• Post Reply
  • Bookmark Topic Watch Topic
  • New Topic

User Level Access

 
Kalabaw moo
Ranch Hand
Posts: 61
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
I have been trying to create a program that will have 3 types of users. Super user (have all access), Admin(Add and modify record), end user( viewing records). However, I was advised that there will be an option to add a new user type (ex. Group Admin, Department Admin ) that will have a different level of access.

I have created an application and I'm finishing the login feature. I was having a hard time determining the user type and the appropriate access for them. The code below doesn't seem to resolve my problem, because what if on run time, I added "Group Admin" or "Department Admin"? the code below doesn't make sense. Please advice.

 
Maneesh Godbole
Saloon Keeper
Posts: 11021
12
Android Eclipse IDE Google Web Toolkit Java Mac Ubuntu
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
CarefullyChooseOneForum

Nothing UI related here. Moving thread.
 
Manish Singh
Ranch Hand
Posts: 160
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
I am assuming you have a web based application.

learn about security constraint provided by web.xml
 
Rob Spoor
Sheriff
Pie
Posts: 20512
54
Chrome Eclipse IDE Java Windows
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
If you need to add user levels at compile time only I'd make it an enum:
If you need to be able to add rights during runtime you can use the above enum and turn into a regular class. You probably want to have a managing class as well so you can use single instances for each user level.

In the end, by using an enum or class, each user level is an object with its own properties. To determine whether or not a user level has any rights you don't need a switch statement or a group of if-statements; instead, call userLevel.canAddUsers() to determine whether or not the user can add users, etc.

Granted, the number of boolean properties can be quite large, but changing rights for a user level or adding a user level is all possible this way.
 
Manish Singh
Ranch Hand
Posts: 160
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
@ Rob Prime

Isn't is good to use the declarative security.
Even if new users are created they can be added to the predefined groups.
 
David Newton
Author
Rancher
Posts: 12617
IntelliJ IDE Ruby
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Manish Singh wrote:
Isn't is good to use the declarative security.
Even if new users are created they can be added to the predefined groups.

Depends; I need the ability to add groups at runtime, so it wouldn't work for me.
 
Rob Spoor
Sheriff
Pie
Posts: 20512
54
Chrome Eclipse IDE Java Windows
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
I wouldn't want to hard code user group names if I didn't have to, and if I had to I wouldn't want to spread the hard coded names around too much. By using an enum / class you only need the names when setting the user level for a user; the user level itself then determines what the user can and cannot do.
 
Kalabaw moo
Ranch Hand
Posts: 61
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Thanks for the reply. I'm actually creating an application. However, what if I added a new type of user on runtime, let's say Group Admin that will have a different level of access. How do I update the enum with that type of user on run time?
 
Rob Spoor
Sheriff
Pie
Posts: 20512
54
Chrome Eclipse IDE Java Windows
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Like I said, you'd need to use a regular class, probably with a manager class. You'll also want to persist the user levels; perhaps through XML, or by just (de)serializing the user levels.
 
Kalabaw moo
Ranch Hand
Posts: 61
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
I couldn't understand what you mean by regular class with a manager class. Please give a hint or explanation.
 
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic