wood burning stoves 2.0*
The moose likes Java in General and the fly likes User Level Access Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login


JavaRanch » Java Forums » Java » Java in General
Bookmark "User Level Access" Watch "User Level Access" New topic
Author

User Level Access

Kalabaw moo
Ranch Hand

Joined: May 26, 2009
Posts: 61
I have been trying to create a program that will have 3 types of users. Super user (have all access), Admin(Add and modify record), end user( viewing records). However, I was advised that there will be an option to add a new user type (ex. Group Admin, Department Admin ) that will have a different level of access.

I have created an application and I'm finishing the login feature. I was having a hard time determining the user type and the appropriate access for them. The code below doesn't seem to resolve my problem, because what if on run time, I added "Group Admin" or "Department Admin"? the code below doesn't make sense. Please advice.

Maneesh Godbole
Saloon Keeper

Joined: Jul 26, 2007
Posts: 10426
    
    8

CarefullyChooseOneForum

Nothing UI related here. Moving thread.


[How to ask questions] [Donate a pint, save a life!] [Onff-turn it on!]
Manish Singh
Ranch Hand

Joined: Jan 26, 2007
Posts: 160
I am assuming you have a web based application.

learn about security constraint provided by web.xml
Rob Spoor
Sheriff

Joined: Oct 27, 2005
Posts: 19697
    
  20

If you need to add user levels at compile time only I'd make it an enum:
If you need to be able to add rights during runtime you can use the above enum and turn into a regular class. You probably want to have a managing class as well so you can use single instances for each user level.

In the end, by using an enum or class, each user level is an object with its own properties. To determine whether or not a user level has any rights you don't need a switch statement or a group of if-statements; instead, call userLevel.canAddUsers() to determine whether or not the user can add users, etc.

Granted, the number of boolean properties can be quite large, but changing rights for a user level or adding a user level is all possible this way.


SCJP 1.4 - SCJP 6 - SCWCD 5 - OCEEJBD 6
How To Ask Questions How To Answer Questions
Manish Singh
Ranch Hand

Joined: Jan 26, 2007
Posts: 160
@ Rob Prime

Isn't is good to use the declarative security.
Even if new users are created they can be added to the predefined groups.
David Newton
Author
Rancher

Joined: Sep 29, 2008
Posts: 12617

Manish Singh wrote:
Isn't is good to use the declarative security.
Even if new users are created they can be added to the predefined groups.

Depends; I need the ability to add groups at runtime, so it wouldn't work for me.
Rob Spoor
Sheriff

Joined: Oct 27, 2005
Posts: 19697
    
  20

I wouldn't want to hard code user group names if I didn't have to, and if I had to I wouldn't want to spread the hard coded names around too much. By using an enum / class you only need the names when setting the user level for a user; the user level itself then determines what the user can and cannot do.
Kalabaw moo
Ranch Hand

Joined: May 26, 2009
Posts: 61
Thanks for the reply. I'm actually creating an application. However, what if I added a new type of user on runtime, let's say Group Admin that will have a different level of access. How do I update the enum with that type of user on run time?
Rob Spoor
Sheriff

Joined: Oct 27, 2005
Posts: 19697
    
  20

Like I said, you'd need to use a regular class, probably with a manager class. You'll also want to persist the user levels; perhaps through XML, or by just (de)serializing the user levels.
Kalabaw moo
Ranch Hand

Joined: May 26, 2009
Posts: 61
I couldn't understand what you mean by regular class with a manager class. Please give a hint or explanation.
 
GeeCON Prague 2014
 
subject: User Level Access