thank you very much for a great library, which by the way was implemented very easily to my project although i’m a newbie in CI and PHP programming 😊
Well, glad to help.
This is an archived forum and the content is probably no longer relevant, but is provided here for posterity.
The active forums are here.
December 01, 2008 6:14am
Subscribe [160]#181 / Dec 16, 2008 11:06am
thank you very much for a great library, which by the way was implemented very easily to my project although i’m a newbie in CI and PHP programming 😊
Well, glad to help.
#182 / Dec 16, 2008 11:11am
greats !!! 😊
can you zip your document ? i want to download to view offline like CI’s doc :D
Thanks, i thought no one would like the offline docs 😛 ,
so i remove it to save bandwidth.
For mean time you can download it from
#183 / Dec 16, 2008 12:02pm
Thanks Iverson,
In my opinion, i think it’s better creating a parser function to parse DX Auth config file,
then display it to GUI page.
Then if you save it you can create new config file, overwrite the old config.The benefit if you are creating the parser you can parse practically any static config (not only DX Auth),
and display it to your GUI page.This way also you don’t need to edit DX_Auth core.
True, but I’m not a fan of parser functions. Files can get cached, then you have to worry about picking up the changes i.e. refreshing, etc.
#184 / Dec 16, 2008 5:09pm
Dexcell this is great, exactly what I needed, is fast, secure, and easy to integrate into my own project.
:coolsmile:
many thanks
#185 / Dec 16, 2008 6:38pm
I have a question regarding expanding the functionality of this library:
Is it possible to extend it from MY_DX_Auth to inherit the method and goodness from DX_Auth but in the extending library write my new functionality?
Would be great! Then I could expand it without worring (not so much anyway) about upgrading.
#186 / Dec 16, 2008 10:57pm
^
It’s possible, but unfortunately it was written for compatibility,
Actually some function and variable should be declared as protected, but it was declared using private because of the limitation in php4, so you might not able to access it.
#187 / Dec 16, 2008 10:59pm
Looks like an excellent auth library. I haven’t really used it, but after looking at all the auth libraries I will be settling with this one.
A question, why didn’t you put your plugin in application/plugins directory?
#188 / Dec 16, 2008 11:10pm
Looks like an excellent auth library. I haven’t really used it, but after looking at all the auth libraries I will be settling with this one.
A question, why didn’t you put your plugin in application/plugins directory?
Thanks, will put it there later,
I thought it was not possible since there is no plugins directory in application directory.
#189 / Dec 16, 2008 11:11pm
Dexcell this is great, exactly what I needed, is fast, secure, and easy to integrate into my own project.
:coolsmile:
many thanks
:coolsmile:
#190 / Dec 17, 2008 4:12pm
Hello,
Because the holidays are near us and I will take a break for the next 15 days I will expose some of my ideas (I need them in a project of mine).
The base idea is that when I’m checking the URI I need to have an extra value in return. Also I’ve tried to adapt it to single or multiple roles.
I’m waiting for your comments and ideas to improve it 😉
WARNING: not tested, not optimized, with some problems in the logic, work in progress, for 1.0.2
First of all the database additions:
CREATE TABLE `app_controllers` (
`id` int(11) NOT NULL AUTO_INCREMENT,
`name` varchar(255) DEFAULT NULL,
PRIMARY KEY (`id`)
) ENGINE=InnoDB AUTO_INCREMENT=2 DEFAULT CHARSET=utf8;
