My "official" ACL plugin for CI - Now with [some] documentation |
[eluser]bkirkman[/eluser]
I've been familiarizing myself with the plug-in as I incorporate it into a project. Would it be possible/beneficial to pass an array of role_ids to user_has_role() and group_has_role() instead of just a single role_id? I'm guessing many times in a project, access would be given based on a handful of roles. (Of course we could just use OR statements.) I'm also guessing a hierarchy or ranking of roles is often used for ACLs. There also might be other class methods where passing an array to it might be beneficial. Just a couple of thoughts.
[eluser]Dean Rantala[/eluser]
[quote author="bkirkman" date="1267249266"]I've been familiarizing myself with the plug-in as I incorporate it into a project. Would it be possible/beneficial to pass an array of role_ids to user_has_role() and group_has_role() instead of just a single role_id? I'm guessing many times in a project, access would be given based on a handful of roles. (Of course we could just use OR statements.) I'm also guessing a hierarchy or ranking of roles is often used for ACLs. There also might be other class methods where passing an array to it might be beneficial. Just a couple of thoughts.[/quote] That sounds like a great idea, however. The thinking was database optimization. I could implement this, but I would not recommend it unless using it on an ACL user/group/role objects: i.e.: Code: $user = $acl->get_user('10',TRUE); The reason is: when you return a user object one of the options is to auto hydrate (or not). The default [when returning ACL users, groups, and roles] is NOT to hydrate. When you auto hydrate, the ACL user/group/role objects pre-polulate [load] all the relating info into variables. This way, multiple tests are only comparing variables rather than making repetitive database calls. Ideally, when a user is logged in, you would instantly create a ACL user object that represents that user. In the case of the ACL class, you would not (even from a logical programmatic standpoint) have auto hydration going on in the parent ACL object level. So bottom line is: passing arrays for checking can be implemented at both the core ACL level AND ACL user/group/role levels - but only advisable to use this feature at the user/group/role levels. This way, auto hydration makes it easy and much more practical from a performance standpoint. I will work on integrating this into the classes sometime this next couple weeks unless someone wants to pitch in ;-)
[eluser]bkirkman[/eluser]
Aha, thanks. That makes sense. Have you been successful at storing the user object as a session object? I haven't tried yet. There seems to be quite the shake-up regarding session objects here. http://ellislab.com/forums/viewthread/95690/
[eluser]masrodjie[/eluser]
Thanks for your plugin. I has been tried and it's look good. But it have small bug. When you try : Code: $this->acl->add_role_to_user(2, 1); it generate error. In acl.php line 654: Code: $this->db->insert($this->db_table['user_roles'],$data); it should be: Code: $this->db->insert($this->_table['user_roles'],$data);
[eluser]North2Alaska[/eluser]
Is this plug-in still being developed/supported? I find it interesting and would like to work at converting it to CI 2.x and PHP 5.3.x.
[eluser]Kevin Phillips[/eluser]
I've created a simple Role Base ACL and User Login system that does not require a database setup. You can download it from my personal blog http://www.kevinphillips.co.nz or from github https://github.com/dollardad/CI-ACL I look forward to your feed back
[eluser]Unknown[/eluser]
sorry guys, i can't to download the file. Pls advise give me how to?
[eluser]Unknown[/eluser]
Helo... I'm very interested with this ACL, unfortunately. The link is dead. Can you have some new link? Many thanks... |
Welcome Guest, Not a member yet? Register Sign In |