We're maintaining application that requires quite complex
group and user permissions. We're currently using Fusebox as a
framework for this app. We need to introduce some kind of
security/permissions model that would check for user permissions
not just for every page (Fusebox has some nice tools to do that)
but basically for every action and user input - one href is allowed
but the other is not, one input type is displayed but the other is
not etc. We're trying to find some nice and ellegant way of doing
this - if possible. If you have any experience with this kind of
security I'd appreciate any help.
PS: We're also facing problem with the permission on data
level - one record is ok to display but the other is not. But
that's different issue and should be probably done on database-
however if anybody has experience with this I'd appreciate any
help. We heard about somebody using XML generated by CF?