Files, permissions and authentication oh my!

[eluser]Steve [at] Gleam.[/eluser]
I am currently making a file management application for a college consortium. All consortium member groups wish to upload files and share them between different consortium member groups.

When adding a file the user needs to be able to choose who has access to the file, I'm thinking of using checkboxes to select the different groups/users (only a few) the file would be assigned to. All groups can access the same pages, it is just the files access permissions that need to be set on the fly.

So far I have all of the upload stuff done, however being new to CI I'm wondering if it is best to roll my own auth system? Or maybe there is something close out there to what I need.

This is what I am thinking for the db tables:

Code:

// Roles
id
name

Code:

// Permissions
id
file_id
user_id
role_id

Code:

// Users
id
# ... bla, bla

Code:

// Files
id
# ... bla, bla

Using the above I should be able to: a) Check if the group has access to a file being requested b) Check if the user has access

Is this the right way to do things, or am I completely off track?

Any help, suggestion would be greatly appreciated.

Cheers,
Steve

[eluser]adamp1[/eluser]
I would just use one of the premade auth libraries. FreakAuth, Erkana Auth, pc_auth. They should all do what you want.

Other than setting up apache access rights this seems to be the most flexible.

[eluser]Steve [at] Gleam.[/eluser]
Thanks for your response.

It made me think more about using a 3rd party solution for authentication and this seems to be along the right lines as an add-on for ErkanaAuth, also ErkanaAuth seems very light weight and a good base.

http://ellislab.com/forums/viewthread/63423/P10/#317491