1

I'm building a CakePHP Student Management System to be used by large Universities(50.000+ users), and i'm wondering what is the best way for implementing the Access Control Stuff.

The University has many faculties, the faculties as many departments and the departments as many sections and so on... The rule here is that the global administrators of the university has permission to access data from all faculties, but the administrators of faculties can only access data from their faculty. The same applies to departments under faculties.

Also, there will be teachers that can only access data from the students belonging to their "classrooms"

And there will be students that can only access their personal data and events belonging to their classrooms

Can you help me designing the access control strategy for this system? I'm already using CakePHP ACL, but i don't know if it is the good stratey to go.

Elisio L Leonardo
  • 229
  • 1
  • 8
  • 1
    Actually i'm thinking to go with the approved answer for here:http://stackoverflow.com/questions/6370384/cakephp-access-allocation-on-role-based-specific-data-access Basically it combines the CakepPHP ACL and local action authorization – Elisio L Leonardo Jun 02 '13 at 09:35
  • 1
    I'm not saying Sharepoint is great (because it's absolutely horrible), but have you looked into other systems as well? Since there are a lot of systems out there which might suit your needs. I'm just curious :) – Jelmer Jun 02 '13 at 22:16
  • You could also consider building your own system for ACL management ;-). Might be an option in your case. Can't answer your question with full commitment though, I have think about this how I would approach such a thing. – Jelmer Jun 02 '13 at 22:18
  • I decided to write my own ACL management :). I will use cake default ACL for global authorization, and i will implement per action verification for specifics – Elisio L Leonardo Jun 07 '13 at 09:56

0 Answers0