[eluser]Majd Taby[/eluser]
[quote author="Neophyte" date="1201646984"]
Code:
/*
* KhACL
* bool allow ( string $aro, string $aco [, string $axo ] )
* bool deny ( string $aro, string $aco [, string $axo ] )
* bool check ( string $aro, string $aco [, string $axo ] )
*
* KhACL->ARO
* bool create ( string $aro [, string $aro_parent [, int $link ]] )
* bool delete ( string $aro )
*
* KhACL->ACO
* bool create ( string $aco [, string $aco_parent [, int $link ]] )
* bool delete ( string $aco )
*
* KhACL->AXO
* bool create ( string $axo )
* bool delete ( string $axo )
*/
// Examples - KhACL
$this->khacl->allow('editors', 'news', 'publish');
$this->khacl->deny('anonymous', 'news', 'comment');
$allowed = $this->khacl->check('neophyte', 'news', 'comment');
// Examples - KhACL->ARO
$this->khacl->aro->create('neophyte', 'editors');
$this->khacl->aro->delete('neophyte');
// Examples - KhACL->ACO
$this->khacl->aco->create('news', 'modules');
$this->khacl->aco->delete('news');
// Examples - KhACL->AXO
$this->khacl->axo->create('publish');
$this->khacl->axo->delete('publish');
[/quote]
This would be perfect for the new release of CodeExtinguisher. However, i'm not very familiar with the ACL pattern. Here's what I picked up from your post:
1) You use KhACL->allow and deny to specify the rules. In you're example, you're saying: I want to allow editors to publish news, and i want to deny anonymous to comment on news. then you check if neophyte can comment on news, right?
2) You define an aro->create('neophyte','editors') which means neophyte is an editor
3) you defined news to be a module
4) finally, you defined the publish action.
Correct?
does KhACL use a db to keep track of this?