CodeIgniter Forums
How to root permissions effectively? (CI 3.11) - Printable Version

+- CodeIgniter Forums (https://forum.codeigniter.com)
+-- Forum: Using CodeIgniter (https://forum.codeigniter.com/forum-5.html)
+--- Forum: General Help (https://forum.codeigniter.com/forum-24.html)
+--- Thread: How to root permissions effectively? (CI 3.11) (/thread-78362.html)



How to root permissions effectively? (CI 3.11) - hobbyci - 01-08-2021

Hello,

for the sake of practice to get better and better I plan a login script.

I want to share my idea and need some feedback.


tables:
user
-id (primary)
-name
-email
-role_id (Foreignkey)
-some_user_infos
-...

roles
-id (primary)
-allow_blog_entries_write
-allow_blog_entries_edit
-allow_some_property
-...

Okay, the database structure is clear.

My plan is to create first following classes:

class CommonController extends CI_Controller
-for some basic methods 

class UserController extends CommonController
-for methods like change_some_profile_setting()

class ModController extends UserController
-for methods like edit_entry($id, $table, ...)

class AdminController extends ModController
-for methods like delete_post($id, $table, ...)

This should give an small overview.

Lets assume I create a controller for a page called "blog"

controller Blog extends (WHICH_ONE_SHOULD_I_CHOOSE)
-method article($slug) //show article with $slug


If something like this is possible, how can I manage this?
What is a typical approach to do something like this?

What about this way?

class My_Controller extends CI_Controller

class Blog extends My_Controller

in construct() do something like:

check permission of user and load a library, where the methods of the library are edit, delete, what ever.

Or should I walk another way?

Thanks for helping.


RE: How to root permissions effectively? (CI 3.11) - includebeer - 01-09-2021

I don’t see why all the controllers extends the level underneath them (admin -> mod -> user...). Why can’t they just extend your CommonController?

In an old CI3 project I made some time ago, my approach was a library to deal with the user’s authorization. The user’s info are in the session. The constructor in the common controller call a function from that lib to see if the user is logged in and has the right permission. If not it redirect to the login page or an error page.


RE: How to root permissions effectively? (CI 3.11) - hobbyci - 01-16-2021

Thanks for your answer.

I will manage like you´ve suggested. Via a library.


RE: How to root permissions effectively? (CI 3.11) - InsiteFX - 01-17-2021

Before you begin I suggest that you read this article first.

Implementing Secure User Authentication in PHP Applications with Long-Term Persistence (Login with "Remember Me" Cookies)


RE: How to root permissions effectively? (CI 3.11) - hobbyci - 01-18-2021

Thank you.