Seperating Client and Internal Users


#1

Hi,

I was wondering if anybody could give me some advice about the best
way to go about seperating client users from internal users.

I’m building an application which will give our clients a subdomain
with several user accounts which they can use to check the status of
their project with us, request services etc. User accounts should not
be shared across subdomains.

As well as these client users we also need to have internal users who
will manage the client accounts, these users will need access to
several or all of the client accounts.

I’d like to keep my Authentication as DRY as possible, but I’m a
little unsure of the best way of keeping the internal representation
of these different users seperate.

Would using Model inheritance work well here. Perhaps having a
ClientUser that belongs to a Client and having InternalUsers that
HABTM Clients? How easy would it be to reuse the authentication code?

Any ideas about how I could go about this would be apprecitated.

Best Regards,
Steve T.


#2

Doing this in my system (similar to yours) was as simple as having a
filter
on all the client pages that says "if the user is assigned to the
project
(manager, team member, etc) then they also can see the client side.)

Perhaps that approach is too simple for what you’re doing, but it works
for
me… just a thought.