A simple Role Based Access Control List that dosen’t require a database.
Users can have multiple roles, and roles have access permissions.
I’ve based this on the Drupal ACL which I very much like.
A configuration file called acl.php which needs to be stored in applications/config folder
A library file called acl.php which needs to stored in the applications/libraries folder
Inside the config file is the config array which has two arrays
$config[ 'permission' ] = array();
and
$config[ 'roles' ] = array();
To setup roles simply add role names, any names you like but you must have ‘admin’ as your main website owner/administrator
ie
$config[ 'roles' ] = array( ‘user’, ‘blogger’, ‘editor’, ‘umpire’, ‘admin’ );
now set up the permission (which I tend to do on a controller basis);
$config[ 'permission' ] = array( 'users' => array( 'add' => array( 'admin' ), 'edit own' => array( 'blogger', 'editor', 'admin' ), 'edit all' => array( 'editor', 'admin' ), 'delete own' => array( 'blogger', 'editor', 'admin' ), 'delete all' => array( 'editor', 'admin' ), ), 'umpires' => array( 'add' => array( 'admin' ), 'edit own' => array( 'umpire', 'admin' ), 'edit all' => array( 'admin' ), 'delete own' => array( 'umpire', 'admin' ), 'delete all' => array( 'admin' ), ), 'cricket' => array( 'add' => array( 'umpire', 'admin' ), 'edit own' => array(), // not applicable 'edit all' => array( 'umpire', 'admin' ), 'delete own' => array( ), // not applicable 'delete all' => array( 'umpire', 'admin' ), ), );
Now your login process needs to add
$this->session->set_userdata('uid' = $uid); // !important that you use uid for session name
$roles = array('user', 'blogger');
// If you are using a database to store users I would create a field called roles and save roles as either json or serialize
Then $roles = unserialize($user->roles);
$this->session->set_userdata('role' = $roles); // !important that you use uid for session name
To set permissions on controllers or functions
$this->load->library('acl');
//has_permission( The Controller, The min permission)
has_permission('cricket','add');
or for editing own post
//has_permission( The Controller, The permission, The post ID );
has_permission( 'posts', 'edit own', 234 );
You can download from here – the files are well documented (Remove the comments when you are ready to go live)
https://github.com/dollardad/CI-ACL.git