I'm writing an authentication package for an application in FuelPHP. The permissions will be fairly fine grained and several permissions will need to be determined for each page load.
Are there any issues that would occur if I were to cache my groups_permissions table on the server, and query that each time, instead of querying the database each time?
The obvious issue that I thought of was that someone could change their permissions if they were to gain access to the server. That argument doesn't really seem relevant, though, as if someone gained access to the server, they would have access to the database credentials, anyway.
Thanks,
James
Imagine this condition. You /Admin took away certain permissions for a purticular user and he is accessing the site. If the cache duration is long and is not expired yet, he is still allowed to do those operations which he should not have access now.
One solution is Update the Cache whenever you make any changes to the Users permission / Keep the permissions in the user session.