Wow. All this feedback is tremendously useful. I really can't thank enough.
Thank you for the arguments on centralizing data, and the questions I need to ask myself/etc on this project.
I am in charge of the project, I am an employee, and the project is made first for my company (and implemented for our use)- and then to be offered to other companies of similar needs with their clients.. (Sound familiar?)
I have full control with security in the first implementation of this project/system. But from there on out.. It's going to be a little bit out of my hands, and I am near vomiting that levels of security (on/off) will be at the mercy of salesmen. It makes me seriously ill thinking about it.
Yes, my ass *is* on fire if things go wrong.
It's hard because the company is very white collar clean cut .. just plain white here and there. So .. I have to be very dipplomatic about what we should and should not be doing, and what we can and can not be doing.
Honestly I want this to work well and reliably for all involved, I'm not simply making sure to stay out of the firing range.
It makes sense to make the authority be the DB. I was seriously considering using the structure of the filesystem to populate the database, and then later on the database would be always just a quick way to see filesystem data.
That is, if empty flat file "joe" were in directory "my stuff" it would make the right entry in the projects/users table.
I was scared about the prospect of the dabatase being corrupted. I still kind of am. It seems like an awful lot of stuff on one file (the db(s)).
The info is sensitive. Most of it is financial/classified data for insitutions.
I will build/offer the full security platoon for my company, and then make sure paperwork needs to be signed before the little soldiers are put to sleep one by one- for other companies.
In reply to Re^2: Where to get this kindof advice.
by jpsartre
in thread Where to get this kindof advice.
by jpsartre
| For: | Use: | ||
| & | & | ||
| < | < | ||
| > | > | ||
| [ | [ | ||
| ] | ] |