Page 1 of 1

Need help with access permissions logic

Posted: Mon Nov 14, 2005 4:20 pm
by dallasx
I'm trying to turn the employee portion of my company's website into something more dynamic.

I've sat here and thought about for awhile now... and maybe I started thinking about it too hard or in reverse or something else. I'm burned out but I know there is probably a simple answer.

I have a side menu in my employee section. The menu consists of two parts documents that everyone can see [company wide] and documents for each department [department specific].

The company wide documents I don't care about protecting from any employee. Basically if you have a valid employee account, you can see these.

Now comes my hurdle.

Based on some form of access structure(values stored in a db), I want to be able to display each department section to certain employees who have access and certain employees in that department would have restricted access to certain documents.

Sounds like the job of a two-dimensional array but I don't know...

Posted: Mon Nov 14, 2005 5:32 pm
by CorpDirect
I've been thinking on a remarkably similar design issue for our site, and came up with this idea: get the user type/level/department/whatever from the DB table with user info at login time, store it in a session variable, then use that value to filter query results for menus/access restrictions/etc. throughout the site.

Code: Select all

SELECT menu_item FROM department_menu WHERE department_id = $DepartmentID
Hopefully that's a viable solution; now I just have to figure out how to implement it! Being a PHP nOOb I'm eager to see other suggestions here, too.

Daniel

Posted: Mon Nov 14, 2005 5:58 pm
by dallasx
CorpDirect wrote:I've been thinking on a remarkably similar design issue for our site, and came up with this idea: get the user type/level/department/whatever from the DB table with user info at login time, store it in a session variable, then use that value to filter query results for menus/access restrictions/etc. throughout the site.

Code: Select all

SELECT menu_item FROM department_menu WHERE department_id = $DepartmentID
Hopefully that's a viable solution; now I just have to figure out how to implement it! Being a PHP nOOb I'm eager to see other suggestions here, too.

Daniel
Couldn't have said it better myself, hehehe.

This is a design that I thought about that's simple, will work but I'm not sure if it's optimal. Given you have two tables that are called [departments] and [functions] with department_id and function_id, respectively.

I think of a function as a page (functional unit) for employees to alter information.

Create an access_permissions table with the following fields:
  • employee_id
    department_id
    function_id
    (more fields if needed)
The way I've thought about doing it would be to store the department id's and function id's in arrays. That's what I don't know if I doing right.