0

i m using ci 2 and i saw in previous post here that u recommend tank_auth as best library for user auth. i downloaded it but couldnt figure out how to setup access level in tank_auth.

should i manually mod this ?

i was thinking of adding group_id field in users table and just tweak registration form to also save group_id to each new user, but i hate to reinvent the wheel so my question is this tweak already there ? or i should hard code it ? and if its not any clues about best way to do it so i dont mess the tank_auth code ?

thanks

Zalaboza
  • 8,899
  • 16
  • 77
  • 142

1 Answers1

1

You don't want to allow a hidden(group_id) field in your form because it could be manipulated.

Simply set it a default value for the group_id and change it via your administration.

BASIC Idea/Implementation:

add to your users table

`gid` smallint unsigned not null default 0, //or members default value

-

alter table `users` add index(`gid`);
alter table `users` foreign key(`gid`) references groups(`id`) on delete restrict on update restrict;

- You could normalize the permissions column here and have multiply choices

create table `groups`(
id smallint unsigned not null auto_increment primary key,
`name` varchar(20) not null,
`permissions` varchar(255) not null, //JSON object '["read", "edit", "delete", "admin", "super"]'
created_at datetime
)engine=innodb;//or whatever engine you like

-

Off the top of my head

class MY_Controller extends CI_Controller{

     protected $_user;
     protected $_permissions=array();
     protected $_group;
     public function __construct()
     { 
         parent::__construct();

         //check for a user logged in
         $this->_user = ( $user ) ? $user : NULL;

         //if user, get group and permissions
         if($this->_user !== NULL)
         {
             $this->_get_group();
             $this->_get_permissions(); 
         }
     }

     public function _get_group(){
         return $this->_group = $this->_user->group->name; //need to work this bit out
     }

      public function _get_permissions(){
         return $this->_permissions = json_decode($this->_user->permissions, TRUE); 
     }


     public function can_read(){
         return in_array('read', $this->_permissions);
     }

     /// and so on etc
 }
Philip
  • 4,592
  • 2
  • 20
  • 28