Hey,
a client would like to have hidden pages with infos for logedin users.
User means in this context a frontend user (no access to neos)
I found some packages for frontend logins, but they work with user-groups. What means i have to create a new group for every new user.
We talk about 100+ users.
The best case would be a user-group frontend login and additional a document based configuration where we can select the user(s) which have the right to see specific documents.
Whats the best way to implement this access management?
every kind of privilege you add, costs quite a bit of performance, so try to maybe only work with groups, meaning “logged in users” and nothing else.
In various projects I implemented a privilege that compares a node property to a users group name and made the groups selectable for certain nodes.
Having more than 1 group for this doesn’t cost so much query performance, but each security context will have a separate cache. Meaning, 10 groups / users will have 10x the cache entries, or you skip caching for logged in users.
You really have to discuss with the customer what they need.
If you have something like a page in which every user would see different documents based on their permissions, you can use a uncached Flow Controller based plugin or Fusion component.
I use that in one project for a pdf repository for logged in users.
Having a few pages with a visibility based on a group is also doable without to much modifications.
Having individual user permissions for every page will be harder.