1

When I type in my base url http://localhost/myproject/admin it keeps on sending me to my permissions page. The http://localhost/myproject/admin is the base_url().

My core/Controller.php how it works is that it checks if can access the controllers and if is not in the ignore list then gets redirected to permissions else have access to page.

What I would like to know if it is possible to some how to also add my base_url() so it ignores it and lets me have access to it. I am not sure where would be best to add it in code below.

<?php if ( ! defined('BASEPATH')) exit('No direct script access allowed');

// I am not using MY_Controller works with Controller fine.
class Controller extends CI_Controller { 

public function __construct() {
    parent::__construct();

    $url = $this->uri->segment(1).'/'.$this->uri->segment(2);

    if (isset($url)) {
        $route = '';

        $segment = explode('/', $url);

        if (isset($segment[0])) {
            $route .= $segment[0];
        }

        if (isset($segment[1])) {
            $route .= '/' . $segment[1];
        }

        // $route would equal example: common/dashboard

        // $segment[0] folder i.e common
        // $segment[1] controller 

        $ignore = array(
            'common/dashboard',
            'common/login',
            'common/forgotten',
            'common/reset',
            'error/not_found',
            'error/permission'
        );

        if (!in_array($route, $ignore)) {
            redirect('permission');
        }
    }
}
}
  • I all ready have configure the routes and default controller. –  Feb 21 '15 at 14:21
  • There is better way to that, like using hooks with config file that contains all your routes, or using `_remap()` function. Anyway you can add `admin/index` to your `$ignore` array – JC Sama Feb 21 '15 at 14:28
  • Would prefer the away above. Beacue I have other permssions that will be adding to it unless you can show an example on what to do in hooks. –  Feb 21 '15 at 14:30
  • I am sure you have routes configured but if you want to do some other override for particular cases routes should still be able to achieve this using the `(:any)` and indexed URI params `$1/$2` etc – Mike Miller Feb 21 '15 at 14:54

2 Answers2

1

Check the permission using Hook :

1 - Create a config file config/acl.php :

<?php  if ( ! defined('BASEPATH')) exit('No direct script access allowed');

$acl = array(
    'role_permission' => array(
        'role/index' => 'access_show_roles_list',
        'role/add' => 'access_add_role',
        'role/edit' => 'access_edit_role',
        'role/delete' => 'access_delete_role',
        'permission/index' => 'access_permission_list',
     ),
    'users' => array(
        'user/index' => 'access_show_users_list',
        'user/add' => 'access_add_user',
        'user/edit' => 'access_edit_user',
        'user/delete' => 'access_delete_user',
        'user/profil' => 'access_profil_user',
        'user/showpasswd' => 'access_show_password',
    ),
);
$config['acl'] = $acl;

2 - Create a Hook Hooks/Autorization.php :

if (!defined('BASEPATH'))
    exit('No direct script access allowed');

class Authorization {

    private $ci;

    public function __construct(){
        $this->ci = &get_instance();
    }

    public function authorize()
    {
        if (!$this->_has_access()) {
            if ($this->ci->input->is_ajax_request())
                die('-9');

            show_404();
        }
    }

    private function _has_access() {
        $class = $this->ci->router->class;
        $action = $this->ci->router->method;
        $full_action = $class . '/' . $action;
        // --> Start
        $acl = $this->ci->config->item('acl');
        $arr_acl = array();

        array_map(function($value) use (&$arr_acl){
            $arr_acl = array_merge($arr_acl, $value);
        }, array_values($acl));
        // --> End

        if (isset($arr_acl[$full_action])
            && !in_array($full_action, $this->ci->user->permissions))
            return false;

        return true;
    }
}

3 - Activate the hook, by setting enable_hooks to TRUE in config/config.php : 

$config['enable_hooks'] = TRUE;

4 - Setup the Autorization hook, config/hooks.php :

$hook['post_controller_constructor'][] = array(
    'class'    => 'Authorization',
    'function' => 'authorize',
    'filename' => 'Authorization.php',
    'filepath' => 'hooks',
    'params'   => array()
);

5 - Add the translation for the permissions, language/english/permissions_lang.php :

/* ROLE */
$lang['access_show_roles_list'] = "Show all roles.";
$lang['access_add_role'] = "Add new role.";
$lang['access_edit_role'] = "Update a role.";
$lang['access_delete_role'] = "Delete a role.";
$lang['access_change_role_status'] = "Change role stat Enabled/Disabled.";
$lang['access_permission_list'] = "Access to the permissions list.";

6 - Add acl.php to the autoload file, in config.autoload.php :

$autoload['config'] = array('acl');

That's it.

JC Sama
  • 2,214
  • 1
  • 13
  • 13
  • The other permissions that told you need are stored in session in_array `$this->session->userdata('access')` in stead of typing the $acl manually could I add in_array($this->session->userdata('access')) as shown here var dump sessions http://stackoverflow.com/questions/28625941/in-array-not-working-codeigniter just look at the var dump –  Feb 21 '15 at 15:17
  • I forgot to mention, there is a part for role and permission stored in database, and when the user is logged in you fetch all the permissions for this user's role `$this->user->permissions` – JC Sama Feb 21 '15 at 15:43
  • I do not need the config part all of my access are stored in that session array How can I just use that –  Feb 21 '15 at 15:45
  • You could try : `!in_array($full_action, $this->ci->session->userdata('access')) return false` – JC Sama Feb 21 '15 at 15:47
  • Did not work lots of error due to the fact still needs config_item –  Feb 21 '15 at 15:49
  • you can comment the part I'll mention in my answer. – JC Sama Feb 21 '15 at 15:54
  • Let us [continue this discussion in chat](http://chat.stackoverflow.com/rooms/71391/discussion-between-mustang83-and-jc-sama). –  Feb 21 '15 at 16:12
1

Nobody mentioned but you use reserved name for your Controller. Change it and see if works.

Tpojka
  • 6,996
  • 2
  • 29
  • 39
  • I know I tried that is OK but prefer to Have all the extend classes the same. –  Feb 22 '15 at 04:45