|
What I had thought was, to have each user a member of only one group. Again, the group is just a set of pre-set flags, to make managing more then one person at a time easy. The difficulty I see in having a member part of more than one group would be, conflicting flags. If one group is denide access to one flag, while another is allowed access. wich do I go with?
That is why flags are set on three levels. Default, Group, and User.
When access to a flag is checked it should check the user level first, and if not there, check the group level, and if not there again, go to default. At each level the flag could be set as True, or False (allowed or not allowed). Upon finding either one, the search would stop at that point.
I'll even put in an option for the admin, when switching a user from one group to another, to clear all user flags or leave them in, at his discretion.
I've decided to go with the schema i've got laid out above, may change it as I go. Now I'm gonna try to figgure out all of the php scripting needed to use the tables effectively.
|