http://wiki.geeklog.net/index.php?title=Using_ACLsG2&feed=atom&action=history
Using ACLsG2 - Revision history
2024-03-29T07:44:56Z
Revision history for this page on the wiki
MediaWiki 1.27.5
http://wiki.geeklog.net/index.php?title=Using_ACLsG2&diff=3071&oldid=prev
Vinny: /* Checking for Permissions against ACLs */
2005-06-09T18:35:58Z
<p><span dir="auto"><span class="autocomment">Checking for Permissions against ACLs</span></span></p>
<table class="diff diff-contentalign-left" data-mw="interface">
<col class='diff-marker' />
<col class='diff-content' />
<col class='diff-marker' />
<col class='diff-content' />
<tr style='vertical-align: top;' lang='en'>
<td colspan='2' style="background-color: white; color:black; text-align: center;">← Older revision</td>
<td colspan='2' style="background-color: white; color:black; text-align: center;">Revision as of 18:35, 9 June 2005</td>
</tr><tr><td colspan="2" class="diff-lineno" id="mw-diff-left-l27" >Line 27:</td>
<td colspan="2" class="diff-lineno">Line 27:</td></tr>
<tr><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div>=== Checking for Permissions against ACLs ===</div></td><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div>=== Checking for Permissions against ACLs ===</div></td></tr>
<tr><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"></td><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"></td></tr>
<tr><td class='diff-marker'>−</td><td style="color:black; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #ffe49c; vertical-align: top; white-space: pre-wrap;"><div>To check if a user has a certain level of access to the current item, use the <del class="diffchange diffchange-inline">user </del>class method <tt>hasAccess()</tt>.  For instance, to check to see if the user <tt>$user</tt> has READ access to <tt>$item</tt>, do the following:</div></td><td class='diff-marker'>+</td><td style="color:black; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #a3d3ff; vertical-align: top; white-space: pre-wrap;"><div>To check if a user has a certain level of access to the current item, use the <ins class="diffchange diffchange-inline">Gl2User </ins>class method <tt>hasAccess()</tt>.  For instance, to check to see if the user <tt>$user</tt> has READ access to <tt>$item</tt>, do the following:</div></td></tr>
<tr><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"></td><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"></td></tr>
<tr><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div>  if ($user->hasAccess($item, READ)) {</div></td><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div>  if ($user->hasAccess($item, READ)) {</div></td></tr>
<tr><td colspan="2" class="diff-lineno" id="mw-diff-left-l45" >Line 45:</td>
<td colspan="2" class="diff-lineno">Line 45:</td></tr>
<tr><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div>To get an integer representing all the access rights that the user <tt>$user</tt> has on item <tt>$item</tt>, do the following:</div></td><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div>To get an integer representing all the access rights that the user <tt>$user</tt> has on item <tt>$item</tt>, do the following:</div></td></tr>
<tr><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"></td><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"></td></tr>
<tr><td class='diff-marker'>−</td><td style="color:black; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #ffe49c; vertical-align: top; white-space: pre-wrap;"><div>  // $rights will be a bit field <del class="diffchange diffchange-inline">containt </del>access rights of $user on $item</div></td><td class='diff-marker'>+</td><td style="color:black; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #a3d3ff; vertical-align: top; white-space: pre-wrap;"><div>  // $rights will be a bit field <ins class="diffchange diffchange-inline">containing the </ins>access rights of $user on $item</div></td></tr>
<tr><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div>  $rights = $user->getAccess($item);</div></td><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div>  $rights = $user->getAccess($item);</div></td></tr>
<tr><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"></td><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"></td></tr>
</table>
Vinny
http://wiki.geeklog.net/index.php?title=Using_ACLsG2&diff=2055&oldid=prev
Vinny: /* Checking for Permissions against ACLs */
2005-06-09T18:34:31Z
<p><span dir="auto"><span class="autocomment">Checking for Permissions against ACLs</span></span></p>
<table class="diff diff-contentalign-left" data-mw="interface">
<col class='diff-marker' />
<col class='diff-content' />
<col class='diff-marker' />
<col class='diff-content' />
<tr style='vertical-align: top;' lang='en'>
<td colspan='2' style="background-color: white; color:black; text-align: center;">← Older revision</td>
<td colspan='2' style="background-color: white; color:black; text-align: center;">Revision as of 18:34, 9 June 2005</td>
</tr><tr><td colspan="2" class="diff-lineno" id="mw-diff-left-l27" >Line 27:</td>
<td colspan="2" class="diff-lineno">Line 27:</td></tr>
