CodeIgniter Forums
Access Control of Controllers - Printable Version

+- CodeIgniter Forums (https://forum.codeigniter.com)
+-- Forum: Using CodeIgniter (https://forum.codeigniter.com/forumdisplay.php?fid=5)
+--- Forum: Best Practices (https://forum.codeigniter.com/forumdisplay.php?fid=12)
+--- Thread: Access Control of Controllers (/showthread.php?tid=62088)

Access Control of Controllers - nasser.man - 06-08-2015

I use HMVC,

ONE : how i can route all requests to my_controller/my_method?
Quote:requests like :
- /standard_controller/function/some_input  :  file located at application/controllers/file.php
- /sub_folder/standard_controller/function/some_input  :  file located at application/controllers/sub_folder/file.php
- /module_name/controller_name/function/some_input  : file located at /modules/module_name/controllers/file.php

TWO : What is the best way for implement "ACCESS CONTROL" system? i have users and groups tables, defining privileges (any,none,authenticated,authorized,unauthenticated) for menu items and simple link_alias table.

is this right way that :

  1. all requests route to myRouter
  2. check request url ( ex. /module/controller/function or alias url) for privilages
  3. run or redirect
?

RE: Access Control of Controllers - Hyper-X - 07-13-2015

I'm replying for your second request.
Just create a base controller (MY_controller) in application/core folder.
Here its content:
PHP Code:
<?php  if ( ! defined('BASEPATH')) exit('No direct script access allowed');

class MY_Controller extends CI_Controller
{
 
 
 public function __construct(){
 parent::__construct();
 
 // if you are not connected, please be connect
           if ( ! $this->session->userdata('nomUser')){ 
                               redirect('connexion/connect');
                        }
 //===============================*****============================================
 //list of protected methods to access 
 
 $admin_methods = array();
 
 $other_groups_methods = array('function_1','function_2');
             //============================================================
 // admin
 if($this->session->userdata('profilUser')== 'admin'){
                        
              //grab the controller/method name and compare with protected methods array
              if(in_array($this->router->method$admin_methods)){ 
 redirect('controller_1/access_forbidden''refresh');    
      }
//======================================================================
 if($this->session->userdata('profilUser')== 'other_groups'){
                        
              //grab the controller/method name and compare with protected methods array
              if(!in_array($this->router->method$other_goups_methods)){ 
 redirect('controller_1/access_forbidden''refresh');    
 }
 
   }

I hope it will help

RE: Access Control of Controllers - Hyper-X - 07-13-2015

And your controllers must extend MY_Controller, not CI_Controller
Code:
class one_class extends MY_Controller