CodeIgniter Forums

Full Version: Access Control of Controllers
You're currently viewing a stripped down version of our content. View the full version with proper formatting.
I use HMVC,

ONE : how i can route all requests to my_controller/my_method?
Quote:requests like :
- /standard_controller/function/some_input  :  file located at application/controllers/file.php
- /sub_folder/standard_controller/function/some_input  :  file located at application/controllers/sub_folder/file.php
- /module_name/controller_name/function/some_input  : file located at /modules/module_name/controllers/file.php

TWO : What is the best way for implement "ACCESS CONTROL" system? i have users and groups tables, defining privileges (any,none,authenticated,authorized,unauthenticated) for menu items and simple link_alias table.

is this right way that :

  1. all requests route to myRouter
  2. check request url ( ex. /module/controller/function or alias url) for privilages
  3. run or redirect
?
I'm replying for your second request.
Just create a base controller (MY_controller) in application/core folder.
Here its content:
PHP Code:
<?php  if ( ! defined('BASEPATH')) exit('No direct script access allowed');

class 
MY_Controller extends CI_Controller
{
 
 
 public function 
__construct(){
 
parent::__construct();
 
 
// if you are not connected, please be connect
 
          if ( ! $this->session->userdata('nomUser')){ 
 
                              redirect('connexion/connect');
 
                       }
 
//===============================*****============================================
 //list of protected methods to access 
 
 
$admin_methods = array();
 
 
$other_groups_methods = array('function_1','function_2');
 
            //============================================================
 // admin
 
if($this->session->userdata('profilUser')== 'admin'){
 
                       
              
//grab the controller/method name and compare with protected methods array
 
             if(in_array($this->router->method$admin_methods)){ 
 
redirect('controller_1/access_forbidden''refresh');    
      
}
//======================================================================
 
if($this->session->userdata('profilUser')== 'other_groups'){
 
                       
              
//grab the controller/method name and compare with protected methods array
 
             if(!in_array($this->router->method$other_goups_methods)){ 
 
redirect('controller_1/access_forbidden''refresh');    
 
}
 
 
  }

I hope it will help
And your controllers must extend MY_Controller, not CI_Controller
Code:
class one_class extends MY_Controller