language agnostic - Access control lists -

-

I've been on roll-base access control lists for an upcoming project and I'm having some problems That's how it will work for me.

I have seen that in the examples, they always talk about allowing and denying the specific functions of a controller / model. For example: group "visitor" can read post, "member", read and edit , and "admin" Create, read, update, delete near .

These things seem a bit global for me. In my own situation (adjusting for this example) , there will be a large number of groups, each of which only Edit which can post a certain category (or some other criteria).

The only way I can think of it working for me is to create a new AOC for each category: 

  posts_cat: 1 < / Code>

and then give them all access individually (which may be the royal piston for administrators who should reach everyone)

How does the ACL pattern like this Do situations cover? What are the better ways?

I will eventually implement it using Cake in PHP, so examples using PHP are welcome, but this is not required!

An option is such a rule:

< P> Allow ('your_role', 'edit_post', 'format'); ('Your_role', 'edit_post', 'category1');

Or you can create an attribute-based access control (which is based on a role). He is allowing roles to perform an action based on an object (in a detailed understanding).


Comments

Post a Comment

Popular posts from this blog

MySql variables and php -

-
I am getting an error with php in order to format mysql_query () in php to format this string What is the right way? SELECT SELECT SELECT (*) Agents @AgentCount; User_Agent_English, User_Angent_Oursal, US.___Gent_Aginal, COUNT (User_Agent_Percade) ACC, COUNT (*) / (AgentCount) Percentage by agents user_agent_preser order DEC limit limit 50; In PHP, how am i setting $ query $ query = "SELECT count (*) agents @ agentcount; SELECT user_agent_parsed, User_agent_original , COUNT (user_agent_parsed) ascount, COUNT (*) / (@AgentCount) as a percentage by user_agent_parced by URI date DESC limit 50 "; This exact query will work properly if I put it in MySQL directly through a command line session. Do I need to release two separate php calls from mysql_query () and store the results first? I get the following error: There is an error in your SQL syntax; Instead of using a sub-selection and instead of using the 'SELECT user_agent_parsed, user_agent_original, ne...
Read more

php - Laravel - Overriding a resource route into a different route filter group -

-
Does Laravel's routing work as expected? What I think, if I want to override a route, then I just have to give the expected route before each other. I have something like this: root :: group (array ('first' = & gt; 'defaultLoads' =); function () {root :: post 'Newsletter', 'newsletter controller @ store'); root: group (array ('(newsletter', 'newsletter controller');}}); That if I post this route, only http://domain.com/newsletter should run only the default loads route filter. However, when I call php Runs artisan routes , I get this: | | POST newsletter | newsletter.store | newslettercontroller@ store | default loads | login | | though it reads the route correctly (PHP artisan loads which The correct path is to the right place) but the file of the resource path even if it is not in the filter group, the path is affected. Then my question: How does it work Laravel? If so, do I post this -> Newsle...
Read more

url rewriting - How to implement the returnurl like SO in PHP? -

-
This URL should work even after the rewrite. Is this possible? Otherwise, I can only hardcoded everything If you are trying to create a login system with redirection You need to use the HTTP_REFERER header to find out where the user came from so that you can send it back there. The best way to do this is to use something like this in your login form: // - Login php & Lt; Input type = "password" name = "password" /> & Lt; Input type = "hidden" name = "returnrelale" value = "& lt ;? php echo $ redirectURL ;? & gt;" / & Gt; & Lt; / Form & gt; Please note that some ISP, browser or proxy will delete the referrer header, so you can not rely on each user to work fully. If you use a statement, to check whether the header exists or not, you can send those users back to the homepage or whatever. Edit If you are looking to use $ _SERVER ['REQUEST_URI'], if you are running Apache It sho...
Read more