Menu
▾
▴
Re: [WebERP-developers] Shall we find a another regular way to manage authority?
|
From: icedlava <ice...@gm...> - 2013-12-05 13:21:30
|
Hi Phil, Yes I agree with you. I think it could get messy if we continue to distribute the access around about the code in different areas. It is more difficult to maintain this unless - if we really want to do this - we don't have it located in one 'access' area so we can see - this userid, or this role, has this type of access. Otherwise we have to travel all over the code base and user interface to find out. I still think this discussion is looking for ways to increase the granularity of access allowed. The discussion on whether to use userid or role based is not the real problem for solving. Maybe I am overlooking something tho. Cheers, On 5 Dec 2013, at 17:15, Phil Daintree wrote: > Yes we are kind of doing authentication in a number of different ways > - the salesman specific stuff - the user specific stuff for bank > accounts and the wider generalised role stuff. > Perhaps we are complicating things more than we need to? > > Phil > > Phil Daintree > Logic Works Ltd - +64 (0)275 567890 > http://www.logicworks.co.nz > > On 05/12/13 17:45, iced lava wrote: >> Hi Exson, >> >> Thank you for your interesting post. >> >> Personally I have always found it a little more time consuming to set >> up access using roles, but well worth it when it comes to maintenance >> of user access. Even in businesses with smaller numbers of people I >> find it a chore to remember who has what access when applied at a >> user level (depending on the application), and if some leaves the >> business or new people come in, then we have to remember again what >> all the setups are or have them documented somewhere, and similarly >> remove all the user based access for those that leave. Error creeps >> in. >> >> In this respect it is easier for me to add the user or remove the >> user to a defined role that has all the required access defined in >> one pace. >> >> If user based access is located in one user interface area dedicated >> to user access, rather than distributed across various areas of the >> application it might be a bit more easier to maintain. >> >> In this discussion however I think we are talking about the >> granularity of the access, not a role or user access. I think >> granularity or how fine the access is is not the same as if it is by >> role or user id. Here i mean granularity in terms of detail of >> access to some particular part of a page, a link, a transaction type. >> And of course the granularity of access required may differ across >> organisations. >> >> Maybe we should think about access levels and how they can be applied >> at role, [group] or user level at more granular levels than a page. >> For example only - maybe we need to define access levels at 'module' >> or page or transaction type (view, create, modify, delete) or menu >> type link (transaction, report,inquiry etc) >> >> Thanks for the opportunity to discuss this! >> >> Cheers, >> >> >> >> >> >> >> >> On Thu, Dec 5, 2013 at 11:30 AM, ExsonQu <hex...@gm... >> <mailto:hex...@gm...>> wrote: >> >> *Dear all:* >> >> I think we're facing more and more chance to add >> control not >> based on scripts, as we did now. We need more precision control >> such as >> recently Richard has added bank account constraint and salesman >> control etc. >> >> It'll time consuming to develop control method case >> by case, >> and it'll be difficult for users to master it. >> >> Does it make sense to develop an extra regular >> control way for >> this? If so, which one is better? >> >> Any comments are highly appreciated! >> >> Thanks and best regards! >> >> Exson >> >> >> >> -- >> View this message in context: >> http://weberp-accounting.1478800.n4.nabble.com/Shall-we-find-a-another-regular-way-to-manage-authority-tp4657044.html >> Sent from the web-ERP-developers mailing list archive at Nabble.com. >> >> ------------------------------------------------------------------------------ >> Sponsored by Intel(R) XDK >> Develop, test and display web and hybrid apps with a single code >> base. >> Download it for free now! >> http://pubads.g.doubleclick.net/gampad/clk?id=111408631&iu=/4140/ostg.clktrk >> _______________________________________________ >> Web-erp-developers mailing list >> Web...@li... >> <mailto:Web...@li...> >> https://lists.sourceforge.net/lists/listinfo/web-erp-developers >> >> >> >> >> ------------------------------------------------------------------------------ >> Sponsored by Intel(R) XDK >> Develop, test and display web and hybrid apps with a single code >> base. >> Download it for free now! >> http://pubads.g.doubleclick.net/gampad/clk?id=111408631&iu=/4140/ostg.clktrk >> >> >> _______________________________________________ >> Web-erp-developers mailing list >> Web...@li... >> https://lists.sourceforge.net/lists/listinfo/web-erp-developers > > ------------------------------------------------------------------------------ > Sponsored by Intel(R) XDK > Develop, test and display web and hybrid apps with a single code base. > Download it for free now! > http://pubads.g.doubleclick.net/gampad/clk?id=111408631&iu=/4140/ostg.clktrk_______________________________________________ > Web-erp-developers mailing list > Web...@li... > https://lists.sourceforge.net/lists/listinfo/web-erp-developers |
