i am looking to customize the default user authentication module. In a nutshell, i need to accomplish the following:
(i am running the 2.4 RC3 bundle)
i need to add flags to the user to determine granularity of permissions within individual portlets... in other words, userA can edit all fields on a portlet window, userB cannot, but can view. userC can change field 1,2, 4, blah, blah, blah... there are literally 1000's of combinations within the system i am building. depending onlly on roles / groups could get a bit messy and confusing.
should i just extend the user portlets and database tables to reflect the addional user permissions?
Should i just bypass the portal security model completely and build my own? (this kinda defeats the purpose of using portal)
Has anyone run into a "security" roadblock before in regards to multiple levels of granulatity within different portlets in the same portal deployment?