Administration user permissions

Not for 'how-to' coding questions but PHP theory instead, this forum is here for those of us who wish to learn about design aspects of programming with PHP.

Moderator: General Moderators

Post Reply
deleet
Forum Commoner
Posts: 28
Joined: Thu Mar 23, 2006 10:05 am

Administration user permissions

Post by deleet »

Hey everyone.

I'm building an administration panel for a website which has a lot of functionality and is going to be managed by quite a few people.

I ran into a bit of a problem as the best way to make user permissions (which are editable) work.

Not everyone will have access to the entire admin panel and I'll need a way to define who has access to what.

First off, this has to be stored inside of the user's table, on a field. This is sort of a requirement. Also, I don't want to use serialized arrays.

The administration panel is divided by general categories, which in turn have pages, which have categories as well. Something like:

Article -> Add Article -> Article Category = Means a user can only add an article to that category.

Forums -> Moderator -> Forum Category = Means a user is a moderator for this forum category.

I've thought about a variety of things, having values comma separated, dashes in between (I'd be using explode of course), etc but I can't really figure out a good and / or proper way to do this.

Later on, super admins can edit each individual user's permissions via a bunch of presets / tons of checkboxes (this isn't really a problem to do) so I'd have to have the option to edit / update any part of the 'string'.

If you have any questions / suggestions I'd be glad to hear them.

Thanks for your help.

André Ferreira.
User avatar
Kieran Huggins
DevNet Master
Posts: 3635
Joined: Wed Dec 06, 2006 4:14 pm
Location: Toronto, Canada
Contact:

Re: Administration user permissions

Post by Kieran Huggins »

deleet wrote:...I don't want to use serialized arrays....
Why not? Sounds like an ideal solution to me...

You could have a default permissions array like:

Code: Select all

$default_perms['is moderator'] = false;
$default_perms['can moderate']=array('forum one','forum two');
And user permissions:

Code: Select all

$user_perms['is moderator'] = true;
$user_perms['can moderate']=array('forum two','forum three');
and then get the combined result with array_merge_recursive():

Code: Select all

$total_perms = array_merge_recursive($default_perms,$user_perms);

// now check:
if($total_perms['is moderator']){/*...*/}
// or
if(in_array('forum three',$total_perms['can moderate'])){/*...*/}
You could abstract this concept further into a class with a perm() getter/setter if the mood strikes you, but arrays work fine for the most part, and they merge nicely.
deleet
Forum Commoner
Posts: 28
Joined: Thu Mar 23, 2006 10:05 am

Post by deleet »

Well the reason was that I'm guessing serialize() isn't really compatible with any other languagues (say C#, ASP.NET, etc...).

If this is true, the data will be available for PHP and PHP only, which isn't really intended (later on I'm probably going to need to get these permissions from a C# application) so I'll have to find some other way.

I could eventually get / build some sort of a parser to actually use the information on a serialized form but that would be a bit of trouble imo.

I was hoping I could use a simple string with all of the info and then explode it (I believe explode or something very similar should exist in other languages) and handle the data that way. The problem is, it's going to be damn complex / hard with no serialize lol.

Is there any other alternative or does serialize() have a sibling in C# ? If not, how the hell am I going to get out of this one lol.

Also, a class is probably what I'm going to do since this seems useful for future uses.

Thanks again.

André Ferreira.
User avatar
Ollie Saunders
DevNet Master
Posts: 3179
Joined: Tue May 24, 2005 6:01 pm
Location: UK

Post by Ollie Saunders »

XML, XPath and XQuery is probably your best bet for platform independent complex relational data interchange.
User avatar
Kieran Huggins
DevNet Master
Posts: 3635
Joined: Wed Dec 06, 2006 4:14 pm
Location: Toronto, Canada
Contact:

Post by Kieran Huggins »

Maybe JSON would be a good alternative to serialize? the syntax is fairly simple and you could probably modify it to evaluate in any C type language fairly easily.
deleet
Forum Commoner
Posts: 28
Joined: Thu Mar 23, 2006 10:05 am

Post by deleet »

Looking into JSON seems like a good idea, I can use it in a wide variety of other languages (apparently there already is software to complement most languages to use JSON).

XML also seems quite useful for this so I haven't really decided yet.

Thanks for all your help.
Post Reply