Your developer got under my skin just reading your article ;-)

I’m not exactly sure what you’re asking, but can you hold the question and we can revisit it if the next article doesn’t show you how you can do what you want?

Thanks for writing in!

Just because the columns are meta-data that have no intrinsic meaning doesn’t mean they have no value.

Sort of. However, I have a hard time imagining that it’s difficult for the ORM to map, for certain tables, the id to the primary key. It cannot be that difficult to store the primary key in an object->primarykey property, and have that correspond to an object->id property.

It doesn’t even particularly matter that “row 1″ is “row 1″ for all threads, either — just that it’s uniquely identifiable. It’s for this reason that I feel that “row numbers” when a table already has a primary key is actually valueless data. In particular, my complaint was about a developer who insisted that every table MUST have an auto-increment number, even though we had a unique integer already!

I’m definitely looking forward to the next article. I’d love to see how you handle “give this person everything the FOO group but take away BAR right” and keep that quick, with the ability to update the permissions of the FOO group and update everyone already using the FOO group.

I started to stand by my assertion that there are recursive calls in the actual ACL check functions, because I thought acl_check() called acl_query(), which I thought recursed into an array of results, but I just read the source again and don’t see any recursion. My mistake.

Modelling the permissions system after the POSIX system makes a great deal of sense, and it seems to me that it strikes a good balance between simplicity and flexibility.

I actually had some involvement in phpGACL, it is very powerful but definitely overkill for the majority of applications. That said, your comment regarding memory usage may be a little off-base, as the referenced error is produced by the management interface, which uses recursive functions for display purposes while the actual ACL checks do not.

The biggest issue with phpGACL is that it separates the permissions from the data, making the task of managing them more difficult than it should be. That said, if you need a generic hierarchical system there are few other options.