<tr><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div>=== Checking for Permissions against ACLs ===</div></td><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div>=== Checking for Permissions against ACLs ===</div></td></tr>
<tr><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"></td><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"></td></tr>
<tr><td class='diff-marker'>−</td><td style="color:black; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #ffe49c; vertical-align: top; white-space: pre-wrap;"><div>To check if <del class="diffchange diffchange-inline">the current </del>user has a certain level of access to the current item, use the <del class="diffchange diffchange-inline">item </del>class method <tt>hasAccess()</tt>.  For instance, to check to see if the <del class="diffchange diffchange-inline">current </del>user has READ access to <tt>$item</tt>, do the following:</div></td><td class='diff-marker'>+</td><td style="color:black; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #a3d3ff; vertical-align: top; white-space: pre-wrap;"><div>To check if <ins class="diffchange diffchange-inline">a </ins>user has a certain level of access to the current item, use the <ins class="diffchange diffchange-inline">user </ins>class method <tt>hasAccess()</tt>.  For instance, to check to see if the user <ins class="diffchange diffchange-inline"><tt>$user</tt> </ins>has READ access to <tt>$item</tt>, do the following:</div></td></tr>
<tr><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"></td><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"></td></tr>
<tr><td class='diff-marker'>−</td><td style="color:black; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #ffe49c; vertical-align: top; white-space: pre-wrap;"><div>  if ($<del class="diffchange diffchange-inline">item</del>->hasAccess(READ)) {</div></td><td class='diff-marker'>+</td><td style="color:black; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #a3d3ff; vertical-align: top; white-space: pre-wrap;"><div>  if ($<ins class="diffchange diffchange-inline">user</ins>->hasAccess(<ins class="diffchange diffchange-inline">$item, </ins>READ)) {</div></td></tr>
<tr><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div>     // has read access</div></td><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div>     // has read access</div></td></tr>
<tr><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div>  } else {</div></td><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div>  } else {</div></td></tr>
<tr><td colspan="2" class="diff-lineno" id="mw-diff-left-l35" >Line 35:</td>
<td colspan="2" class="diff-lineno">Line 35:</td></tr>
<tr><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div>  }</div></td><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div>  }</div></td></tr>
<tr><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"></td><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"></td></tr>
<tr><td class='diff-marker'>−</td><td style="color:black; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #ffe49c; vertical-align: top; white-space: pre-wrap;"><div>You can also <del class="diffchange diffchange-inline">use the <tt>hasAccess()</tt> method </del>to <del class="diffchange diffchange-inline">check </del>if a <del class="diffchange diffchange-inline">specific user has a certain level of access.  For example, to check if the user <tt>$</del>user<del class="diffchange diffchange-inline"></tt> </del>has <del class="diffchange diffchange-inline">EDIT </del>access to <del class="diffchange diffchange-inline"><tt>$</del>item<del class="diffchange diffchange-inline"></tt>, do the following</del>:</div></td><td class='diff-marker'>+</td><td style="color:black; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #a3d3ff; vertical-align: top; white-space: pre-wrap;"><div>You can also <ins class="diffchange diffchange-inline">check </ins>to <ins class="diffchange diffchange-inline">see </ins>if a user has <ins class="diffchange diffchange-inline">several different </ins>access <ins class="diffchange diffchange-inline">levels </ins>to <ins class="diffchange diffchange-inline">an </ins>item:</div></td></tr>
<tr><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"></td><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"></td></tr>
<tr><td class='diff-marker'>−</td><td style="color:black; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #ffe49c; vertical-align: top; white-space: pre-wrap;"><div>  if ($<del class="diffchange diffchange-inline">item</del>->hasAccess(EDIT<del class="diffchange diffchange-inline">, $user</del>)) {</div></td><td class='diff-marker'>+</td><td style="color:black; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #a3d3ff; vertical-align: top; white-space: pre-wrap;"><div>  if ($<ins class="diffchange diffchange-inline">user</ins>->hasAccess(<ins class="diffchange diffchange-inline">$item, READ|</ins>EDIT)) {</div></td></tr>
<tr><td class='diff-marker'>−</td><td style="color:black; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #ffe49c; vertical-align: top; white-space: pre-wrap;"><div>     // has edit access</div></td><td class='diff-marker'>+</td><td style="color:black; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #a3d3ff; vertical-align: top; white-space: pre-wrap;"><div>     // has <ins class="diffchange diffchange-inline">read and </ins>edit access</div></td></tr>
