Thread

autoACL

Introduction

autoACL is Access Control Library for codeigniter. This library works with two methods.

  1. User access control by role, e.g:
      a) “admin/” is admin page that can be accessed only by admin.
      b) “salary/” is employer’s salary page that can be edited by hrd dept and accounting dept.
  2. User access control by Very Private Page (VPP) check, e.g:
      a) “profile/edit/john.r” is a page to edit profile information that can be edited ONLY by user who logged on with username “john.r”.

Features

  1. Restrict user based on role group.
  2. Restrict user to access, edit or delete other user private page.

Advantages

  1. No database needed. Work faster.
  2. No need to modify controller. This library is autoloaded.

Set Up

  1. Add autoacl to the autoload libraries to use it.

$autoload['libraries'] = array('autoacl');

  2. Copy folder config and libaries to application folder.

Demo

  * If NOT Using Modular Separation (ME, HMVC, Matchbox, or others)
      1. Copy profile.php and salary.php to your controllers.
      2. Try to access all methods and see the message. e.g. http://localhost/yourbase-url/profile/edit/john; http://localhost/yourbase-url/profile/edit/15; http://localhost/yourbase-url/profile/view/john
  * If USING Modular Separation (ME, HMVC, Matchbox, or others)
      1. Copy test folder to your modules folder.
      2. Try to access all methods and see the message. e.g. http://localhost/yourbase-url/test/profile/edit/john; http://localhost/yourbase-url/test/profile/edit/15; http://localhost/yourbase-url/test/profile/view/john

Download

The download also includes test module for test purpose. http://bitbucket.org/ardinotow/autoacl/

Copyright notes:
This work is modification from Wiredesignz & Maxximus’s MX_acl (http://ellislab.com/forums/viewthread/111916)

A good ACL tool is a must have for any framework.  Frankly, I have yet to find one for CodeIgniter that I like.  I will look into this one more, but a quick glance shows some good ideas.  A side note:  I love how your module is called ‘testacl’. Whether intentional or not, that’s pretty hilarious.

A side note:  I love how your module is called ‘testacl’. Whether intentional or not, that’s pretty hilarious.

Maybe I should change the letter case to TestACL for better meaning.
Cheers

A side note:  I love how your module is called ‘testacl’. Whether intentional or not, that’s pretty hilarious.

Maybe I should change the letter case to TestACL for better meaning.
Cheers

Or just spell it Tesicle? I think that Tony meant the choice of name which sound like male genitalia… 😊

Using portions of my code from MX_ACL Access Control library (see my signature) requires that you acknowledge copyright. Please do so. Thanks.

There is nothing worse than having your work taken and attributed to someone else.

A side note:  I love how your module is called ‘testacl’. Whether intentional or not, that’s pretty hilarious.

Maybe I should change the letter case to TestACL for better meaning.
Cheers

Or just spell it Tesicle? I think that Tony meant the choice of name which sound like male genitalia… 😊

well, it’s a good thing it isn’t MY_testacl

A side note:  I love how your module is called ‘testacl’. Whether intentional or not, that’s pretty hilarious.

Maybe I should change the letter case to TestACL for better meaning.
Cheers

Or just spell it Tesicle? I think that Tony meant the choice of name which sound like male genitalia… 😊

well, it’s a good thing it isn’t MY_testacl

Well, you can easily use the config.php to setup a different prefix. What about:

YOUR_testacl
or
OLD_testacl
or
SOMEONE_ELSES_testacl

Pick your flavor! 😊

I just change the new module name so it won’t be “hilarious” 😊

Using portions of my code from MX_ACL Access Control library (see my signature) requires that you acknowledge copyright. Please do so. Thanks.

There is nothing worse than having your work taken and attributed to someone else.

Sorry my friend, I didn’t notice that before. I have change the copyright as you stated in MX_acl. The idea is from your work. Thanks.

Two years old thread yet still live 😊
New UPDATE: version 8.11.1 now support multi language.
Check it out guys https://bitbucket.org/ardinotow/autoacl/downloads

Hi Guys ,

I am totally new user of ar-acl library.

Can anyone explain me how works this? I am trying to understand how works and how should i adjust this to working according my needs without results.

Please help me.

Thanks in advance.

.... how should i adjust this to working according my needs without results…...

Without explanation of what exactly your problem is we can’t help you. Please provide your question with codeigniter version, and also how to reproduce your problem

I know autoacl doesn’t require a database and is extremely simple to use and I am still getting the hang of it, but I have a school project where I will need to store users and groups and access rights in database, I need to load the config from the database somehow instead of the config file, so can it be done? can anyone help? Thanks in advance.

I don’t think is the tool set you are looking for.  Take a look at Ion_Auth.  It’s pretty easy to get working (but note there are some issues if you are using the nitely build), and it uses the database to store users and groups.  From there, it’s pretty simple to implement access control.

I don’t think is the tool set you are looking for.  Take a look at Ion_Auth.  It’s pretty easy to get working (but note there are some issues if you are using the nitely build), and it uses the database to store users and groups.  From there, it’s pretty simple to implement access control.

I had a look at ion auth before, but my problem is, as far as I understand I need to manually check access control per function in ion auth like this

//get $groups from database
function events_list()
{
   if (!$this->ion_auth->FALSE)
   {
     redirect(base_url() . ‘auth/login.html’, ‘refresh’);
   }
   else
   {
     //user is permitted to see the page
   }
}

but with autoacl this check is done automatically, and I already have a lot of functions ready and refactoring them will be a nightmare.

The real problem for me is in this project the groups are dynamic and each group may have access to some controller/functions and not to others. So i have a tables like roles, page, role_page, where role_page contains which role has access to which page.

And thank you very much fro replying.