How to implement Restricted access to application features
Posted
by
DroidUser
on Programmers
See other posts from Programmers
or by DroidUser
Published on 2011-11-22T23:34:42Z
Indexed on
2011/11/23
2:07 UTC
Read the original article
Hit count: 226
I'm currently developing a web application, that provides some 'service' to the user. The user will have to select a 'plan' according to which she/he will be allowed to perform application specific actions but up to a limit defined by the plan.
A Plan will also limit access to certain features, which will not be available at all for some plans.
As an example : say there are 3 plans, 2 actions throughout the application
- users in plan-1 can perform action-1 3 times, and they can't perform action-2 at all
- users in plan-2 can perform action-1 10 times, action-2 5 times
- users in plan-3 can perform action-1 20 times, action-2 10 times
So i'm looking for the best way to get this done, and my main concerns besides implementing it, are the following(in no particular order)
- maintainability/changeability : the number of plans, and type of features/actions will change in the final product
- industry standard/best practice : for future readiness!!
- efficiency : ofcourse, i want fast code!!
I have never done anything like this before, so i have no clue about how do i go about implementing these functionalities. Any tips/guides/patterns/resources/examples?
I did read a little about ACL, RBAC, are they the patterns that i need to follow?
Really any sort of feedback will help.
© Programmers or respective owner