INSERT INTO `app_controllers` VALUES (1,'backend');
CREATE TABLE `app_controllers_methods` (
`controller_id` int(11) DEFAULT NULL,
`method_id` int(11) DEFAULT NULL
) ENGINE=InnoDB DEFAULT CHARSET=utf8;
INSERT INTO `app_controllers_methods` VALUES (1,1);
INSERT INTO `app_controllers_methods` VALUES (1,2);
INSERT INTO `app_controllers_methods` VALUES (1,3);
CREATE TABLE `app_levels` (
`id` int(11) NOT NULL AUTO_INCREMENT,
`name` varchar(255) DEFAULT NULL,
PRIMARY KEY (`id`)
) ENGINE=InnoDB AUTO_INCREMENT=5 DEFAULT CHARSET=utf8;
INSERT INTO `app_levels` VALUES (1,'not allowed');
INSERT INTO `app_levels` VALUES (2,'worker');
INSERT INTO `app_levels` VALUES (3,'supervisor');
INSERT INTO `app_levels` VALUES (4,'manager');
CREATE TABLE `app_methods` (
`id` int(11) NOT NULL AUTO_INCREMENT,
`name` varchar(255) DEFAULT NULL,
PRIMARY KEY (`id`)
) ENGINE=InnoDB DEFAULT CHARSET=utf8;
INSERT INTO `app_methods` VALUES (1,'index');
INSERT INTO `app_methods` VALUES (2,'uri_permissions');
INSERT INTO `app_methods` VALUES (3,'custom_permissions');
CREATE TABLE `app_modules` (
`id` int(11) NOT NULL AUTO_INCREMENT,
`name` varchar(255) DEFAULT NULL,
PRIMARY KEY (`id`)
) ENGINE=InnoDB AUTO_INCREMENT=3 DEFAULT CHARSET=utf8;
INSERT INTO `app_modules` VALUES (1,'module1');
INSERT INTO `app_modules` VALUES (2,'module2');
CREATE TABLE `app_modules_controllers` (
`module_id` int(11) DEFAULT NULL,
`controller_id` int(11) DEFAULT NULL
) ENGINE=InnoDB DEFAULT CHARSET=utf8;
INSERT INTO `app_modules_controllers` VALUES (1,1);
CREATE TABLE `users_roles` (
`role_id` int(11) DEFAULT NULL,
`user_id` int(11) DEFAULT NULL
) ENGINE=InnoDB DEFAULT CHARSET=utf8;In dx config file:
$config['DX_module_name'] = 'module1';
$config['DX_module_role'] = 'single';In Roles model:
function get_roles($user_id)
{
$this->db->where('user_id', $user_id);
$_table = $this->_prefix.$this->config->item('DX_roles_users');
return $this->db->get($_table);
}In “backend” you have to replace all “DX_Auth” with “DX_Auth_Ext” and “dx_auth” with “dx_auth_ext”.
You have to add a new model:
class Application extends Model
{
function Application()
{
parent::Model();
// Other stuff
$this->_prefix = $this->config->item('DX_table_prefix');
$this->_modules = 'app_modules';
$this->_controllers = 'app_controllers';
$this->_methods = 'app_methods';
//$this->_table = $this->_prefix.$this->config->item('DX_roles_table');
}
function get_modules()
{
$this->db->order_by('id', 'asc');
return $this->db->get($this->_modules);
}
function get_modules_by_id($mod_id)
{
$this->db->order_by('id', 'asc');
$this->db->where('id', $mod_id);
return $this->db->get($this->_modules);
}
function get_controllers($module_id)
{
$this->db->select('*');
$this->db->from($this->_controllers);
$this->db->join('app_modules_controllers', 'app_controllers.id = app_modules_controllers.controller_id');
$this->db->where('module_id', $module_id);
return $this->db->get();
}
function get_methods($controller_id)
{
$this->db->select('*');
$this->db->from($this->_methods);
$this->db->join('app_controllers_methods', 'app_methods.id = app_controllers_methods.method_id');
$this->db->where('controller_id', $controller_id);
return $this->db->get();
}
function get_levels()
{
$this->db->order_by('id', 'asc');
return $this->db->get('app_levels');
}
}Functions to add in backend:
function cleanup_module($current, $parent)
{
foreach($current as $crt_k=>$crt_v)
{
if($crt_v == 0)
{
if($parent[$crt_k] == 'n')
{
unset($current[$crt_k]);
}
}
}
return $current;
}Oops, the second function for backend will be in the next post.
#191 / Dec 17, 2008 4:16pm
Lets go.
