> @A I think your standardized groups will simplify things. However, > there is then some sacrifice of fine-tuning permissions.
You're right. In my case I am working on a network of networks app. Since permissions are based on functions I was able to cluster functions into plans. To fine tune permissions I defined a table 'function' which has a company_id and Boolean fields for every single function. In the controller, response.plan_menu holds the menu items which reference the plan's functions, after login, I query the 'function' table for the company's functions which I set in session.functions. In the view I generate the menu base on response.plan_menu and session.functions. Kind regards, Annet.
