Role Security Project Question
Posted: Wed Nov 10, 2010 12:04 pm
I need information where to start on a very advanced project I'm going to get involved with.
There will be 5 Role categories depending the level they will not have access to all items or fields.
A. Administrator - Should have access to all information from all users
B. Agent - Should have access to almost all information related to their customers.
C. Primary User - Will have access to all users related to their company
D. Other Users - Will have access only to their information.
E. Anonymous User - General access to general information.
What I am looking for is on the same page different roles should have different access permissions.
For example a help desk page. The administrator has access to all data including hidden fields which are not available to end-users, and could see the Casas from all users and is able to edit them or delete them.
The agent access the same page but only sees the Casas related to his customers, some internal information will not be available for him.
The end-user has access only to his Casas and has limited information and limited capabilities of making changes.
Please provide how this could be done and some resources for more information.
There will be 5 Role categories depending the level they will not have access to all items or fields.
A. Administrator - Should have access to all information from all users
B. Agent - Should have access to almost all information related to their customers.
C. Primary User - Will have access to all users related to their company
D. Other Users - Will have access only to their information.
E. Anonymous User - General access to general information.
What I am looking for is on the same page different roles should have different access permissions.
For example a help desk page. The administrator has access to all data including hidden fields which are not available to end-users, and could see the Casas from all users and is able to edit them or delete them.
The agent access the same page but only sees the Casas related to his customers, some internal information will not be available for him.
The end-user has access only to his Casas and has limited information and limited capabilities of making changes.
Please provide how this could be done and some resources for more information.