<tr><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div>  } else {</div></td><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div>  } else {</div></td></tr>
<tr><td class='diff-marker'>−</td><td style="color:black; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #ffe49c; vertical-align: top; white-space: pre-wrap;"><div>     // does not have edit access</div></td><td class='diff-marker'>+</td><td style="color:black; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #a3d3ff; vertical-align: top; white-space: pre-wrap;"><div>     // does not have <ins class="diffchange diffchange-inline">read and </ins>edit access</div></td></tr>
<tr><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div>  }</div></td><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div>  }</div></td></tr>
<tr><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"></td><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"></td></tr>
<tr><td class='diff-marker'>−</td><td style="color:black; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #ffe49c; vertical-align: top; white-space: pre-wrap;"><div><del class="diffchange diffchange-inline">You can also check </del>that <del class="diffchange diffchange-inline">a </del>user has <del class="diffchange diffchange-inline">several different access levels to an </del>item:</div></td><td class='diff-marker'>+</td><td style="color:black; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #a3d3ff; vertical-align: top; white-space: pre-wrap;"><div><ins class="diffchange diffchange-inline">To get an integer representing all the access rights </ins>that <ins class="diffchange diffchange-inline">the user <tt>$</ins>user<ins class="diffchange diffchange-inline"></tt> </ins>has <ins class="diffchange diffchange-inline">on item <tt>$</ins>item<ins class="diffchange diffchange-inline"></tt>, do the following</ins>:</div></td></tr>
<tr><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"></td><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"></td></tr>
<tr><td class='diff-marker'>−</td><td style="color:black; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #ffe49c; vertical-align: top; white-space: pre-wrap;"><div>  <del class="diffchange diffchange-inline">if (</del>$item-><del class="diffchange diffchange-inline">hasAccess</del>(<del class="diffchange diffchange-inline">READ|EDIT, </del>$<del class="diffchange diffchange-inline">user</del>)<del class="diffchange diffchange-inline">) {</del></div></td><td class='diff-marker'>+</td><td style="color:black; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #a3d3ff; vertical-align: top; white-space: pre-wrap;"><div>  <ins class="diffchange diffchange-inline">// $rights will be a bit field containt access rights of $user on </ins>$item</div></td></tr>
<tr><td class='diff-marker'>−</td><td style="color:black; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #ffe49c; vertical-align: top; white-space: pre-wrap;"><div><del class="diffchange diffchange-inline">    // has read and edit access</del></div></td><td class='diff-marker'>+</td><td style="color:black; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #a3d3ff; vertical-align: top; white-space: pre-wrap;"><div><ins class="diffchange diffchange-inline"> $rights = $user</ins>-><ins class="diffchange diffchange-inline">getAccess</ins>($<ins class="diffchange diffchange-inline">item</ins>)<ins class="diffchange diffchange-inline">;</ins></div></td></tr>
<tr><td class='diff-marker'>−</td><td style="color:black; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #ffe49c; vertical-align: top; white-space: pre-wrap;"><div><del class="diffchange diffchange-inline"> } else {</del></div></td><td colspan="2"> </td></tr>
<tr><td class='diff-marker'>−</td><td style="color:black; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #ffe49c; vertical-align: top; white-space: pre-wrap;"><div><del class="diffchange diffchange-inline">    // does not have read and edit access</del></div></td><td colspan="2"> </td></tr>
<tr><td class='diff-marker'>−</td><td style="color:black; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #ffe49c; vertical-align: top; white-space: pre-wrap;"><div><del class="diffchange diffchange-inline"> }</del></div></td><td colspan="2"> </td></tr>
<tr><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"></td><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"></td></tr>
<tr><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div>=== Adding Permissions to an Item ===</div></td><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div>=== Adding Permissions to an Item ===</div></td></tr>
</table>
Vinny
http://wiki.geeklog.net/index.php?title=Using_ACLsG2&diff=2054&oldid=prev
Vinny: How to use ACLs in Geeklog 2.x
2005-06-09T02:58:25Z
<p>How to use ACLs in Geeklog 2.x</p>
<p><b>New page</b></p><div>== About ACLs ==<br />
<br />
