Page 1 of 1

PHP And Access Control Lists

Posted: Thu Jul 20, 2006 9:32 am
by MrPotatoes
this is kind of ambiguous in nature so i wasn't sure if i should ask here or in theory and design. so i just put it here to be safe. although i do think that it could go in T&D ;)

well the question is this. are there any tutorials on Access Control lists? i want to make my permissions system just like this because it's just the easiest one to work with and i can't use his system because of it's license. i need to make most of my stuff proprietary. i could look at his code (which i have extensible) and his documentation (to great exhaustion) but it's not the end of it. i need to implement something like this. honestly, it's just the best way or doing users/groups and accounts. better than a PHP file per type of account honestly. well, duh

thanx for your help

Posted: Thu Jul 20, 2006 9:48 am
by MrPotatoes
also, i think i should say that i can use thier code for awhile until we make our own but i'd rather not use thier ugly admin interface. and personally i try to stay away from Joins but with what i understand for normalization it's nessessary. *whine*

Posted: Thu Jul 20, 2006 10:27 am
by Burrito
I assume there was supposed to be a link to something we were supposed to see?

the way I've handled permissions issues in the past was through a binary represenation of a permissions level.

for example, I might have a permissions level of '8'. I can then use bitwise operators to determine if my permissions level is sufficent to allow me to do certain thins.

ie:

Code: Select all

$rqLevel = 16;
if($_SESSION['level'] & $rqLevel)
  // allow it
else
 // don't allow it
you can then store permissions levels (for both users and actions) as a single number on a database or a flat file.

Posted: Thu Jul 20, 2006 10:41 am
by MrPotatoes
http://phpgacl.sourceforge.net/

i could do it your way but my system gets more and more complicated by the second. the problem is that i'ts all reay documented but the user account i retardedly never have really programmed and i made something up that was cool. still is but now i've noticed how feable it is currently. because it's a lameass way of doing things. so i have to redocument it and rewrite it (well the other developer not me lol).

the system up there that i linked to (i figured more people would already know about it) is a way of doing things from a top down view. it's permissions are set after you create the groups. i think it's a sweet system. it's what i'm going to model mine after. makes everything very easy to work with honestly, i think i'm going to do it that way but add some speed improvements

example of how it works/looks. his admin section is alot uglier if you ask me but this is in general the way that it works
[img]http://www.phpmvc.net/docs/guides/acl-art/ACLTreeSD.png[/b]

Posted: Thu Jul 20, 2006 6:29 pm
by MrPotatoes
christ, i only posted it this morning and it's already on page two? you people move too quickly. i'm gonna bump this to see if there is anyone else out there that knows more about ACL and tutorials hopefully