+- CodeIgniter Forums (https://forum.codeigniter.com)
+-- Forum: Using CodeIgniter (https://forum.codeigniter.com/forumdisplay.php?fid=5)
+--- Forum: General Help (https://forum.codeigniter.com/forumdisplay.php?fid=24)
+--- Thread: How to implement Access Control List? (/showthread.php?tid=62580)
How to implement Access Control List? - phamdinhnam3 - 07-31-2015
Hi!
I have a client model, a specialist model and a wholesaler model. I need to setup CRUD actions but need to ensure that only clients assigned to a specific specialist are visible on that specialist's login list. How do I implement role based authorization such as this using CI?
RE: How to implement Access Control List? - msteudel - 08-03-2015
If a client can only belong to one specialist, then you'll want to add a specialist_id to the clients table.
If a client can belong to multiple specialists, then you'll want a mapping table:
clients_specialists
client_id | specialist_id
Then on your CRUD pages before you let them edit anything, you can check your tables to make sure that the client actually belongs to the specialist.
PHP Code:
if( $this->specialist_model->has_client( $client_id ) {
// show form
}
else {
// show error
}