I'm a litle bit disapointed about the chapter 8. Here are the reasons:
- Why adding this kind of bizrule in the AuthAssignment table: "return isset($params["project"]) && $params["project"]->isUserInRole("owner");" as the "owner" information is hold on the ItemName column and the rest remain constant, this information can easily be genarated bu the logic of the application.
- What's the purpose of the "AuthAssignment" table since all of these informations can be easily retrived in the "tbl_project_user_role" table. Just imagine we remove that first table, all the RBAC stuffs can be done with the "tbl_project_user_role" and the other tables.
- Since RBAC roles are very limited in the TrackStar application, isn't it a leak off performances to keep them inside a database table ? Keep them in a php array inside a file isn't faster ?
The chapter 8 comes to me as a difficult one. All help or precision will be very appreciate.