1

I am simply looking for methods of blocking my users who don't have rights from viewing particular pages. I tried putting together a function inside of my backend controller inside the codeigniter core folder and have all my backend controllers extend it. I wanted to put the function inside of their to keep with the DRY principal of putting this function inside of every controller.

I'm looking for maybe a different way of writting the function or just different ideas of what I should do with the function.

public function view_allowed($user_data)
{
    if ($user_data->role_id != 4)
    {
        return false;
    }
    return true;
}

With this I would just call the function inside the contruct of the other controllers and do and if statement that if it returns false then direct to some other page that will say they don't have the right creditials to view that page.

Any questions, comments, concerns?

EDIT 2 :

I had to make an edit because I'm am pondering what this will do. Purpose of this what I want to do is run the function on each controllers construct that a regular user should not be able to view and only an admin can. So if I do the following how will it know to redirect to a different page if the user is not able to view that page.

<?php

if (!defined('BASEPATH'))
    exit('No direct script access allowed');

class Recent_activities extends Backend_Controller
{
    /**
     * Load the parent construct and any additional models, helper, libraries available. 
     * @return void 
     */
    public function __construct()
    {
        parent::__construct();
        $view_allowed = view_allowed($user_data);
    }

    public function index()
    {
        $this->breadcrumb->add_crumb('<li><a href="' . site_url() .
            'control-panel/activities/recent-activities">Activities</a></li>');
        $this->breadcrumb->add_crumb('Recent Activites');

        $activities = $this->user->get_all();

        $this->template
            ->title('Recent Activites')
            ->build('recent_activities_view');
    }
}
user2576961
  • 405
  • 1
  • 10
  • 26

3 Answers3

1

I would create a helper function for this:

if(!function_exists('view_allowed'))
{
    function view_allowed($user_data=null)
    {
        if($user_data->role_id != 4)
        {
            return false;
        }
        else
        {
            return true;
        }
    }
}

Here is a good post on how you would set up a helper function https://stackoverflow.com/a/804520/1893629

In your controller

$this->load->helper('new_helper');

//pass in $user_data
//will return true or false
$view_allowed = view_allowed($user_data);

Update for your Edit 2:

<?php

if (!defined('BASEPATH'))
    exit('No direct script access allowed');

class Recent_activities extends Backend_Controller
{
    /**
     * Load the parent construct and any additional models, helper, libraries available. 
     * @return void 
     */
    public function __construct()
    {
        parent::__construct();
        $view_allowed = view_allowed($user_data);

        if(!$view_allowed)
        {
            redirect('go/to/a/new/page');
        }
    }

    public function index()
    {
        $this->breadcrumb->add_crumb('<li><a href="' . site_url() .
            'control-panel/activities/recent-activities">Activities</a></li>');
        $this->breadcrumb->add_crumb('Recent Activites');

        $activities = $this->user->get_all();

        $this->template
            ->title('Recent Activites')
            ->build('recent_activities_view');
    }
}
Community
  • 1
  • 1
doitlikejustin
  • 6,293
  • 2
  • 40
  • 68
  • Great. Would I still call it in the controller construct method? – user2576961 Aug 12 '13 at 22:52
  • This is a great answer and I'm going to use it but just comparing it to how some of the auth libraries and what not use privileges seems different. – user2576961 Aug 12 '13 at 22:58
  • You can use an auth library such as [Ion Auth](http://benedmunds.com/ion_auth/) however in your case, since you are checking something so simple it might be easier to use the helper. – doitlikejustin Aug 12 '13 at 23:03
  • I edited my post and thank you again for all your assistance on this topic. I would also like to ask if with my needs for this project if you would suggest maybe me looking into a library of my own for this or just a regular helper sufficient. – user2576961 Aug 12 '13 at 23:10
  • Great. Is there anything additional I can do so that I don't have to do that code in so many different areas. – user2576961 Aug 12 '13 at 23:13
  • You could create a [`MY_Controller`](https://github.com/EllisLab/CodeIgniter/wiki/MY-Controller) which would be applied to every controller that extends it.... But I think you have already done that. So you could but this code in your `Backend_Controller` and it would do the same thing since you are extending `Backend_Controller` – doitlikejustin Aug 12 '13 at 23:15
1

I use a hook for a thing like this.

/* Location: ./application/config/hooks.php */    
$hook['post_controller_constructor'] = array(
                                    'class'    => 'security',
                                    'function' => 'checkLogin',
                                    'filename' => 'security.php',
                                    'filepath' => 'hooks/security'
                                 );

And then the security:

class Security{

    var $CI;
    var $class;

    public function __construct() {
        $this->CI =& get_instance();

        $this->class = $this->CI->router->fetch_class();

                //check permission
    }
}

It will call every time after a controller constructor its called, I think it's DRY.

Hope it helps someone.

Gonz
  • 1,198
  • 12
  • 26
0

if $user_data is your model you can create a function for the model like hasAccess and call it from your controller

sUP
  • 614
  • 3
  • 16