Fusebox 3.0 Generic Security Model

Tom Nunamaker's Security Model
Version 1.0
January 27, 2002
Paladin Computers Tom Nunamaker

I wrote this in Nov 2000 while working on a client's intranet. Since a security model is a pretty generic thing that people need, I decided to release it in hopes everyone can benefit from it. This was my first real FB3 code. It seems to work pretty well and the development time was VERY reasonable. This project sold me on FB3 being THE way to code!

If you see ways to improve it, please let me know.

Thanks and enjoy!

Tom Nunamaker
tom@toshop.com

NOTE: This particular client had me working inside of a frame. I haven't tested this in a non-framed root level, but I'm guessing it should work. There is a variable in the top level fbx_settings.cfm to set the name of the top level frame as "request.TopLevelFrameName".

==================================================================

SQL Server Database Diagram

SQL server DDL file

Generated HTML from clients site
(don't flame me for the colors...it was the style sheet for their intranet)

Main Menu to Administer Rights and Groups

Manage Availalbe Rights Menu

First you have to create "rights" to put in your code

Manage Available Groups

You don't have to create groups, but it sure makes life a lot easier.

Manage Group-Rights Assignments

This is where you assign rights to partciular groups.

Manage User to Group Assignments

Had to start with a filtering page otherwise you'd get over 400 users on one page.
You can filter by group or keyword search

After you search on Nunamaker, you find myself and my parrot, Merlin (he's a great tester)

Manage User Rights

Had to create a filter to find the users you were interested in editing their rights. Again, having all show up on the page was too many to deal with at once. I could have also put a Group drop down, but if you're editing a whole group, then why would you be here editing a single user?

After you search for "Nunamaker", you find myself and Merlin. Notice the boxes with x's already filled in? That means you already have that right inherited from a group membership, so there's no need to assign it individually. If there is a checkbox, it means that right can be assigned or removed from that user.

The Fusebox code to go along with this:

SecurityModel.zip

NOTE: This was done for a client who changed their mind mid-way about validating the user's login. They wanted to do it for each page load (in case they fired an employee...they wanted to immediately revoke his/her rights on the intranet).

Due to some of the SQL Server Transact-SQL code, you would have to do a bit of "tweaking" to get this to work with Access. I'm sure it could be done but I my client was using SQL server and I didn't want to waste their money developing it for Access.

If you have any questions, comments, suggestions, etc., please let me know.

Thanks and enjoy!

Tom Nunamaker
tom@toshop.com