I am building a website in PHP & mySQL. It has frontend and backend capabilities. Only admin can enter the backend by means of username and password. Now if the admin wants to add other sub-admins to the website, he could do so. By this method, a sub-admin will be able to login and perform all actions that the original admin is able to do.
WHAT I WANT TO DO:
I want to restrict the access of the sub-admins at my choice and assign them permissions so that they are able to access only certain portions of the admin panel.
EXAMPLE OF THE FEATURE THAT I AM TALKING ABOUT:
Consider that I have the following links accessible by original admin.
1. Add articles 2. Approve articles 3. Delete Articles 4. Add User 5. Edit user 6. Delete User 7. Change site settings 8. View Financial info 9. Mail center
If I do not set any permissions, then all sub-admins will be able to access all of above links. Say I create 2 sub-admins 'David' and 'Bob'.
Now I want David to access only the following desired sections of the backend:
Add articles, 4. Add User, 7. Change site settings
Now I want Bob to access only the following desired sections of the backend:
Add articles, 2. Approve articles, 3. Delete Articles, 4. Add User, 9. Mail center
I, being the original admin, should be able to access all sections whereas, David and Bob, should be able to see & access only the links and pages (or functionality) that have been assigned to them. I don't have a clue as to how to do this. Also, for example, if I want to restrict a sub-admin to access only 'Add articles' page, then I also want him to access the page that it posts to (considering that the input is on Add articles page) add_articles_next.php page. Also note that 'add_articles_next.php page' does not appear anywhere in the list of links. It is merely a page that is posted to from the page to which the sub-admin has access.
I understand that there is no way for the system to know that unless I explicitly specify it, but yes, that's my question. How to do it? I am not a object oriented person, so PHP code using functions will be great for me.
OTHER LIVE EXAMPLES OF THE FEATURE THAT I AM TALKING ABOUT:
I came across a feature while researching this topic. Click here to visit it. This looks like somewhat similar feature.
Thank you all in advance for any code that you can give me.
This has been asked a number of times before on SO. The keyword to search for is Access Control Lists (ACL). One of the most prominent PHP solutions for ACL is Zend_ACL. It's very generic and should enable you to customize it to your needs.
Edit regarding your comment about object oriented libraries:
Finding an ACL solution that is not object oriented is going to be very, very difficult as there are very few good ACLs for PHP on the market (Zend is about the only one I know, really) and most modern applications are taking a more or less object oriented approach. But don't worry, check out the tutorials. I think you will have no problem using Zend_Acl in a function oriented app. You will need to talk to the ACL via OOP, but that's easy. I don't think you'll have to change your app much. Give it a try, and on a general note, basic OOP isn't difficult to learn. Just give the "Classes and Objects" chapter in the PHP manual a good read.
Related
We have a site where we are intending to sell access to video tutorials. I have set up Joomla ACL to limit access to those pages only to those users who have been given the relevant access permissions and access is being sold through shopping cart called MijoShop.
This setup is working okay at the moment, but there is bit of an issue with user experience. At the moment it seems I can only stop people from viewing a page, but I can't see an easy way to show them alternative content with Joomla ACL. Ideally, if a logged-in user does not have access to a certain video tutorial page, when they click on the link to the page they will instead see a page giving them an opportunity to buy access to the tutorial. This means that I need a method for showing different content on the same page depending on which Joomla user groups a user is assigned to. Is this possible with vanilla Joomla ACL, or am I going to have to find a content management extension that can add the ability to do this?
You should be able to do that with the Vanilla ACL. IIRC you can setup various groups with access to different tutorials/pages/things - then you can make a member a part of multiple groups - thus giving them access to those things as needed.
If unable to do something like that - then I think George Wilsons comment would suffice for a while and you could implement some if/then/else type statements into the code of the article which would work.
Your best bet however is to try the ACL solution first and foremost as that allows you to keep things generally more easy to manage from a backend perspective.
FB, having updated their API to disallow generic shares (Oct 2012), now require us to utilise built-in actions. Moving on from there, we can use Mention Tagging (https://developers.facebook.com/docs/opengraph/mention_tagging/) to allow messages and mentions be created - this is all fine.