backend:
function module_permissions()
{
// Load models
$this->load->model('dx_auth/roles', 'roles');
$this->load->model('dx_auth/permissions', 'permissions');
/* Get post input and apply it to database */
$this->load->model('dx_auth/application', 'app');
/* Get the current displayed module */
$module_id = $this->input->post('module') ? $this->input->post('module') : '';
$module_obj = '';
$modules = $this->app->get_modules()->result();
$options = array();
foreach($modules as $mod)
{
if($module_id == '')
{
$module_id = $mod->id;
$module_obj = $mod;
}
elseif($module_id == $mod->id)
{
$module_obj = $mod;
}
$options[$mod->id] = $mod->name;
}
$data["module_id"] = $module_id;
$data["module_obj"] = $module_obj;
$data["module_opt"] = $options;
// If button save pressed
if ($this->input->post('save'))
{
$mod_perm = $this->input->post($module_obj->name);
$parent_perm = $this->input->post('parent');
$perm = $this->cleanup_module($mod_perm, $parent_perm);
$permission_data = $this->permissions->get_permission_data($this->input->post('role'));
$permission_data['m1r'][$module_obj->name] = $perm;
$this->permissions->set_permission_data($this->input->post('role'), $permission_data);
}
/* Showing page to user */
// Default role_id that will be showed
$role_id = $this->input->post('role') ? $this->input->post('role') : 1;
// Get all role from database
$data['roles'] = $this->roles->get_all()->result();
$role_obj = $this->roles->get_role_by_id($role_id)->row();
// Get edit and delete permissions
$permission_data = $this->permissions->get_permission_data($role_id);
if($role_obj->parent_id >0)
$parent_permission_data = $this->dx_auth_ext->get_parents_permissions($role_obj->id, $module_obj->name);
else
$parent_permission_data = array();
$data['parent_permission'] = $parent_permission_data;
$data['permission'] = array();
if(isset($permission_data['m1r']) && isset($permission_data['m1r'][$module_obj->name]))
{
$data['permission'] = $permission_data['m1r'][$module_obj->name];
}
// Load view
$this->load->view('backend/module_permissions', $data);
}Next - the view
#192 / Dec 17, 2008 4:17pm
And next - the library
#193 / Dec 17, 2008 4:18pm
require_once APPPATH.'libraries/DX_Auth.php';
class DX_Auth_Ext extends DX_Auth
{
function DX_Auth_Ext()
{
parent::DX_Auth();
}
/*
for multiple roles per user
*/
function _get_role_data_mnr($role_ids, $module, $data = array())
{
$permissions = array();
foreach($role_ids as $rid)
{
$permissions[$rid] = $this->_get_role_data_m1r($rid, $module);
}
$data['permission'] = array_merge($data,$this->_combine_mnr_permissions($permissions));
$data['role_name'] = '';
$data['parent_roles_id'] = array();
$data['parent_roles_name'] = array();
$data['parent_permissions'] = array();
return $data;
}
/*
For each roles check if exists a higher access level. If exists, keep the higher.
*/
function _combine_mnr_permissions($data)
{
$temp = array_pop($data);
$permission = $temp['permission'];
foreach($data as $role)
{
$temp = $role['permission'];
foreach($permission as $k=>$v)
{
if(isset($temp[$k]))
{
if($v < $temp[$k])
$permission[$k] = $temp[$k];
unset($temp[$k]);
}
}
$permission = array_merge($permission, $temp);
}
return $permission;
}
/*
we are loading the rights only for the current module we visit
for single role per user
*/
function get_parents_permissions($role_id, $module)
{
$perm = $this->_get_role_data_m1r($role_id, $module);
return $perm['permission'][$module];
}
function _get_role_data_m1r($role_id, $module, $data = array())
{
// Load models
$this->ci->load->model('dx_auth/roles', 'roles');
$this->ci->load->model('dx_auth/permissions', 'permissions');
// Clear return value
$role_name = '';
$parent_roles_id = array();
$parent_roles_name = array();
$permission = array();
$parent_permissions = array();
/* Get role_name, parent_roles_id and parent_roles_name */
// Get role query from role id
$query = $this->ci->roles->get_role_by_id($role_id);
// Check if role exist
if ($query->num_rows() > 0)
{
// Get row
$role = $query->row();
// Get role name
$role_name = $role->name;
// Get user role permission
$permission[$role_id] = $this->ci->permissions->get_permission_data($role_id);
/*
Code below will search if user role_id have parent_id > 0 (which mean role_id have parent role_id)
and do it recursively until parent_id reach 0 (no parent) or parent_id not found.
*/
// Check if role has parent id
if ($role->parent_id > 0)
{
// Set variable used in looping
$parent_id = $role->parent_id;
// Get all parent id
while (1)
{
$i_query = $this->ci->roles->get_role_by_id($parent_id);
// If role exist
if ($i_query->num_rows() > 0)
{
// Get row
$i_role = $i_query->row();
// Check if role doesn't have parent
if ($i_role->parent_id == 0)
{
$permission[$i_role->role_id] = $this->ci->permissions->get_permission_data($i_role->role_id);
// Stop looping
break;
}
else
{
// Change parent id for next looping
$parent_id = $i_role->parent_id;
$permission[$i_role->role_id] = $this->ci->permissions->get_permission_data($i_role->role_id);
}
}
else
{
// Stop looping
///maybe we will set the role with no parent
break;
}
}
}
}
/* End of Get role_name, parent_roles_id and parent_roles_name */
// Set return value
$data['role_name'] = $role_name;
$data['parent_roles_id'] = $parent_roles_id;
$data['parent_roles_name'] = $parent_roles_name;
$data['permission'] = array_merge($data,$this->_combine_m1r_permissions($permission, $module));
$data['parent_permissions'] = $parent_permissions;
return $data;
}
// Get user role id
function get_roles_id()
{
return $this->ci->session->userdata('role_id');
}
// Get user role name
function get_roles_name()
{
return $this->ci->session->userdata('role_name');
}#194 / Dec 17, 2008 4:20pm
here I’ll finish. Damn, I have to get online with my own site. I’m posting to much code :(
//combine the permissions from the role with ones from the parents
function _combine_m1r_permissions($data, $module)
{
$c = count($data);
//if the role doesn't have parents
$permission = array();
if($c == 1)
{
$temp = array_pop($data);
$permission[$module] = $temp[$module];
return $permission;
}
//if the role doesn't have permissions (or doesn't exists?)
