[Typo3-dev] Re: The future of typo3
Didier Geheniau
didier.geheniau at feas.net
Sun Oct 26 22:54:54 CET 2003
Hi all.
> > Daniel Hinderi(n)k writes:
> >
> >> On the general notion of creating a symbiotic frontend and backend
> >> user concept, I am less enthusiastic about this.
> >>
> > I hope that this is not the way you understand what I have been
> > writing. Of course it should be possible to separate those
> two parts
> > of the system. I just want what separates them to be something more
> > trivial rather than 938427 lines of PHP-code.
>
> That is not the case, see below. I am however against a
> unified user concept in the sense of having e.g. One common
> table for reasons already stated.
>
Re-think the concept of authentication and authorization.
A user is one person, this person can access the front-end and the
back-end. By login in with a user account he is authenticated as the
right person.
Groupmemeberships gif him the authorization to do things. It doesn't
matter if you split the backend and the frond end. You can always define
backend groups with backend rights and frond end groups with front-end
rights.
So keep user records simple, there are situations that companies want to
use or import users from an other environment. Personal user settings
can be stored in typo3. No authorization information must be stored in a
user record, store this information in the group records.
Regards,
Didier M.J.C. Gehéniau
Consultant
FEAS
info at feas.net
www.feas.net
More information about the TYPO3-dev
mailing list