Changeset Navigation

← Previous Changeset
Next Changeset →

Changeset 67

Timestamp:

04/13/07 09:04:04

Author:

grahack

Message:

FreakACL: ACL integration, first draft in the repo

Files:

Legend:

: Unmodified
: Added
: Removed
: Modified
: Copied
: Moved

FreakAuth/branches/FreakACL/www/system/application/config/freakauth_light.php

r64	r67
23	23
24	24	$config['FAL'] = TRUE; //TRUE/FALSE (boolean). Whether the FreakAuth system is turned on.
	25
	26	$config['FAL_use_ACL'] = TRUE; //TRUE/FALSE (boolean). Whether to use ACL or not
	27	$config['FAL_ACL_lib'] = 'FreakAcl'; // the name of the lib to load
	28	$config['FAL_ACL_check_function'] = 'check'; // the name of the check function to call
	29	$config['FAL_ACL_enable_local_check'] = FALSE; // if you want to switch between old local check() function and ACL
	30	// you can disable all of them here.
	31	// for security reasons, they'll be ignored only if FAL_use_ACL is true
25	32
26	33	$config['FAL_flash'] = TRUE; //boolean: if TRUE uses FLASH messages and redirect if not allowed

FreakAuth/branches/FreakACL/www/system/application/libraries/Freakauth_light.php

r64	r67
106	106	exit;
107	107	}
108
109		}
	108	else
	109	{
	110	// checks if ACL is used
	111	// acl lib in use can be configured in the FreakAuth config file
	112	// data to pass to the acl lib is set here, in the $acl_params array
	113	if ($this->CI->config->item('FAL_use_ACL'))
	114	{
	115	// retrieve config items
	116	$acl_class = $this->CI->config->item('FAL_ACL_lib');
	117	$acl_check_function = $this->CI->config->item('FAL_ACL_check_function');
	118
	119	// load the lib
	120	$this->CI->load->library($acl_class);
	121
	122	// prepare parameters
	123	$acl_params = array(
	124
	125	// this auth lib has been coded in order to allow you to
	126	// customize the ACL checking
	127	// if you want to use another ACL lib than FreakACL,
	128	// you will only have to change the config file and this
	129	// array you are reading in
	130
	131	// what we basically test here for FreakAuth is
	132	// WHO (role) can access WHAT (CI rerouted url)
	133
	134	// WARNING: FreakACL will only check those two WHO and WHAT
	135	// you'll have to implement your ACL lib if you
	136	// want to test user agents, referers...
	137
	138	////////////////////////////////
	139	// change your acl params here
	140
	141	// if role == '', we send 'guest'
	142	'role' => ($this->CI->db_session->userdata('role')==''?'guest':$this->CI->db_session->userdata('role')),
	143
	144	// notice the use of 'ruri_string' here:
	145	// a resource is a REROUTED url (closer to your code)
	146	// you can use uri_string if you want your resource to be
	147	// the original url
	148	'url' => trim( $this->CI->uri->ruri_string(), '/')
	149
	150	// end change acl params
	151	///////////////////////////
	152
	153	);
	154	// perform the acl test
	155	$acl_class_lc = strtolower($acl_class);
	156	$allowed = $this->CI->$acl_class_lc->$acl_check_function($acl_params);
	157
	158	// act in consequence
	159	if ( !$allowed ) $this->deny($this->CI->db_session->userdata('role'));
	160
	161	}// end of use_acl
	162	}// end of FAL on or off
	163	}// end of _init
110	164
111	165	// --------------------------------------------------------------------
…	…
128	182	function check($_lock_to_role=null, $_only=null)
129	183	{
130
	184	// may be disabled in config file
	185	if ($this->CI->config->item('FAL_use_ACL')
	186	AND !$this->CI->config->item('FAL_ACL_enable_local_check'))
	187	return true;
	188
131	189	//check who did the request and build role hierarchy
132	190	$_who_is = $this->CI->db_session->userdata('role');

Changeset Navigation

Changeset 67

Legend:

FreakAuth/branches/FreakACL/www/system/application/config/freakauth_light.php

FreakAuth/branches/FreakACL/www/system/application/libraries/Freakauth_light.php

Download in other formats: