Alexey Parshin wrote:
> I think, we're opening a can of worms here.
I'd like to hear specifics please :)
> Having group-level security slows us down, but what do we have as
Easier management. Previously we didn't have any provisions for
between groups of users of objects.
> I know how to implement it, it's just little bit strange.
What is strange about groups?
> So, if you really want it - I'd start changing schema.
I am still undecided. If you show me some real problems, I may change
my mind. If you can quantify performance impact, it'd help decision-making
> It also means that I'd have to redo most of the work done for last two
> weeks :(
Well, things do not change _that_ much - we just replace users with
access checking procedures..
> 2007/4/16, Ilya A. Volynets-Evenbakh < firstname.lastname@example.org
> Alexey Parshin wrote:
> > I'm reading your e-mails. I just don't see the need to work with
> > single-user groups, at least - I'd prefer not to create such
> groups as
> > a part of user-creation process.
> How do you grant access to individual users then? Create a
> new single-user group every time it's needed?
> > Also, creating a group 'Everybody' would probably simplify a
> > permission search but it would also slow it down. I propose to
> > such group but don't include anyone in there - we can simply assume
> > all the users are there in our SQL.
> So, you want to special-case it? Wouldn't that slow things down
> just as
> Although.. I guess we could populate groups temp table with group
> without having data in permanent table.. Hmm.. I'll say - your call..
> > 2007/4/16, Ilya A. Volynets-Evenbakh <email@example.com
> <mailto:firstname.lastname@example.org >
> > <mailto: email@example.com
> > Man, aren't you reading my mails? ;-)
> > If you need to give access to single individual, you use
> > their personal group. This avoids having to search through
> > two tables, thus making code simpler.
> > Alexey Parshin wrote:
> > > What's the idea behind a group per person?
> > >
> > >
> > > < http://www.sptk.net>
> > --
> > Ilya A. Volynets-Evenbakh
> > Total Knowledge. CTO
> > http://www.total-knowledge.com
> > --
> > Alexey Parshin,
> > http://www.sptk.net
> Ilya A. Volynets-Evenbakh
> Total Knowledge. CTO
> Alexey Parshin,
Ilya A. Volynets-Evenbakh
Total Knowledge. CTO
Authoright © Total Knowledge: 2001-2008