Love Fuel?    Donate

FuelPHP Forums

Ask your question about FuelPHP in the appropriate forum, or help others by answering their questions.
ACL Implementation
  • I have got 2 user groups called admin,customer

    I have got 2 controllers called  Sales, Purchase and those have actions as below

    Sales
    -- sell
    -- approve

    Purchase
             -- buy

    Admin user group only can access the two actions sell and approve of the Sales controller
    Customer user group can access the buy action of the Purchase controller

    Can u give me some sample code to implement the access control list 
  • Assuming you use Auth, the code itself is pretty simple, if you want to go for access lists based on controller/actions:

    if ( ! \Auth::has_access('sales.sell'))
    {
        \\ handle your 403 error here, like display a message, redirect to a 403 action, throw an exception
    }

    How you define this permission and link them to groups depends on if you use Simpleauth or Ormauth.
  • I have plan to use the simple auth

    I am coming from the Zend Framework background and In Zend framework I define all access permission in one file and call them in bootstrap before the controller is called , and check the user has got permission to run it.

    I am looking for that kind of code sample. Please post if you have any sample code

    Thank you very much
  • Simpleauth uses a config file. Default config files are provided in the package.

    You need to copy the auth.php config file to app/config, and configure it for simpleauth. Then copy the simpleauth.php to app/config too. In there you'll find examples on how to define groups, roles and permissions.

    Once done, run the migrations to create the users table (make sure you configure your db first!):

    php oil r migrate --packages=auth

    You can check the docs for the methods available. There a controller example at http://docs.fuelphp.com/packages/auth/examples/auth.html. It's from a live app, so you can't copy and paste it, but it should give you enough pointers on how to make your own auth controller.

Howdy, Stranger!

It looks like you're new here. If you want to get involved, click one of these buttons!

In this Discussion