+- CodeIgniter Forums (https://forum.codeigniter.com)
+-- Forum: Archived Discussions (https://forum.codeigniter.com/forumdisplay.php?fid=20)
+--- Forum: Archived General Discussion (https://forum.codeigniter.com/forumdisplay.php?fid=21)
+--- Thread: Implementing MM_USERGROUP in codeIgniter (/showthread.php?tid=38506)
Implementing MM_USERGROUP in codeIgniter - El Forum - 02-10-2011
[eluser]afro[/eluser]
am implementing a eleave system, i would like to group the admin users into four groups. The first will be the system administrator, the second will be the administration whose job is to approve the applied leaves, the third group will be the help desk who will also be approving the leaves the last group will be the ceo at the top.
So the question is that how to i implement MM_USERGROUP with CodeIgniter in such a situation.
Thanks in advance.
Implementing MM_USERGROUP in codeIgniter - El Forum - 02-10-2011
[eluser]osci[/eluser]
I'm currently working on something like this in my auth system.
I haven't decided thought which roadmap i should select.
I'll explain them both.
Roadmap 1
Tables
user (id, username, psswd)
roles (id, descr)
user_roles (user_id, role_id)
This way you can assign to a user as many roles as you want and whenever you need you'll check if the user has the desired role.
Roadmap 2
Tables
user (id, username, psswd, role_id)
roles (id, descr, strength)
Let me give an example for this.
role sysadmin strength 100
role admin strength 90
role publisher strength 70
role uploader strength 50
role editor strength 50
role member strength 10
let's say you have a function you want available to publisher. the publisher's strength is checked and if the user's strength is >= the publisher's strength the user is allowed. this is more like a hierarchical auth system.
I started writing my auth using the first roadmap as I can explicity check if a user is in the allowed array of users ie user_role_is('admin', 'helpdesk'). I like this roadmap more but I don't know if there are any drawbacks yet.
Implementing MM_USERGROUP in codeIgniter - El Forum - 02-10-2011
[eluser]afro[/eluser]
thanks OSCI,
I was think of the following roadmap but got stuck,
$accessLevels = array("1","2","3","4");
$validLevel = $_SESSION['MM_UserGroup'];
if(array_search($validLevel, $accessLevels)>-1)
{
$this->load->view('systemadmin');
}
if(array_search($validLevel, $accessLevels)>-2))
{
$this->load->view('administration');
}
if(array_search($validLevel, $accessLevels)>-3))
{
$this->load->view('helpdesk');
}
if(array_search($validLevel, $accessLevels)>-4))
{
$this->load->view('ceo');
}
as u can see each user group is assign access level through that digit, can someone guide me from this point.
Implementing MM_USERGROUP in codeIgniter - El Forum - 02-10-2011
[eluser]osci[/eluser]
array("1","2","3","4") creates keys as of 0,1,2,3 respectively.
if something is not found in array_search it returns false otherwise it returns that key.
I don't understand why the minus is used in the comparisons.
based on your code and taking into consideration the false occasion
Code:
$accessLevels = array("1","2","3","4");
$validLevel = $_SESSION['MM_UserGroup'];
$search_result = array_search($validLevel, $accessLevels);
if ($search_result === FALSE)
{
// code for access denied
} else {
if ($search_result < 1)
{
$this->load->view('systemadmin');
}
if ($search_result < 2)
{
$this->load->view('administration');
}
if ($search_result < 3)
{
$this->load->view('helpdesk');
}
if ($search_result < 4)
{
$this->load->view('ceo');
}
}The way your code is structured if you are a sysadmin you see all views.
Should sysadmin see all views or only his?
Implementing MM_USERGROUP in codeIgniter - El Forum - 02-10-2011
[eluser]afro[/eluser]
the systemadmin should be able to view the whole system, has no restrictions.