1. In the DB, what's the utility of the field "actions" in the tables "users_permissions" ? We have "actions" in other tables like "users_user_permissions", "users_role_permissions", etc..
2. What means "area" in permissions ? It's can be for example "frontend", "backend" ?
Because i wan't to create system permission with controller and action. I would see somethings like this :
In Simpleauth, you only have two levels of permissions, so you can check for "blog.read" or "comments.[read,write]".
Ormauth adds an extra level to that, while maintaining compatibility with Simpleauth.
In our applications, "area" is the name of the module, permission is the function to perform (could be one-to-one with a controller, but not always so), and within that you can define actions to add more granularity to the permission. So we have checks like "admin.users[list,add,modify,delete]" for someone that needs to maintain the users of the application.
There is no set rule on how you should use it, if you want another system, go ahead. You're completely free to what you put in the area and permission columns.
When calling has_access() you can either check on "area.permission", "area.permission.action" or "area.permission.[action,action,action]".
Donate
