为我的 PHP 应用程序实施 ACL
我的房地产 PHP 应用程序有以下用户组:
管理员、 版主 代理
我想向以下用户指定以下权限。
管理员 - >
- 可以创建版主、
- 可以创建代理、
- 可以插入属性、
- 可以更新属性、
- 可以删除属性
因此管理员将拥有所有权限,简而言之,这里的管理员将是
我要分配的 超级管理员主持人的权限有限,代理人的权限也有限。
我对如何为此创建数据库以及如何在我的 PHP 应用程序中实现它感到困惑。
谢谢
My RealEstate PHP Application have following user groups,
Admins,
Moderators
Agents
i want to specify following permission to the following users.
Admins - >
- Can Create Moderators,
- Can Create Agents,
- Can Insert Properties,
- Can Update Properties,
- Can Delete Properties
Hence an Admin will have all the privileges in short an Admin here will be superAdmin
I want to assign limited privileges to the moderator and hence to the agents.
i am confused on how to Create a Database for this and also on how to implement it in my PHP Application.
thank you
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(2)
听起来您将需要一个基于角色的访问控制系统。开发一个不是
这确实是一项微不足道的任务,所以正如已经建议的那样,找到一个框架或现成的类
这项工作将是一个值得的开始。
基于角色的访问控制
http://www.tonymarston.net/php-mysql/role-based-access-control.html
http://www.sqlrecipes.com/database_design/fine_grained_role_based_access_control_rbac_system-3/
http://www.sitepoint.com/forums/showthread.php?threadid=162027
您应该创建一个必须定义所有类型角色的表。
一张用户表
通过链接两个表将不同的角色与不同的用户相关联。
还有这样的事情……
It sounds like you are going to need a role-based access control system. Developing one is not
really a trivial task, so as already suggested, finding a framework or ready-made class that does
the job would be a worth while start.
Role Based Access Control
http://www.tonymarston.net/php-mysql/role-based-access-control.html
http://www.sqlrecipes.com/database_design/fine_grained_role_based_access_control_rbac_system-3/
http://www.sitepoint.com/forums/showthread.php?threadid=162027
You should create a table wher you have to define all type of role.
and one table for users
relate different roles to different user Via linking two tables.
and some thing like this ......
我过去执行此操作的方法是在数据库中创建一个具有访问级别(管理员、主持人和代理)的用户表。
然后,如果您有菜单系统,请执行检查以查看哪些链接需要哪些权限...管理员将看到所有链接,版主将仅看到他/她应该看到的链接,代理将仅看到他们应该看到的链接查看。
此外,在您可能想要限制用户的页面上,您需要检查用户的访问级别。如果通过,他们将看到该页面,如果没有,他们将被重定向或需要弹出 JavaScript 错误。
像访问级别这样的东西可能会对您有好处,将其存储在 cookie 中,因为您可以减少对数据库的调用。
希望这有帮助,
麦克风
The way that I have done this in the past was to create a users table in the database that had an access level (Admin, Moderator, and agents).
Then if you have a menu system, implement a check to see what privileges are needed for what links... Admins will see all links, Moderator will only see links he/she is supposed to, and agents will only see what they are supposed to see.
Also on the pages that you may want to restrict users you will want to check for the users access level. If they pass, they will see the page, if not, they will be redirected or a javascript error will need to pop up.
Something like the access level may do you some good to store it in a cookie as you can cut down your calls to your database.
Hope this helps,
Mike