Welcome Guest, Not a member yet? Register   Sign In
How to implement Access Control List?
#1

Hi!
I have a client model, a specialist model and a wholesaler model. I need to setup CRUD actions but need to ensure that only clients assigned to a specific specialist are visible on that specialist's login list. How do I implement role based authorization such as this using CI?
Reply
#2

(This post was last modified: 08-03-2015, 11:01 PM by msteudel.)

If a client can only belong to one specialist, then you'll want to add a specialist_id to the clients table.

If a client can belong to multiple specialists, then you'll want a mapping table:

clients_specialists
client_id | specialist_id

Then on your CRUD pages before you let them edit anything, you can check your tables to make sure that the client actually belongs to the specialist.



PHP Code:
if( $this->specialist_model->has_client$client_id ) {
    // show form
}
else {
  // show error

Reply




Theme © iAndrew 2016 - Forum software by © MyBB