I have built an app using codeigniter which has 3 different member groups
Admininstrators - Who login to a dashboard and have CRUD facilities to Add/Edit/Delete Events, shows and artists
Clients - Who Login from the front end and see all the items that the admin have added via the back end.
Media Partners - Who Login from the front-end and see certain parts of what the client can see but not all things.
I have integrated the Tank_Auth Library for the Clients section which all works fine. What I would like to achieve though is for the administrator to be able to login to a seperate admin area and the media partners to be able to login to a seperate area too.
What is the best way to approach this?
Do I need to create sepearate dashboard controllers for each userbase and duplicate the Tank_Auth controller 3 times and tweak this?
Ideally The Admin users also need to be able to add news users and login to all 3 seperate areas?
Has anybody achieved such a solution before, If so how did you go about it? perhaps tank auth isn't the correct approach?
Any input would be appreciated.
Thanks Dan
I am using CI, but haven't used Tank_Auth, I have my auth class and in every function I have the following method called: $this->auth->accessMap(get_class($this),__FUNCTION__);
In auth class:
public function accessMap($controller_name,$function_name)
{
if ($this->perms_array[$controller_name][$function_name])
return true;
else $this->redir();
}
I have permissions array in config:
$config['user_perms']['className']['method1'] = array($config['user_types']['admin']);
$config['user_perms']['className']['method2'] = array($config['user_types']['admin'],$config['user_types']['user']);
Like this you can specify for each method which user has permission to use it.
I hope this will help.
I can't find the thread on the CI forums because I can't seem to login to their website right now, however do a search for 'zend_acl in codeigniter'. Alternatively there is this blog post about how to implement it, but it is slightly dated.
ACL stands for Access Control List, it will allow you to setup various permissions for different types of users. Zend has one of the best implementations of ACL in my opinion.
More information about ACL's can be found on zend's website.
Absence of user group is a pain when using tank_auth if we have multiple user groups. I ran into this issue recently. Here is the solution posted in CI forms.
Using tank_auth for both front end user registration and login and back end admin login
Related
I am building a eCommerce platform. Where I have to make several user roles and specific permission for them. I have successfully created admin and default user roles and permission.
But I am getting so much trouble to show the views and menu items based on other user roles like Editor/Manager/CS Team.
I tried to do using different middleware for every one of them. But It's not working efficiently and even at all.
For the Admin role, I created a Admin Middleware where I am checking user role type and giving access. I defined the admin middleware on Route gruop.
Can you suggest me? - how to setup permission/views/menu items efficiently for different user roles?
Thanks in Advance.
Note: I am trying to do it without any package.
Yes you can make your own custom build library by setting roles,permission table in database and as soon as the user log's in you put all that information in session or cache. But doing so might get you in trouble in future coz lack of testing it's all feature, You have to be sure what exactly you are doing to manage it by yourself or else you can use already tested many time library like
laravel-permission
Using a well known and trusted library ensures that it will solve your problem, but take your time to read it's documentation and analyse if it contains all features that you want in your application.
You need to define policy.
Policies are a great way to protect actions on your Eloquent Model. Laravel Policies are the part of Laravel Authorization that helps you to protect resources from unauthorized access.
Please refer this documentation to how to register policy and how it works in views file:
https://www.larashout.com/laravel-policies-controlling-authorization-in-laravel
I'm building a site that has two areas: the main site, and an admin area.
The main site has to have Facebook login functionality (I'm looking at using Sammy K's Laravel Facebook SDK) and the admin area is just going to have a database-based login; basically the Laravel login system.
I'm wondering how to approach this, and whether anyone's done this before. Some design considerations:
Should I have two separate user tables?
Should I use two route filters, one for each auth type?
If I only have one user table, should I use different groups (somehow - I'm not sure they'll built in?) or some indicator to let the system know whether it's a database-based, user/password login, or just a Facebook login?
since you are using facebook SDK,
you don't need a user table to begin with in most cases/projects.
if you indeed want to use two different authentication, then yes, use one for each auth type.
assign different routes for each of the case. don't need to bring all those different entities together and make a sandwich.
hi I am developing custom component in joomla 1.7 I want to restrict user task based on user groups. I have created table and saved all the controller names and tasks and saved the permissions for the previous tasks with user group id. In central com_component.php file I check the user permissions and authorized the taks with controller. This is working really well. What I want to know is can I use addACL() or authorized() functions to do this which is I really don't understand correctly. Bcoz Here I want use both controller and task together.
Developing a component with the Access Control List is described on Joomla! documentations in detail (link). I think the first thing to do is follow the instructions described there. There is even sample code that you can download and use.
The plugin 'GroupJive' for the Community Builder component has ways to do what you are looking for. I would look to that project at least for a guideline. I will be digging into a similar challenge this weekend and if I find code without the need for the component I will let you know.
I've been using CakePHP for some time now. But I still fail to solve some issues on my own.
Its been difficult to understand how Cake Auth works but in these past few weeks I've managed to work with it.
Now to my issue:
I have 2 separate tables(Say for Admin Users and Normal Users). Both have different Controllers (Lets say they are AdminsController and UsersController).
Now I have completed Users module without any trouble. Users login and Admin Login are different views. As I dont want any normal User to be able to get their hands on Admin login page I've kept it separate from normal user login.
Users login works fine with Auth. But now I want to use another Auth for AdminController for some reason I am unable to make use the second Auth from AdminController and control automatically transfers to the Users Login
It would be great if someone could point in the correct direction. Please!
Thank You. In advance!!
P.S : I've also tried using Auth->userModel
Sorry everyone I was using Auth->userModel slightly wrong way.
I was adding it to my Admin Controller but not in User Controller so if you came here looking for an answer please use
$this->Auth->userModel="User";
in every controller in beforeFilter()
enjoy.......
I'm having a hard time understanding how the CakePHP admin system works.
Should all controllers who has an action which requires login include AuthComponent or just the one who handles the login/logout?
Let's say I want to protect the add action of a controller. First I create admin_add() in the controller and then in the beforeFilter() method I check if $this->Session->check('Auth.User') is set a redirect based on this? Turns out it was better to just controll this with $this->Auth->allow()
What is the easiest way to return to the URL the user was trying to access? Is there a better way than setting a session variable? Turns out it does this automagically :)
If someone has a good tutorial for this I would happily read it :)
I've already read this tutorial but I found it to be a little to basic and the CakePHP-docs are not that great on this topic either.
There is no Cake admin system as such. There is Authentication component and there is Access Control List component. You can use only Authentication component if you wish or you can use both of them. If you want to create your admin system from scratch follow this tutorial. Or you can try already created admin panel - PoundCake Control Panel.
we have created an admin system for cakePHP, works similar to the scaffolding but it's configurable and ready to deploy, check it at http://browniephp.org
You can learn a lot from others codes, specially something like CakePHP Admin plugin at: https://github.com/Maldicore/Admin