Need help with access permissions logic

Not for 'how-to' coding questions but PHP theory instead, this forum is here for those of us who wish to learn about design aspects of programming with PHP.

Moderator: General Moderators

Post Reply
User avatar
dallasx
Forum Contributor
Posts: 106
Joined: Thu Oct 20, 2005 4:55 pm
Location: California

Need help with access permissions logic

Post by dallasx »

I'm trying to turn the employee portion of my company's website into something more dynamic.

I've sat here and thought about for awhile now... and maybe I started thinking about it too hard or in reverse or something else. I'm burned out but I know there is probably a simple answer.

I have a side menu in my employee section. The menu consists of two parts documents that everyone can see [company wide] and documents for each department [department specific].

The company wide documents I don't care about protecting from any employee. Basically if you have a valid employee account, you can see these.

Now comes my hurdle.

Based on some form of access structure(values stored in a db), I want to be able to display each department section to certain employees who have access and certain employees in that department would have restricted access to certain documents.

Sounds like the job of a two-dimensional array but I don't know...
CorpDirect
Forum Newbie
Posts: 6
Joined: Mon Nov 14, 2005 4:17 pm

Post by CorpDirect »

I've been thinking on a remarkably similar design issue for our site, and came up with this idea: get the user type/level/department/whatever from the DB table with user info at login time, store it in a session variable, then use that value to filter query results for menus/access restrictions/etc. throughout the site.

Code: Select all

SELECT menu_item FROM department_menu WHERE department_id = $DepartmentID
Hopefully that's a viable solution; now I just have to figure out how to implement it! Being a PHP nOOb I'm eager to see other suggestions here, too.

Daniel
User avatar
dallasx
Forum Contributor
Posts: 106
Joined: Thu Oct 20, 2005 4:55 pm
Location: California

Post by dallasx »

CorpDirect wrote:I've been thinking on a remarkably similar design issue for our site, and came up with this idea: get the user type/level/department/whatever from the DB table with user info at login time, store it in a session variable, then use that value to filter query results for menus/access restrictions/etc. throughout the site.

Code: Select all

SELECT menu_item FROM department_menu WHERE department_id = $DepartmentID
Hopefully that's a viable solution; now I just have to figure out how to implement it! Being a PHP nOOb I'm eager to see other suggestions here, too.

Daniel
Couldn't have said it better myself, hehehe.

This is a design that I thought about that's simple, will work but I'm not sure if it's optimal. Given you have two tables that are called [departments] and [functions] with department_id and function_id, respectively.

I think of a function as a page (functional unit) for employees to alter information.

Create an access_permissions table with the following fields:
  • employee_id
    department_id
    function_id
    (more fields if needed)
The way I've thought about doing it would be to store the department id's and function id's in arrays. That's what I don't know if I doing right.
Post Reply