[eluser]dinhtrung[/eluser]
Hi Phil, I read your code, and found the Permission module very interesting. You store all the permission values in permission_rules table, then later get it to see if the admin can access to module and controller. Is there anyway to do some extra feature like below?
- In Admin Control Panel, when I add new permission, I can choose Module, but only "All Controllers" and "All methods". This page need some jQuery or Ajax script to populate the Controllers and Methods whenever user change Modules. Maybe, store controllers in a variable, store methods as array (controllers_method), then use jQuery to filter them out.
- Change the form into a table with all available modules and methods for easy select (like Drupal). Tick the checkbox with value="module_method_controllers", for example.
- Store all rules permission in the permission_roles.permissions field, with json_encode($_POST['permissions']) or implode(";", $this->input->post('permission')) and store all those permission data in session. I think this will save a table, and alot of code (to view navigation admin panel, to check for permission...)
- I really like the idea of using cache to store permission data (in your MX_Acl library) and DX_Auth regexp to check for permission (like /controllers/* can access all methods in controlles, and /controllers/add/ can only add... etc). Can we change pyroCMS to use the same?
Is there something I could help?
