CodeIgniter -- Best implementation for ACL

php codeigniter acl

11,816

You will need to separate controllers for each type of permission, and have a module that checks the session variable set when the user logs in with the type of permission allowed for that particular controller.

// module User_model:
function is_logged_in_admin()
{
    $is_logged_in = $this->session->userdata('is_logged_in');
    $user_status = $this->session->userdata('user_type');
    if(!isset($is_logged_in) || $is_logged_in != true || $user_status != 'admin')
    {
    $this->session->sess_destroy();  
    redirect('please_login/', 'refresh');           

    }       
}

Controller , load the module and check in the construct:

    function __construct()
{
    parent::__construct();
    $this->load->model('User_model'); 
        $this->User_model-> is_logged_in_admin();

}

11,816

Author by

Hopstream

Updated on June 05, 2022

Comments

Hopstream almost 2 years
What's the best way to implement ACL in CodeIgniter?
- DB based roles, groups, user persmissions?
- Create a library?
Here is what we're working with:

Articles, Authors

There are two types of author:
- Normal author (can only see his own articles).
- Author that is also an admin (can see all articles and approves other author's articles).
Considering the functionality will expand (more features that will need permission restriction for types of authors), what is the best way to do ACL in CodeIgniter?
Hopstream about 13 years

That would be just for login, not ACL for specific components of the controllers.
tylerpenney about 13 years

you could also include the is_logged_in_admin(); in each specific function within the controller.