would love to see is the ability for each display object that
links to an action to set it's own enabled/disabled state. Not sure how
this might be accomplished in a Web environment.
--Robert Monical
--Director of CRM Development
[EMAIL PROTECTED]
