Codeigniter - Permission Authentication

Asked

Viewed 596 times

0

Good afternoon, I wonder if there is a more practical solution to my problem.

Each user has a different permission, characterized by a permissa_id in the users table that is correlated with an id in the permission table.

Is there a more practical way to check user permission in various methods without having to work with IF/ELSE? For each unique method of each permission I need to keep setting these conditions so that other users cannot have access to the method.

Thank you!

1 answer

0

You can use the Hooks of codeigniter below is an example

function restrict() {

 //Instância do CodeIgniter
 $ci = & get_instance();
 //Método atual, pega da url
 $method = $ci->router->fetch_class().'/'.$ci->router->fetch_method();

 //Métodos protegidos, aqui você especifica as funções protegidas
    $protegidos = ['funcao/index','funcao/inserir','funcao/editar', 
    'funcao/atualizar','funcao/deletar','funcao/pesquisar','funcao/exports'];

 //Array gerado pelo seu algotitmo de "login" e gravado na SESSION
    $usuario_logado = $ci->session->userdata('usuario_logado');
    if (in_array($method, $protegidos)) {//Verificando se o método é protegido
        if ($usuario_logado['cargo']!='admin') {//Verificando nivel de permissao do usuario
            $ci->session->set_flashdata('alert', 'Voçe nao possui privilegios');
//Aqui vc tb pode criar um aviso pro usuário saber o motivo do comportamento da aplicação
    ?>

    <script>
      alert('você nao possui autorização');
    </script>

<?php
    $var = "<script>javascript:history.back(-2)</script>";
    echo $var;
    } 
}
}
?>

can create multiple Hooks in each of them protecting their functions and giving access as allowed by the user

  • That way it won’t work... ;-)

  • It’s not really the solution over measure, but it’s the beginning for him to research and adjust his need

  • No. It’s really wrong...

  • I’ll take a look at the link you sent me @Shutupmagda!

  • @Felipemirandadelima, thanks for your help too!!

  • You can adapt in that hook I sent to the link to rotate the permissions (the hook only takes care of authentication). It’s relatively easy. If you can, post the answer here, ok? ;-)

Show 1 more comment

Browser other questions tagged

You are not signed in. Login or sign up in order to post.