Welcome Guest, Not a member yet? Register   Sign In
CodeIgniter Forums Archived Discussions Archived General Discussion Implementing MM_USERGROUP in codeIgniter
Implementing MM_USERGROUP in codeIgniter
  • El Forum
    Guest
  •  
#1
02-10-2011, 03:03 AM

[eluser]afro[/eluser]
am implementing a eleave system, i would like to group the admin users into four groups. The first will be the system administrator, the second will be the administration whose job is to approve the applied leaves, the third group will be the help desk who will also be approving the leaves the last group will be the ceo at the top.

So the question is that how to i implement MM_USERGROUP with CodeIgniter in such a situation.

Thanks in advance.
  • El Forum
    Guest
  •  
#2
02-10-2011, 03:53 AM

[eluser]osci[/eluser]
I'm currently working on something like this in my auth system.
I haven't decided thought which roadmap i should select.
I'll explain them both.

Roadmap 1
Tables
user (id, username, psswd)
roles (id, descr)
user_roles (user_id, role_id)

This way you can assign to a user as many roles as you want and whenever you need you'll check if the user has the desired role.

Roadmap 2
Tables
user (id, username, psswd, role_id)
roles (id, descr, strength)
Let me give an example for this.
role sysadmin strength 100
role admin strength 90
role publisher strength 70
role uploader strength 50
role editor strength 50
role member strength 10

let's say you have a function you want available to publisher. the publisher's strength is checked and if the user's strength is >= the publisher's strength the user is allowed. this is more like a hierarchical auth system.

I started writing my auth using the first roadmap as I can explicity check if a user is in the allowed array of users ie user_role_is('admin', 'helpdesk'). I like this roadmap more but I don't know if there are any drawbacks yet.
  • El Forum
    Guest
  •  
#3
02-10-2011, 04:03 AM

[eluser]afro[/eluser]
thanks OSCI,


I was think of the following roadmap but got stuck,



$accessLevels = array("1","2","3","4");
$validLevel = $_SESSION['MM_UserGroup'];


if(array_search($validLevel, $accessLevels)>-1)
{

$this->load->view('systemadmin');
}
if(array_search($validLevel, $accessLevels)>-2))
{

$this->load->view('administration');

}
if(array_search($validLevel, $accessLevels)>-3))
{

$this->load->view('helpdesk');

}
if(array_search($validLevel, $accessLevels)>-4))
{

$this->load->view('ceo');

}


as u can see each user group is assign access level through that digit, can someone guide me from this point.
  • El Forum
    Guest
  •  
#4
02-10-2011, 04:39 AM

[eluser]osci[/eluser]
array("1","2","3","4") creates keys as of 0,1,2,3 respectively.
if something is not found in array_search it returns false otherwise it returns that key.
I don't understand why the minus is used in the comparisons.
based on your code and taking into consideration the false occasion

Code:
$accessLevels = array("1","2","3","4");
$validLevel = $_SESSION['MM_UserGroup'];

$search_result = array_search($validLevel, $accessLevels);

if ($search_result === FALSE)
{
   // code for access denied  
} else {
   if ($search_result < 1)
   {
      $this->load->view('systemadmin');
   }
   if ($search_result < 2)
   {
      $this->load->view('administration');
   }
   if ($search_result < 3)
   {
      $this->load->view('helpdesk');
   }
   if ($search_result < 4)
   {
      $this->load->view('ceo');
   }
}

The way your code is structured if you are a sysadmin you see all views.
Should sysadmin see all views or only his?
  • El Forum
    Guest
  •  
#5
02-10-2011, 05:19 AM

[eluser]afro[/eluser]
the systemadmin should be able to view the whole system, has no restrictions.




Theme © iAndrew 2016 - Forum software by © MyBB