CodeIgniter Forums
Authorization RBAC - Printable Version

+- CodeIgniter Forums (https://forum.codeigniter.com)
+-- Forum: Using CodeIgniter (https://forum.codeigniter.com/forumdisplay.php?fid=5)
+--- Forum: Best Practices (https://forum.codeigniter.com/forumdisplay.php?fid=12)
+--- Thread: Authorization RBAC (/showthread.php?tid=75224)



Authorization RBAC - JoellSVK - 01-14-2020

Hello,
I am just dealing with authorization in a multi-app environment for my project.

Setup is like that my project uses single CI core, one shared folder as a shared app/module and then independent apps that uses that shared app and CI core.

Now I prepared authorization and authentication classes. Authentication is done via a filter so that part is covered, when any request is made, it goes through this filter, but now I need to process authorization (permissions to use apps). I have for each app (exe, read, write, modify, special and full) access permissions to do actions.

1. How do you deal with first access to execute in the controller? Do you put it to initController? In previous, I would use constructor but in CI4 constructor is called before initializing of controller that makes hard to return view (actually it is not possible)

2. How you deal with access denied? Do you use exception such as 404 or simple you call-in function return view with access denied?

Any suggestion for how this could be done in the most logical way? Smile

THX


RE: Authorization RBAC - InsiteFX - 01-14-2020

I would create a filter for it

See Lonnie's Myth Auth and how he doe's it.

Myth:Auth