Can I used both role-based and user-based permissions on my web application?
e.g.
Role-Based with User-Based
staff role has following permissions:
[checked] Add Student
[checked] Edit Student
[checked] View Student
[unchecked] Delete Student
and I want one staff user to have a delete student permission
[checked] Delete Student
This will override the role based permission and the user will have permission on delete student but my problem is if I want a specific user to have no permission on add student. I cannot disable it because by default all user permissions are unchecked and will override only the role-based if it has checked.
Should I used role based or user based or both?
Aucun commentaire:
Enregistrer un commentaire