|
>Why not design an ILE service program, But herein lies the problem, what is the service program checking? There are three major parts to the authentication system, who, what and where. Who being the user What being the action (view, edit, delete, add note, change status, etc.) Where being the row (protocol 8, attachment 47, etc.) Then of course there are several paths of inheritance where someone doesn't have explicit rights to a row, but inherits his/her rights because they are "associated" with the row (product manager, VP Product, etc.) >If you attempt to use object level authority as the model >here, it could get very complex... True. But the specific business model is Institutional Review Boards, the bodies responsible for human-subject safety in clinical trials, so it's complex already (Can anyone say HIPAA? <G>) -Walden ------------ Walden H Leverich III President Tech Software (516) 627-3800 x11 (208) 692-3308 eFax WaldenL@xxxxxxxxxxxxxxx http://www.TechSoftInc.com Quiquid latine dictum sit altum viditur. (Whatever is said in Latin seems profound.)
As an Amazon Associate we earn from qualifying purchases.
This mailing list archive is Copyright 1997-2024 by midrange.com and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available on our policy page. If you have questions about this, please contact [javascript protected email address].
Operating expenses for this site are earned using the Amazon Associate program and Google Adsense.
midrange.com
