0

Hello everybody i need help on codeigniter roles or permision. i have one user role (the admin) :

Table users ine the database :

id   int(11)    
email    varchar(100)   
password varchar(128)       
name     varchar(100)

in my admin panel i have (page.php controller)=page management, page order, (agent.php controller) = add,edit,delete... , (gyms) = add,edit,delete... ,(article.php controller)

and i have 21 sections, for each section i have more than one treatment, what i want is to assign to each section an admin than can edit and view only his section. so i will have 21 section_admin and one (or more) global_admin than can manage everything

i add an other field in users table named type : type varchar(50) it will have two values section_admin or global_admin. I searched but i found no tutorial that shows me how do that.

i don't know how to integrate roles management in my system. Can someone help me?

The controler : user.php

    class User extends Admin_Controller
            {

                public function __construct ()
                {
                    parent::__construct();
                }

                public function index ()
                {
                    // Fetch all users
                    $this->data['users'] = $this->user_m->get();

                    // Load view
                    $this->data['subview'] = 'admin/user/index';
                    $this->load->view('admin/_layout_main', $this->data);
                }

                public function edit ($id = NULL)
                {
                    // Fetch a user or set a new one
                    if ($id) {
                        $this->data['user'] = $this->user_m->get($id);
                        count($this->data['user']) || $this->data['errors'][] = 'User could not be found';
                    }
                    else {
                        $this->data['user'] = $this->user_m->get_new();
                    }

                    // Set up the form
                    $rules = $this->user_m->rules_admin;
                    $id || $rules['password']['rules'] .= '|required';
                    $this->form_validation->set_rules($rules);

                    // Process the form
                    if ($this->form_validation->run() == TRUE) {
                        $data = $this->user_m->array_from_post(array('name', 'email', 'password'));
                        $data['password'] = $this->user_m->hash($data['password']);
                        $this->user_m->save($data, $id);
                        redirect('admin/user');
                    }

                    // Load the view
                    $this->data['subview'] = 'admin/user/edit';
                    $this->load->view('admin/_layout_main', $this->data);
                }

                public function delete ($id)
                {
                    $this->user_m->delete($id);
                    redirect('admin/user');
                }

                public function login ()
                {
                    // Redirect a user if he's already logged in
                    $dashboard = 'admin/dashboard';
                    $this->user_m->loggedin() == FALSE || redirect($dashboard);

                    // Set form
                    $rules = $this->user_m->rules;
                    $this->form_validation->set_rules($rules);

                    // Process form
                    if ($this->form_validation->run() == TRUE) {
                        // We can login and redirect
                        if ($this->user_m->login() == TRUE) {
                            redirect($dashboard);
                        }
                        else {
                            $this->session->set_flashdata('error', 'That email/password combination does not exist');
                            redirect('admin/user/login', 'refresh');
                        }
                    }

                    // Load view
                    $this->data['subview'] = 'admin/user/login';
                    $this->load->view('admin/_layout_modal', $this->data);
                }

                public function logout ()
                {
                    $this->user_m->logout();
                    redirect('admin/user/login');
                }

                public function _unique_email ($str)
                {
                    // Do NOT validate if email already exists
                    // UNLESS it's the email for the current user

                    $id = $this->uri->segment(4);
                    $this->db->where('email', $this->input->post('email'));
                    !$id || $this->db->where('id !=', $id);
                    $user = $this->user_m->get();

                    if (count($user)) {
                        $this->form_validation->set_message('_unique_email', '%s should be unique');
                        return FALSE;
                    }

                    return TRUE;
                }
            }

The model user_m.php : 

                protected $_table_name = 'users';
                protected $_order_by = 'name';
                public $rules = array(
                    'email' => array(
                        'field' => 'email', 
                        'label' => 'Email', 
                        'rules' => 'trim|required|valid_email|xss_clean'
                    ), 
                    'password' => array(
                        'field' => 'password', 
                        'label' => 'Password', 
                        'rules' => 'trim|required'
                    )
                );
                public $rules_admin = array(
                    'name' => array(
                        'field' => 'name', 
                        'label' => 'Name', 
                        'rules' => 'trim|required|xss_clean'
                    ), 
                    'email' => array(
                        'field' => 'email', 
                        'label' => 'Email', 
                        'rules' => 'trim|required|valid_email|callback__unique_email|xss_clean'
                    ), 
                    'password' => array(
                        'field' => 'password', 
                        'label' => 'Password', 
                        'rules' => 'trim|matches[password_confirm]'
                    ),
                    'password_confirm' => array(
                        'field' => 'password_confirm', 
                        'label' => 'Confirm password', 
                        'rules' => 'trim|matches[password]'
                    ),
                );

                function __construct ()
                {
                    parent::__construct();
                }

