Forum Moderators: coopster
Are there better ways of doing this? What I would like to ultimately acheive is a way to add the new functionality as a module or something that can be turned on and off for each company depending on their preference. I have been brainstorming on this topic for a while now and I can't seem to come up with any simple solutions. Any ideas you have are greatly appreciated!
What Coopster is describing is developing a platform for your web app that executes the first two A's of "AAA" - Authentication and Authorisation (the 3rd A is "Accounting").
Rather than simply having a login through which all authenticated users are considered equal; you develop your application in such a way that having authenticated a user, you then say "Now what is this user allowed to do?".
This "authorisation" feature of your web app can then drive what menu options are visible to that user, and also moderate access to individual scripts within your app.
Typically; this is done by creating "roles". Your system should define a default role, something like "Authenticated User"; through which access to all generic functionality is controlled such as managing their user profile (change password etc.).
In addition; every user could also be associated with a role name that is equal to their username (or perhaps account ID). The first benefit of doing this is that you can create a feature for one customer, and control their access to it through the exact same role management interface that controls access to functions available to groups - no more spaghetti code!
Extending that benefit; if the feature that was initially specific to a client (perhaps they agreed to alpha test it with you) is then ready to be rolled out to more users; you simply create a new role that control access to the feature; and give all your beta testers that role (including your original customer).
The techniques required to do this are straight forward - a simple database schema and basic SQL queries are all that is required to implement role based authorisation in your app, and therefore I doubt you will find much benefit in trying to find an existing product or codebase that will make doing this any quicker than rolling your own solution.
Hope this helps!
I also have come up with a system to manage specific features. I have determined a default set of features that all of the companies use. Everything else is a feature and I have put the code for those features into separate files. I then have a prefs table that I use to see if a particular company uses the feature, if they do use it I include the file that has the code for that feature. If they do not use the feature it will just use the default behavior. In many cases I have to change/add code in many scripts to add a feature so I just create a separate file to be included at each one of those points. This helps to keep the code to a manageable size and makes it easier to turn features on and off at will.