However, on the same page above they say "You must also describe step-by-step how users can add/remove tags in your app." - but they neglect describing what call must be made to the API to do so.
Has anyone else done this successfully?
Say I have a user who's mentioned 5 people in an action post. Then say one of them would like to be untagged. I provide them a link to allow them to untag themselves, but what call should be made to the API.
Has anyone got any experience at this? All help appreciated.
Paul G
Say I have a user who's mentioned 5 people in an action post. Then say one of them would like to be untagged. I provide them a link to allow them to untag themselves
I don’t think you have to offer a link for tag removal to the other users that have been tagged by your user. Standard FB functionality through the facebook.com UI should enable them to do that already.
It does not make much sense to me to offer such links on your own to people that have been tagged by your app’s user, but might not even be using your app themselves. (To ensure that they are legitimately requesting to be un-tagged, you’d have to identify them first – by having them connect to your app. I don’t think that’s how Facebook want it to be.)
To me, the intention of the guidelines is more to ensure that you are building a clearly understandable UI for your app, for the process of the user entering his message. If they start to type #PaulG, and you want to “translate” that into a tag, f.e. by highlighting it in the text edit box like it happens on facebook.com, then it a) has to be absolutely clear to your user, that they are tagging someone this way, and b) you have to give your user a way of removing that tag right there and then (before posting his message), in case he does not want to tag a user, but just have the characters “#PaulG” stand for themselves in his message.
what i have to build is page that have some pages that are restricted and some are not on similar links. I`ll try to explain it on example:
Let's say that i have users in my system (based on FOSUserBundle), and each of them have own account that contains a Blog and Gallery (different controllers). Some of User want to give access to thier Blog and Gallery only for certain group of people (that are not stored in system), so they generate token (only one token, so whoever know token will be able to access area) and sends to Users. What i don`t want to do is to check it in each method of controllers.
So let`s say we have 2 users, steven and stan and first of them want to make his blog and gallery free to see, but second one want to be restricted based on token.
Link would be like this:
/steven/blog
/steven/gallery
/stan/blog
/stan/gallery
Could anybody recommend some solution or any idea how can i try to build it in Symfony2?
Why don't you want to check it into the controllers ? I don't see any others ways to do that, according you want it to be dynamic and possibly changing.
I was considering using drupal to solve this problem, but not sure if it can be done with drupal.
I'm trying to implement access to content through points.
If the user does not have sufficient points, they should not be able to access the content
and as they access content, points get removed from their existing points
Can this be done with drupal?
This module is still in development, but it looks like the answer to your question: Userpoints Node Access. Maybe you can help the developer test and improve the module.
This sounds to me like simple access restriction that could be accomplished by using php/mysql to store user information, authenticate users and restrict access to the content based on how many points/credits they have left.
let the users log in, then when the user accesses the page query their account to see if they have any points left, if so then display the content and update their account to deduct points. One thing to think about with this though is some way to keep it from charging them multiple times for the same page.. They might get mad if they do something like refresh the page a couple times and get charged repeatedly :D
If on the other hand you also need a CMS to manage your content, it could get a little more difficult. I don't know of any that handle something like this.. You might end up writing a plugin or modifying the code by hand.
I'm building a site with Joomla where a forum should exist amongst other things. But also I plan to develop a custom made functionality (diary-like) with a php inserts (it really works, for example with jumi). The problem is that I suppose nobody will understand if the forum and this sub-site will have separated logins. I'd use an existing forum authentication for my code also, but I don't like the idea that the login will look like forum-only login. I see there are bridges exist (like JFusion), but should I choose one particular forum extension if I plan to use a particular bridge extension? And are bridges easy to access with custom-made php code?
If this is for a Joomla 1.5 website, you will want to create a user plugin that will log the user into your custom site as they log into Joomla. Take a look at plugins/user/example.php for an example user plugin. The onLoginUser function will be called just after someone successfully logs into Joomla. At this point, you'll have all of their data in the $user array that's passed into the function. You should be able to use this information to create a bridge into your external PHP application.