Love Fuel?    Donate

FuelPHP Forums

Ask your question about FuelPHP in the appropriate forum, or help others by answering their questions.
Permissions overriding
  • Hi,
    I'm currently using the Auth package in one of my projects. I have several permissions assigned to different groups. However now I'd like to specify som of the permissions to one user.
    What is the final array of permissions if group (in table users_group_permissions) has permissions [1,2,3,4], but user (in table users_user_permissions) has only [5]?
  • HarroHarro
    Accepted Answer
    Permissions are cumulated, so in this case the user has permissions [1,2,3,4] because of group membership, and [5] because of direct assignment, so the effective permissions for this user are [1,2,3,4,5].

    If you don't want that, you need to specifically revoke rights, which you can only do through roles.

    But I would suggest to revise your permission system. If a user is a member of a group but is not allowed to have the permissions assigned to that group, there's something wrong in your permission system.

    Ideally you should use groups only for what they are meant: to group together users that are otherwise unrelated, like "Members" or "Employees", and use roles to assign permissions. A user needs permissions to do something, and that something is a role this user performs. Like "Moderator", "Project Manager" or "Paymaster".

Howdy, Stranger!

It looks like you're new here. If you want to get involved, click one of these buttons!

In this Discussion