In the context of Geeklog 2.x, [http://en.wikipedia.org/wiki/Access_control_list Access control lists (ACLs)] are a security concept used to enforce access restrictions on items (articles, links, etc.). The ACLs are maintained as a database table linking users and groups to different levels of access.<br />
<br />
It is important that the the set of (user/group, item) is unique. That is, for each item's ACL a user or group can only appear once.<br />
<br />
== Geeklog 2.x Access Levels ==<br />
<br />
The full set of user access levels are listed below:<br />
<br />
* LIST - Access to have the item appear as part of a list of items, but not to view the item's content.<br />
* READ - Access to view the content of the item<br />
* EDIT - Access to edit the content of an item<br />
* MODATTR - Access to modify attributes of the item (such as expiration)<br />
* DELETE - Access to delete the item<br />
* LOCK - Access to enable/disable the item `is this needed?`<br />
* ADMIN - Access to set the ACL for the item<br />
<br />
Common combinations of these access rights are:<br />
<br />
* Viewer: LIST & READ<br />
* Editor: Viewer & EDIT & MODIFY_ATTRIBUTES & DELETE<br />
* Administrator: Editor & LOCK & ADMIN<br />
<br />
== Using ACLs ==<br />
<br />
=== Checking for Permissions against ACLs ===<br />
<br />
To check if the current user has a certain level of access to the current item, use the item class method <tt>hasAccess()</tt>. For instance, to check to see if the current user has READ access to <tt>$item</tt>, do the following:<br />
<br />
if ($item->hasAccess(READ)) {<br />
// has read access<br />
} else {<br />
// does not have read access<br />
}<br />
<br />
You can also use the <tt>hasAccess()</tt> method to check if a specific user has a certain level of access. For example, to check if the user <tt>$user</tt> has EDIT access to <tt>$item</tt>, do the following:<br />
<br />
if ($item->hasAccess(EDIT, $user)) {<br />
// has edit access<br />
} else {<br />
// does not have edit access<br />
}<br />
<br />
You can also check that a user has several different access levels to an item:<br />
<br />
if ($item->hasAccess(READ|EDIT, $user)) {<br />
// has read and edit access<br />
} else {<br />
// does not have read and edit access<br />
}<br />
<br />
=== Adding Permissions to an Item ===<br />
<br />
The basic idea in adding an access control set to an item is:<br />
<br />
# Create a Gl2ItemAcl object.<br />
# Set the User or Group that should have the access.<br />
# Set the Access level the the User or Group should have.<br />
# Set which Item the Gl2ItemAcl should be associated with.<br />
# Save the Gl2ItemAcl object.<br />
<br />
In code (assuming adding READ access for user <tt>$user</tt> to item <tt>$item</tt>):<br />
<br />
$acl = new Gl2ItemAcl;<br />
$acl->setGl2User($user);<br />
$acl->setRights(READ);<br />
$acl->setGl2Item($item);<br />
$acl->save(); // Don't forget to save!!!<br />
<br />
=== Removing Permissions from an Item ===<br />
<br />
The basic idea to removing an access control set from an item is:<br />
<br />
# Determine what acl set you want to remove.<br />
# Delete based on that criteria.<br />
<br />
In code (assuming removing access for user <tt>$user</tt> from item <tt>$item</tt>):<br />
<br />
$crit = new Criteria;<br />
$crit->add(Gl2ItemAclPeer::ITEM_ID, $item->getItemId);<br />
$crit->add(Gl2ItemAclPeer::USER_ID, $user->getUserId);<br />
Gl2ItemAclPeer::doDelete($crit);<br />
<br />
=== Modifying Permissions of an Item ===<br />
<br />
The basic idea for modifying an existing access control set of an item is:<br />
<br />
# Determine what acl set you want to modify.<br />
# Get a Gl2ItemAcl object based on that criteria.<br />
# Set the new access level you want.<br />
# Save the object.<br />
<br />
In code, to set the access level of user <tt>$user</t> on item <tt>$item</tt> to READ:<br />
<br />
$crit = new Criteria;<br />
$crit->add(Gl2ItemAclPeer::ITEM_ID, $item->getItemId);<br />
$crit->add(Gl2ItemAclPeer::USER_ID, $user->getUserId);<br />
$acl = Gl2ItemAclPeer::doSelectOne($crit);<br />
$acl->setRights(READ);<br />
$acl->save();<br />
<br />
In code, to add READ access (and leave other existing rights as they are) for user <tt>$user</t> on item <tt>$item</tt>:<br />
<br />
$crit = new Criteria;<br />
$crit->add(Gl2ItemAclPeer::ITEM_ID, $item->getItemId);<br />
$crit->add(Gl2ItemAclPeer::USER_ID, $user->getUserId);<br />
$acl = Gl2ItemAclPeer::doSelectOne($crit);<br />
$acl->setRights($acl->getRights() | READ);<br />
$acl->save();<br />
<br />
In code, to remove READ (and leave other existing rights as they are) access for user <tt>$user</t> on item <tt>$item</tt>:<br />
<br />
$crit = new Criteria;<br />
$crit->add(Gl2ItemAclPeer::ITEM_ID, $item->getItemId);<br />
$crit->add(Gl2ItemAclPeer::USER_ID, $user->getUserId);<br />
$acl = Gl2ItemAclPeer::doSelectOne($crit);<br />
$acl->setRights($acl->getRights() & (~READ));<br />
$acl->save();<br />
<br />
=== Selecting Multiple Items Based on Permissions ===<br />
<br />
In order to select multiple items based on the avaialbe permission you must join the item table to the ACL table. You then want to select all the unique items that have the specified access level for the current user or the groups that user belongs to.</div>
Vinny