Welcome Guest, Not a member yet? Register   Sign In
CodeIgniter Forums External Resources Addins Community Auth - User Levels
Community Auth - User Levels
  • Offline easymusic
    Newbie
  • *
  • Posts: 7
    Threads: 1
    Joined: Jun 2016
    Reputation: 0
#1
08-24-2016, 02:05 AM

I have a pressing issue in which I have solved apart of it. 
My aim is to use Community Auth to verify and authenticate all my users based on specific roles, So far I have been able to implement a form in which users can register correctly, where an auth_level is assigned to them based on their selection of a rank name (administrator, supervisor, manager etc).
My problem is this: I have a section in which an administrator can create a rank, but when the rank is created the auth_level is 0, now that is not so much a problem as it can be made auto-incremental or a text input can allow them to define the auth level associated with the new rank. (any better suggestions on this part will be really appreciated)

The main problem is, once that rank has been created and assigned to a user who then logs in, this error comes up:

PHP Code:
A PHP Error was encountered SeverityNotice MessageUndefined offset
<- the number corresponds to the value of the auth_level of the rank. 
That is if it has not been configured here
PHP Code:
$config['levels_and_roles'


Is there a way to link my form with the config level part of the authentication? 
Any help will be appreciated.
Reply
  • Offline skunkbad
    Senior Citizen
  • *****
  • Posts: 1,300
    Threads: 63
    Joined: Oct 2014
    Reputation: 86
#2
08-24-2016, 06:18 PM

What I usually do is have a form dropdown that allows the creator to select the created user's role, and then in the form validation confirm that the posted level is allowed for the logged in user. So for instance, if your admin is level 99 and the creator is some other role, like level 40 (supervisor), you don't want a level 40 user to alter the form and create a level 99 user.

So there is no short answer here, and that's part of the reason why Community Auth only comes with very basic examples. You just need to hammer out your own solution.
Expert Website Development - Temecula, CA
Community Auth For CodeIgniter 3
Reply
  • Offline easymusic
    Newbie
  • *
  • Posts: 7
    Threads: 1
    Joined: Jun 2016
    Reputation: 0
#3
08-31-2016, 03:36 AM

Thanks for the swift reply, but I have two more question.
I call require_min_level (x) to force authentication, but can I use require_min_role (x)? or can it not be done?
Also using verify_min_level, why is it that I get a blank page if I do not have that specific level, is there a way to put a message that you simply do not have access to this page?
Reply
  • Offline skunkbad
    Senior Citizen
  • *****
  • Posts: 1,300
    Threads: 63
    Joined: Oct 2014
    Reputation: 86
#4
08-31-2016, 06:53 AM

(08-31-2016, 03:36 AM)easymusic Wrote: Thanks for the swift reply, but I have two more question.
I call require_min_level (x) to force authentication, but can I use require_min_role (x)? or can it not be done?
Also using verify_min_level, why is it that I get a blank page if I do not have that specific level, is there a way to put a message that you simply do not have access to this page?

You just use the two methods differently.

Let's say you want to allow any user from level 284 to 10000000 to have access, then:

PHP Code:
if( $this->require_min_level(284) ){
  // levels 284 to 10000000 have access ....


But, if you want to instead grant access to the two roles foo and bar:

PHP Code:
if( $this->require_role('foo,bar') ){
  // Only roles foo and bar have access ....


There is no method "require_min_role".

Finally, if you want to allow any user that is logged in to have access, try either:

PHP Code:
if( $this->require_min_level(0) ) {}

// OR

if( $this->require_min_level(1) ) {} 
Expert Website Development - Temecula, CA
Community Auth For CodeIgniter 3
Reply
  • Offline easymusic
    Newbie
  • *
  • Posts: 7
    Threads: 1
    Joined: Jun 2016
    Reputation: 0
#5
08-31-2016, 09:53 AM
(This post was last modified: 08-31-2016, 09:54 AM by easymusic.)

I thought as much, I thought perhaps a method such as require_min_role would allow access to anyone with that level and above.

I understand how to use the require_min_level as it redirects back to the home method if you do not have access, my issue is with verify_min_level, if the verification fails, (user level not high enough), I just get a blank white page! Is there provision to show an error message instead?
If not can I do it by editing the authentication method itself so I don't have to add it to every single controller.
Reply
  • Offline skunkbad
    Senior Citizen
  • *****
  • Posts: 1,300
    Threads: 63
    Joined: Oct 2014
    Reputation: 86
#6
08-31-2016, 12:53 PM

Well yes, when you use a verify method, you must provide an alternative. I often do this with AJAX calls, because you don't want to redirect to login for an ajax call. Instead, it ends up being something like this:


PHP Code:
if( $this->verify_role('admin') )
{
  // Do admin stuff
}

// No admin logged in
else
{
  // echo json_encode(['status' => 'no_auth']);

Expert Website Development - Temecula, CA
Community Auth For CodeIgniter 3
Reply




Theme © iAndrew 2016 - Forum software by © MyBB