Re: Access control
- From: Yorian <yorianbenjamin@xxxxxxxxxxx>
- Date: Tue, 9 Jun 2009 03:31:47 -0700 (PDT)
On Jun 8, 10:42 pm, Jerry Stuckle <jstuck...@xxxxxxxxxxxxx> wrote:
At the moment I'm trying to create an Access control system (the
implementation, not a handy class such as zend_acl) however I'm a bit
stuck on how to do this.
I will explain the way my system should work in a minute but to give a
fairly fast impression it looks a bit like the complex example here:
In my case I have users and roles (groups) to which actions can be
assigned. The actions vary depending on the resource used.
I have a guestbook, on the guestbook 4 actions can be performed: view,
add, edit, delete
I also have a poll, on the poll 6 actions can be performed: vote,
view, view_results, create, delete, edit
How do I control the access to these resources? (and how should the
I missed one point - also fetch the authorized actions for the group(s)
the user belongs to, and allow those actions to which the group is
authorized. It gets a little more complicated, but if you wish to
restrict authorization to a group member that he/she would otherwise
have access to as a member of the group, that could be handled in the
individual member, also.
Personally, in the PHP end, I would have a function which fetched all of
the authorizations for the user and created an array of authorized
actions. Then I would have a second function which took that array and
the specific action I was interested in and checked against the
authorization array, and returned true or false.
This way all of your authorizations are handled in two functions. If
you later need to add a new authorization, you only have (at most) two
functions to change.
Remove the "x" from my email address
JDS Computer Training Corp.
Thanks for your response Jerry.
I could manage that far, but how to actually accomplish this? How
should the database look and how do I retrieve the information needed?
- Re: Access control
- From: Jerry Stuckle
- Re: Access control
- Prev by Date: Free Webinar - PHP New and Improved Features
- Next by Date: Re: Access control
- Previous by thread: Re: Access control
- Next by thread: Re: Access control