Allow admins change user access

hi,

i have been asked by my client if it is possible for them to see the users and have tick boxes to which pages the users can and cannot see?

i have it built just now using webassist extensions.

thanks again

This seems like something that is possible, however it might take some time to come up with the structure that would be needed to enable this.

The first thing you would need to do is come up with a way of restricting access to individual pages based on all different rules. So you would basically need to have a rule for each page that checks on a particular variable that is set when the user logs in or is set on the page with the rule based on a recordset that is filtered on the userID.

Once you have individual rules based on specific values you could then add in a table or columns to your users table to hold the access value for each of these new rules. You could then have an update page that will allow you to set the values in these new columns wich will dictate what pages the user has access to.

This is not a simple setup and it will require a bit of work to get implemented correctly but I think it is definitely possible.

thasnk eric, it is something i would defintely like to impliment.

currently i have admin pages and user pages, however i need the admins to mix it so that users could have access to one of the admin pages but not the other and so on using tick boxes.

i thought about adding it into the users table, however would i just need one column or one column per page and have it set to either 1 for admins or 2 for users?

how can i impliement it to check the variable you talk about?

thanks again eric

If you would just like to have simple access level, like these users are admins and these other users are low level admins then you could do this with one additional column. If you would like to control exactly what pages each individual user has access to then you would need individual page rules and you would need to store the page access information for each page for each user.

When it comes to checking the variable the idea is that on the login or authenticate user page you would modify the server behavior to store the various page access permissions in their own session variables. Then you would craft individual rules for each of the pages that would check on the value that was specific to that page. If the use has the correct value then they can have access to the page.

In general access to areas of a site are normally based on access levels and it is not something that is done on a per page basis.

hi eric,

is there any documentation on how to create the check access per page so my client can have the ability to choose what pages certain users can have?

many thanks

We have some documentation for traditional access levels with Security Assist that are available on the SecurityAssist support page. We do not have any documentation that is geared toward per page per user access.