Hi All,
I am making a DAM (seems to be the hip thing to do these days). It is
for the company that I work for. We have some really weird domain
rules that have prevented me from just using a simple directory
structure file permission system. I have come up with a solution but I
wanted to run it by you gurus to ensure that I am not recompiling the
wheel here.
Basically the domain rule is:
A user should be able to access a category and the assets within the
category only if they have the appropriate permissions. There are
assets within a category, which can have different access rights
meaning having access to the root category does not mean that you have
access to all the files within.
Here is what I have laid out as a possible structure:
User
A user is a person who has access to the site. The content a user can
see, and the effects they have over it depend on their roles and
permissions.
A user can:
â?¢ Have access to many categories
â?¢ Have many roles
â?¢ Belong to many user groups
Category
A category is a specific area of the site where assets and other
categories are stored. Content managers can specify asset restrictions
for categories. For example, a category may only allow images under
five megabytes to be uploaded. By default, the category does not have
any restrictions on asset types.
A category can:
â?¢ Have many assets
â?¢ Be accessed by many users
â?¢ Be contained in many permission groups
Asset
An asset is any file uploaded into a category. While Assets can be any
digital file that can be stored on a computer, they are typically,
images, text documents or spreadsheets. An asset can have several
attributes, which a file owner can specify.
An asset can have:
â?¢ One owner
â?¢ Belong to many permission groups
â?¢ Belong to one category
â?¢ Can be marked as locked, which means another asset cannot overwrite it
â?¢ Can be marked as private, which means only the owner can see it
â?¢ Can be marked as archived, which means only user administrators can
see it
Permission Groups
A permission group is a collection of permissions tied to a central
group. Using permission groups a user admin can assign access to a
user by assigning them to a group rather than assigning them
permissions individually.
A permission group can have:
â?¢ One to many users
â?¢ One to many categories
â?¢ One to many assets
Is this a smart way to go about things?