                public function login ()
                {
                    $user = $this->get_by(array(
                        'email' => $this->input->post('email'),
                        'password' => $this->hash($this->input->post('password')),
                    ), TRUE);

                    if (count($user)) {
                        // Log in user
                        $data = array(
                            'name' => $user->name,
                            'email' => $user->email,
                            'id' => $user->id,
                            'loggedin' => TRUE,
                        );
                        $this->session->set_userdata($data);
                    }
                }

                public function logout ()
                {
                    $this->session->sess_destroy();
                }

                public function loggedin ()
                {
                    return (bool) $this->session->userdata('loggedin');
                }

                public function get_new(){
                    $user = new stdClass();
                    $user->name = '';
                    $user->email = '';
                    $user->password = '';
                    return $user;
                }

                public function hash ($string)
                {
                    return hash('sha512', $string . config_item('encryption_key'));
                }
            }
4

4 回答 4

1

有太多方法可以将权限系统合并到您的项目中,这完全取决于您的需要。如果我正确理解您的问题,我将为您的案例提供一个基本的想法:

  1. 是的,您可以向用户表添加另一个字段并将其命名为角色
  2. 在您的部分表中添加一个 user_id 字段。这就是您将用户与部分联系起来的方式。
  3. 用户登录后,验证该用户是否为 section_user,如果是,则需要根据该 user_id 从 db 中提取正确的部分。
  4. 如果不是,则表示它是 global_admin,然后显示所有部分。

我不确定我是否正确理解了你的问题。

让我知道。

于 2013-07-20T04:49:28.880 回答
0

省去麻烦并使用它:Flexi-Auth。例如,您将拥有所需的所有管理员类型的角色和权限。

于 2013-07-20T04:57:04.973 回答
0

我不确定你到底想要达到什么目标,但我会大致解释一下我会做什么:

1) 定义一个 URL 方案

例如,如果您有一个面向汽车爱好者的网站,则每个品牌可能都有自己的部分:

somesite.com/section/honda
somesite.com/section/ford
somesite.com/section/toyota

这些 URL slug(honda、ford、toyota 等)有效地成为您尝试访问的部分的标识符。每一个都是独一无二的。

然后,您需要确保 /section/ 之后的每个 slug 都是参数而不是函数调用。您可以通过进入 /application/config/routes.php 并定义这样的路由来做到这一点:

$route['section/(:any)'] = section_controller/$1; 
// $1 is the placeholder variable for the (:any) regex. So anything that comes after /section will be used as a parameter in the index() function of the section_controller class.

2.创建一个名为'section'的新数据库,以及一个相应的模型

现在只需给它两个字段:*section_id* 和 *section_name*。这将存储每个独特的部分。该模型的代码将是这样的:

class Section extends CI_Model
{
    public $section_name;
    public $section_id;

    public function loadByName($section_name)
    {
         $query = $this->db->select('section_id', 'section_name')
                        ->from('section')
                        ->where('section_name', $section_name);

         $row = $query->row();

         $this->section_name = $row->section_name;
         $this->section_id = $row->section_id;

         return $row;
    }

    public function loadById($section_id)
    {
         $query = $this->db->select('section_id', 'section_name')
                           ->from('section')
                           ->where('section_id', $section_id);

         $row = $query->row();

         $this->section_name = $row->section_name;
         $this->section_id = $row->section_id;

         return $row;
    }
}


3. 在用户表中,创建一个名为 *section_id* 的附加字段

这将是对他们作为管理员的部分的 ID 的引用。例如,如果 Toyota 的 section_id 为 381,则使用 381 作为 user 表中 section_id 字段中的数字。

4.请求页面时,根据slug名称查找section_id。

在你的控制器文件中,你应该在 index() 方法的某处加载截面模型,如下所示:

class Section_controller extends CI_Controller
{

    public function index($section_name)
    {
          // I will assume you've already loaded your logged in User somewhere

          $this->load->model('Section');
          $this->Section->loadByName($section_name);

          if ($this->User->section_id == $this->Section->section_id)
          {
              // Render the page with appropriate permissions
          }
          else
          {
              // Throw an error
          }
    }
}

我不会详细说明所有这些。您必须阅读 Codeigniter 文档以掌握如何处理路由、控制器、数据库查询等。

于 2013-07-20T05:42:23.853 回答
0

如果您只有 2 个角色,那么它可以轻松实现。你知道用户是否是管理员,如果用户 > 是管理员,那么它会激活管理员有权访问的所有部分。如果用户是,那么他将无法>获得访问权限。

如果您愿意使用 tankauth 身份验证库,如果您有足够的时间来完成任务,请转到 tankauth。

您还可以使用 bonfire(HMVC) 进行用户身份验证。

于 2013-07-20T06:02:40.673 回答