Subversion Repositories php_users

Rev

Rev 27 | Show entire file | Ignore whitespace | Details | Blame | Last modification | View Log | RSS feed

Rev 27 Rev 28
Line 1... Line 1...
1 
====== PHP Users Permissions Class ======
 1 
====== PHP Users Permissions Class ======
2 
 
 2 
 
3 
The Users Permissions Class (UsersPermissions.class.php containing the class UsersPermissions) is an extension to the Users Class which adds a list of boolean values and code to retrieve and maniuplate them.
 3 
The Users Permissions Class (UsersPermissions.class.php containing the class UsersPermissions) is an extension to the [[software:dailydata:libraries:php_user|Users Class]] which adds a list of boolean values and code to retrieve and maniuplate them.
4 
 
 4 
 
5 
As with the Users class, there is a separate data access class that is used (usersPermissionsDataSourceMySQLi.php containing the class usersPermissionsDataSourceMySQLi for MySQL).
 5 
As with the Users class, there is a separate data access class that is used (usersPermissionsDataSourceMySQLi.php containing the class usersPermissionsDataSourceMySQLi for MySQL).
6 
 
 6 
 
7 
NOTE: a user with admin rights (Users::isAdmin() == true) has all permissions regardless of what permissions are set in the additional Permissions list. Thus, a user can be promoted to admin, then demoted at a later date and have the same permissions they had before their promotion.
 7 
NOTE: a user with admin rights (Users::isAdmin() == true) has all permissions regardless of what permissions are set in the additional Permissions list. Thus, a user can be promoted to admin, then demoted at a later date and have the same permissions they had before their promotion.
8 
 
 8 
 
- 
 
 9 
You can get a copy of this from our subversion repository
- 
 
 10 
<code bash>
- 
 
 11 
svn co http://svn.dailydata.net/svn/php_users/tags/stable php_users
- 
 
 12 
</code>
- 
 
 13 
My working copy is at
- 
 
 14 
http://svn.dailydata.net/svn/php_users/trunk
- 
 
 15 
but I recommend NOT using that as we use trunk as our personal playground and will commit broken code to it regularly
- 
 
 16 
 
- 
 
 17 
 
9 
==== Basic System ====
 18 
==== Basic System ====
10 
 
 19 
 
11 
When administrators edit a user, a list of permissions with their values shows up below the other fields. The admin can turn on/off a permission at this point.
 20 
When administrators edit a user, a list of permissions with their values shows up below the other fields. The admin can turn on/off a permission at this point.
12 
 
 21 
 
13 
The main function needed is isAuthorized( $permission ) which returns a true or false depending on the value and whether the user in question is an administrator (admins have full access).
 22 
The main function needed is isAuthorized( $permission ) which returns a true or false depending on the value and whether the user in question is an administrator (admins have full access).
Line 104... Line 113...
104 
   $_SESSION['user']->addPermission ( $connection, 'New Module 1', 'newmod1_edit', 'Edit Entry', 1 );
 113 
   $_SESSION['user']->addPermission ( $connection, 'New Module 1', 'newmod1_edit', 'Edit Entry', 1 );
105 
   // do not allow users to create a new entry unless they are an admin
 114 
   // do not allow users to create a new entry unless they are an admin
106 
   $_SESSION['user']->addPermission ( $connection, 'New Module 1', 'newmod1_add', 'Create Entry', 0 );
 115 
   $_SESSION['user']->addPermission ( $connection, 'New Module 1', 'newmod1_add', 'Create Entry', 0 );
107 
   // do not allow users to delete an entry unless they are an admin
 116 
   // do not allow users to delete an entry unless they are an admin
108 
   $_SESSION['user']->addPermission ( $connection, 'New Module 1', 'newmod1_del', 'Delete Entry', 0 );
 117 
   $_SESSION['user']->addPermission ( $connection, 'New Module 1', 'newmod1_del', 'Delete Entry', 0 );
109 
?>
 118 
</code>
110 
 
 119 
 
111 
This would create four permissions in the category 'New Module 1' and set all existing users to the default permission. It will create the category 'New Module 1' on the first call if it doesn't already exist.
 120 
This would create four permissions in the category 'New Module 1' and set all existing users to the default permission. It will create the category 'New Module 1' on the first call if it doesn't already exist.
112 
 
 121 
 
113 
NOTE: In some cases, you might want the first permission (Show Menu) to actually be in an existing category, maybe 'Menu'. Again, the categories are only there to make it easier to find a permission if your list grows.
 122 
NOTE: In some cases, you might want the first permission (Show Menu) to actually be in an existing category, maybe 'Menu'. Again, the categories are only there to make it easier to find a permission if your list grows.
114 
 
 123