Codeigniter Simple ACL

A simple Role Based Access Control List that dosen’t require a database.

Users can have multiple roles, and roles have access permissions.

I’ve based this on the Drupal ACL which I very much like.

A configuration file called acl.php which needs to be stored in applications/config folder

A library file called acl.php which needs to stored in the applications/libraries folder

Inside the config file is the config array which has two arrays

$config[ 'permission' ] = array();

and

$config[ 'roles' ] = array();

 

To setup roles simply add role names, any names you like but you must have ‘admin’ as your main website owner/administrator

ie

$config[ 'roles' ] = array( ‘user’, ‘blogger’, ‘editor’, ‘umpire’, ‘admin’ );

now set up the permission (which I tend to do on a controller basis);

$config[ 'permission' ] = array(
    'users' => array(
        'add' => array( 'admin' ),
        'edit own' => array( 'blogger', 'editor', 'admin' ),
        'edit all' => array( 'editor', 'admin' ),
        'delete own' => array( 'blogger', 'editor', 'admin' ),
        'delete all' => array( 'editor', 'admin' ),
    ),
    'umpires' => array(
        'add' => array( 'admin' ),
        'edit own' => array( 'umpire', 'admin' ),
        'edit all' => array( 'admin' ),
        'delete own' => array( 'umpire', 'admin' ),
        'delete all' => array( 'admin' ),
    ),
    'cricket' => array(
        'add' => array( 'umpire', 'admin' ),
        'edit own' => array(), // not applicable
        'edit all' => array( 'umpire', 'admin' ),
        'delete own' => array( ), // not applicable
        'delete all' => array( 'umpire', 'admin' ),
    ),
);

 

Now your login process needs to add

$this->session->set_userdata('uid' = $uid);  // !important that you use uid for session name
$roles = array('user', 'blogger');
// If you are using a database to store users I would create a field called roles and save roles as either json or serialize
Then  $roles = unserialize($user->roles);
$this->session->set_userdata('role' = $roles);  // !important that you use uid for session name
To set permissions on controllers or functions
$this->load->library('acl');
//has_permission( The Controller, The min permission)
has_permission('cricket','add');
or for editing own post
//has_permission( The Controller, The permission, The post ID );
has_permission( 'posts', 'edit own', 234 );

 

You can download from here – the files are well documented (Remove the comments when you are ready to go live)

https://github.com/dollardad/CI-ACL.git

 

Leave a Reply

Your email address will not be published. Required fields are marked *

*

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>