Permissions in PHP webapps without headaches?
March 6, 2006 3:03 PM Subscribe
Best practices for managing massive permission systems for a giant home-brewed PHP CMS?
I'm in a job that has a web CMS with a frontend and backend that has grown up over the years. User permissions are currently done with a mostly randomly assigned number on a one-to-one with username that relates back to a set of permissions.
I'd like to move to something that's a lot more customizeable, and doesn't force us to grant such large swaths of permissions.
However, there's literally going to be 400 permissions for the site due to the need to extensively silo content. Is there an easier way to set things up? What best practices have been found in other situations for applications this large, and has anything been written about retrofitting this kind of functionality into an existing large application?