[nycphp-talk] What UserLogin/Auth mechanism do you use ?
Mark Armendariz
nyphp at enobrev.com
Fri Dec 12 16:31:32 EST 2003
So here's my thoughts for a permissions system. Don't read below this if
you're uninterested, but if you do, let me know if I'm on a good track or if
I'm just plain nuts.
Tables:
users
-----
user_id
group_id // for a userS to group (either or, see below)
Username, etc...
groups
------
group_id
parent_id
group_title
x_users_groups // for userS to groupS (either or, see above)
--------------
user_id
group_id
sections
--------
section_id
section_title
permissions
-----------
permission_id
permission_title [read, write, view, update, delete, etc]
x_group_permissions
-------------------
section_id
group_id
permission_id
precedence
user_perms
----------
section_id
user_id
perm_id
Ex. Can_do('news', 'view', $login->get_user_id());
Function Can_do($section, $perm, $user_id) {
// Check user perms if allowed (user perms get top priority) - if
yes, return true
...
// Check user group perms if allowed (precedence field sets priority
in case of multiple groups) - if yes return true
...
// Loop through groups and check parent(s), if yes, return true
...
return false
}
That's the very basics I've got in ink.
Mark
More information about the talk
mailing list