Model (pattern) needed for setup of functional security
10 Nov 2006 - 7:52am
My company's main application currently has hard-coded functional security. In other words, there are a few fixed role names and each role is enabled to access certain functions. (This is separate and apart from "object security" in which specific groups of users have specified levels of access to particular data items.) We want to enhance the functional security so it is customer-configured.
Can someone direct me to a model/ideal design for the administration of functional security? It can be a document or clickable system.
I'm thinking that an ideal interface, one in which any goal can be achieved in a minimum of actions, would support really strong inheritance. This makes me think of a tree-wise control (with superuser at the root) but I've never seen it anywhere.