Page 1 of 1

RBAC question

PostPosted: Thu Oct 09, 2008 2:26 pm
by alikim
Hi,

I'm very new to RBAC so any help, links or examples will be appreciated...

My implementation of RBAC now works as follows:

When a site visitor submits a form, say with his personal data, he starts an action i.e. person_update.

Judging by the visitors and the person's ids the visitor is assigned a role, say 'owner' and gets permission to update the record.

Also, this action person_update can be started by somebody who has a role of 'admin' or 'moderator'.

The problem is that 'owner' can not change some DB record fields like his own login name and 'admin' or 'moderator' can. So I somehow need to get control over a particular DB field.

So the question is: is it possible to do inside RBAC model by creating new roles/actions and without implementing CRUD matrix for each field in DB?

Thank you,

Re: RBAC question

PostPosted: Mon Jun 22, 2009 8:28 pm
by grsuser
creating new roles/actions is good idea, but I think it is not easy for RBAC by now.