Access Rules question

Here I am with my very complex access rules again - 55 different rules at last count. I have about 170 staff, and most of them are either in an executive group and have site-wide access, or they just have access to one committee page. So, for instance
A (and a few others) has access to committee page A
B has access to committee page B
C has access to committee page C
D has access to committee page D etc etc

So I have set up a group called Committee A and I have included admin, exec and A. And I have created a page access rule for page A for Committee A. That bit is simple.

But if someone is on more than one committee, say E has access to pages B, C and D, I'd like to set up their very own access rule. But my head's starting to spin. What's the simplest way to achieve this?

there really is no simple way to do this.

I would start by mapping it out on paper or a white board before trying to create the access rules in Security Assist.

Some times, there is no substitute for a good old fashioned white board.

Hi,

I wonder would if it be easier to add a table in the database and assign

Mapping table:
mapID (key)
userID
groupID

Users table:
userID (key)
etc..

so the two usersID's from both tables are relationsional or linked (not sure on this)

on your backend create a list of groups A, B, C, etc.. with checkboxes so they are displayed for each user, then you can select the checkbox for that user and it corresponds to the groupID number in your Mapping table. so A=1, B=2, etc..

assign a value to each checkbox from 1-26 (for A-Z)

so for example user A (userID = 231) wants to be in groups B and C, you check B and C, and it inserts into your Mapping table
userID = 231
groupID =2

userID =231
groupID =3

then link the groupID in your access rules page.
I'm just throwing out an idea

Ed

Thanks un33 but that looked way too difficult for this little black duck. So I had another think and in the end it wasn't that hard. Laborious, but not hard, and all within the functionality of SA.
I had about 15 of these multitaskers so I created an access rule for each of them, then just added their user level number to the group access rule for each page they have access to. Messy, but it works.

I was wondering from your last posts why it was you needed so many access levels. So you actually have over 50 different committee pages, all with different sets of members.

Just a thought, but how different are these committee pages. have you thought about just creating a committee page template, and populating it with database information?

That way if a user selected "Committee A" the page would load with only Committee A information, and so forth. Now you basically only need one page or set of pages and a single rule. Other than restricting access to the page for members, the security comes in by associating which committees a particular member belongs to in the user profile table.

The way it would work, in the user profile page there's a section called "My Committees" with a list of commutes associated with that user. Each listing would link to the main Committee page, and pass the Committee ID in the link. The target page would use the ID to create the recordset to populate the page with the database info from that committee record.

There are other ways to secure it even further. Such as passing a form variable instead of a query string where the ID would appear in the URL.

You could also create another single rule, or basically make it yourself, on the Committee oage. In essence, it would create a reforest that committee IDs that are contained in the user profile, and compare them to the current committee ID that is poised to populate the page. I believe this could be done using SA, nut I haven't tried something like this using dynamic data. But if there are marches when the comparison is made, the user gets kicked out to another page.

Sorry for another long winded confusing alternate solution. It would depend on whether the various committee pages could be built in a similar layout, and I am assuming that each page now is a separate page with static content.

But if everything is working for you the way you want it to, this may be something to think about for the next version. The results would appear practically the same, but it would be overall more efficient and much easier to maintain once it's all set up.

Hi Lon, good to hear from you again, and once again with an elegant and thoughtful solution.
You're right, I've got this working now and it's almost killed me (well, felt like it at times) so I'm going to launch it and let it be.
If I ever get around to rebuilding this site, your way would be much neater and easier to maintain. Yes, each Committee page is just a list of links to meeting minutes, terms of reference, trial protocols specific to that committee. One problem though is that the Executive Committee has access to all Committee page so their page would be huge. If I get what you're suggesting.
Part of the problem is that this job kept changing and growing, the scope just kept getting bigger. In the beginning, if you can believe it, they were talking about a "Members' Section" and public-access areas. Now, six months later, it has come to this.
I also realise now that SA is not designed for complex systems, just your average admin, power-user and member levels. It's perfect for that. But I was already in and past the point of no return, I just had to make it work.

If you got it working to meet your needs, then it is designed to be flexible to the extent you need. There are possible and likely scenarios, even when the entire site is built with the utmost efficiency, where several access levels could be required. Something maybe like a business site that has several locations, and each location may have different levels of access for manager, assistant manager and so forth. So SA is made for more complex structures.

The most I've needed so far is two levels of admins and regular user logged in. Plus, I've used the CMS that comes with Site Sculptor which automatically configures the different access levels. content management.

I totally understand about the effort it takes to get something working right and if it works, leave it be. With each new project, you'll find a way to do something better than the last one, it's sort of a never ending learning process.

One of the first sites I built was a training program that contained a 50 question exam at the end. Each exam question was a separate page, containing the question and choices with radio buttons. The radio button with a value of 1 was the correct answer, so the response of either 0 or 1 was written to the database and the final score calculated at the end.

The next time I built an exam, I used a single page, but populated the question and choices from a database table, much more efficient. But i don't think I would have figured this out without doing it the other way first. I needed to go through the process and make it work as best I knew how at the time before I could start seeing other possible solutions.