elseif($c == 0)
{
$permission[$module] = array();
return $permission;
}
//sort the array by the key (role_id)
ksort($data);
$permission = array();
$i = 0;
//take first the top parent role
//get the child role, add the missing permissions and overwrite the existing ones
foreach($data as $perm)
{
if($i == 0)
{
$permission[$module] = $perm[$module];
}
else
{
$permission[$module] = array_merge($permission[$module], $perm[$module]);
}
}
return $permission;
}
function _set_session($data)
{
//check if we use single or multiple roles
$role = $this->ci->config->item('DX_module_role');
$module = $this->ci->config->item('DX_module_name');
// Get role data
switch($role)
{
case 'multiple':
//we have to take roles from a different table first
$this->ci->load->model('dx_auth/roles', 'roles');
$query = $this->ci->roles->get_roles($data->id);
$role_ids = array();
foreach($query->result() as $row)
{
$role_ids[] = $row->role_id;
}
if($perm = $this->ci->session->userdata('permission'))
$role_data = $this->_get_role_data_mnr($role_ids, $module, $perm);
else
$role_data = $this->_get_role_data_mnr($role_ids);
break;
case 'single':
if($perm = $this->ci->session->userdata('permission'))
$role_data = $this->_get_role_data_m1r($data->role_id, $module, $perm);
else
$role_data = $this->_get_role_data_m1r($data->role_id);
break;
default:
$role_data = $this->_get_role_data($data->role_id);
break;
}
// Set session data array
$user = array(
'user_id' => $data->id,
'role_id' => $data->role_id,
'role_name' => $role_data['role_name'],
'parent_roles_id' => $role_data['parent_roles_id'], // Array of parent role_id
'parent_roles_name' => $role_data['parent_roles_name'], // Array of parent role_name
'permission' => $role_data['permission'],
'parent_permissions'=> $role_data['parent_permissions'],
'username' => $data->username,
'logged_in' => TRUE
);
$this->ci->session->set_userdata($user);
}
function check_uri_permissions_module()
{
// First check if user already logged in or not
if ($this->is_logged_in())
{
// If user is not admin
if ( ! $this->is_admin())
{
$role = $this->ci->config->item('DX_module_role');
$module = $this->ci->config->item('DX_module_name');
// Get variable from current URI
$controller = '/'.$this->ci->uri->rsegment(1).'/';
if ($this->ci->uri->rsegment(2) != '')
{
$action = $controller.$this->ci->uri->rsegment(2).'/';
}
else
{
$action = $controller.'index/';
}
// Get URI permissions from role and all parents
// Note: URI permissions is saved in 'uri' key
$roles_allowed_uris = $this->get_permissions_value('m1r');
if(!isset($roles_allowed_uris[$module]))
{
$this->ci->load->model('dx_auth/users', 'users');
$data = $this->ci->users->get_user_by_id($this->ci->session->userdata('user_id'))->row();
$this->_set_session($data);
$roles_allowed_uris = $this->get_permissions_value('m1r');
}
// Variable to determine if URI found
$found = FALSE;
// Loop each roles URI permissions
$path[] = $action;
$path[] = $controller;
$path[] = '/';
foreach($path as $p)
{
if(isset($roles_allowed_uris[$module][$p]) && $roles_allowed_uris[$module][$p] !=0)
return $roles_allowed_uris[$module][$p];
}
// User didn't have previlege to access current URI, so we show user 403 forbidden access
$this->deny_access();
}
}
else
{
// User haven't logged in, so just redirect user to login page
$this->deny_access('login');
}
}
}#195 / Dec 18, 2008 9:30am
i installed DX in my desktop (windows based) PC and everything is working fine, i have xampp installed as well for PHP, mySql and Apache services
after some tests with the application i try to build, i uploaded it on the web but it is not working, very possibly due to PHP version (i made some tests without loading DX_auth library)
does anybody know which is the minimum necessary version in order to run DX_auth, or if there is anything i can do to run in in PHP Version 4.3.9 ?