gacl/docs/examples/example.php

   1 <?php
   2 require_once(dirname(__FILE__).'/gacl.class.php');
   3 require_once(dirname(__FILE__).'/gacl_api.class.php');
   4 require_once(dirname(__FILE__).'/admin/gacl_admin.inc.php');
   5
   6 /*
   7  * Create an array containing your preferred settings, including how to connect to your database.
   8  */
   9 $gacl_options = array(
  10                                                                 'debug' => $gacl_options['debug'],
  11                                                                 'items_per_page' => 100,
  12                                                                 'max_select_box_items' => 100,
  13                                                                 'max_search_return_items' => 200,
  14                                                                 'db_type' => $gacl_options['db_type'],
  15                                                                 'db_host' => $gacl_options['db_host'],
  16                                                                 'db_user' => $gacl_options['db_user'],
  17                                                                 'db_password' => $gacl_options['db_password'],
  18                                                                 'db_name' => $gacl_options['db_name'],
  19                                                                 'db_table_prefix' => $gacl_options['db_table_prefix'],
  20                                                                 'caching' => FALSE,
  21                                                                 'force_cache_expire' => TRUE,
  22                                                                 'cache_dir' => '/tmp/phpgacl_cache',
  23                                                                 'cache_expire_time' => 600
  24                                                         );
  25
  26 /*
  27  * Let's get ready to RUMBLE!!!
  28  */
  29 $gacl_api = new gacl_api($gacl_options);
  30
  31
  32 /*
  33  * Keep in mind, all of this can be done through the Administration Interface via your browser.
  34  */
  35
  36
  37 /*
  38  * Create an Access Control Object (ACO) section.
  39  * Sections serve no other purpose than to categorize ACOs.
  40  *
  41  * add_object_section($name, $value=0, $order=0, $hidden=0, $object_type=NULL)
  42  */
  43
  44 $result = $gacl_api->add_object_section('System', 'system', 10, 0, 'ACO'); //Must specifiy Object Type.
  45
  46 if ($result !== FALSE) {
  47         echo "Created ACO section sucessfully. <br>\n";
  48 } else {
  49         echo "Error creating ACO section.<br>\n";
  50 }
  51 unset($result);
  52
  53 /*
  54  * Now that we have our ACO Section created, lets put a Access Control Object (ACO) in it.
  55  * You can think of ACO's as "Actions".
  56  *
  57  * add_object($section_value, $name, $value=0, $order=0, $hidden=0, $object_type=NULL)
  58  */
  59 $result = $gacl_api->add_object('system', 'Enable - Login', 'login', 10, 0, 'ACO'); //Must specifiy Object Type.
  60
  61 if ($result !== FALSE) {
  62         echo "Created ACO sucessfully. <br>\n";
  63 } else {
  64         echo "Error creating ACO.<br>\n";
  65 }
  66 unset($result);
  67
  68 /*
  69  * So we've created our ACO that will enable login access. Now we have create Access Request Objects (ARO)
  70  * that will eventually "request" access to login. This is an almost identical process.
  71  *
  72  * add_object_section($name, $value=0, $order=0, $hidden=0, $object_type=NULL)
  73  * add_object($section_value, $name, $value=0, $order=0, $hidden=0, $object_type=NULL)
  74  */
  75 $result = $gacl_api->add_object_section('Users', 'users', 10, 0, 'ARO'); //Must specifiy Object Type, notice it is ARO now.
  76 if ($result !== FALSE) {
  77         echo "Created ARO section sucessfully. <br>\n";
  78 } else {
  79         echo "Error creating ARO section.<br>\n";
  80 }
  81 unset($result);
  82
  83 //Notice the Object Type. In most cases you'll want to make the ARO value for users a unique User ID,
  84 //or user name of some sort.
  85 $result = $gacl_api->add_object('users', 'John Doe', 'john_doe', 10, 0, 'ARO');
  86
  87 if ($result !== FALSE) {
  88         echo "Created 'John Doe' ARO sucessfully. <br>\n";
  89 } else {
  90         echo "Error creating 'John Doe' ARO.<br>\n";
  91 }
  92 unset($result);
  93
  94 //Lets create two users, just for fun.
  95 $result = $gacl_api->add_object('users', 'Jane Doe', 'jane_doe', 11, 0, 'ARO');
  96
  97 if ($result !== FALSE) {
  98         echo "Created 'Jane Doe' ARO sucessfully. <br>\n";
  99 } else {
 100         echo "Error creating 'Jane Doe' ARO.<br>\n";
 101 }
 102 unset($result);
 103
 104
 105 /*
 106  * There, we now have the building blocks to start creating our ACL matrix from.
 107  * Lets give John Doe access to login.
 108  *
 109  * add_acl($aco_array, $aro_array, $aro_group_ids=NULL, $axo_array=NULL, $axo_group_ids=NULL, $allow=1, $enabled=1, $return_value=NULL, $note=NULL, $acl_id=FALSE )
 110  */
 111
 112 //Associative array, with Object Section Value => array( Object Value ) pairs.
 113 $aco_array = array('system' => array('login') );
 114 $aro_array = array('users' => array('john_doe', 'jane_doe') );
 115
 116 $allow = TRUE;
 117 $enabled = TRUE;
 118 $return_value = NULL;
 119 $note = "Allowing John and Jane Doe access to login!";
 120
 121 //The NULL values are for the more advanced options such as groups, and AXOs. Refer to the manual for more info.
 122 $result = $gacl_api->add_acl($aco_array, $aro_array, NULL, NULL, NULL, $allow, $enabled, $return_value, $note);
 123
 124 if ($result !== FALSE) {
 125         echo "Created our first ACL sucessfully. Click <a href=admin/acl_test.php>here</a> to see it in action!<br>\n";
 126 } else {
 127         echo "Error creating ACL.<br>\n";
 128 }
 129 unset($result);
 130
 131 echo "<br>\n<br>\n";
 132 echo "-- Lets test our work --<br>\n";
 133
 134 /*
 135  * Awesome, we've setup our ACL system just the way we want it. Now for the easy part,
 136  * the code to check ACLs.
 137  *
 138  * Keep in the mind the API class does not need to be included in scripts that just
 139  * check ACLs. This is for performance reasons of course.
 140  *
 141  * I'm including gacl.class.php again here just to give you the full picture of what you
 142  * need in each script to check ACLs.
 143  */
 144 require_once(dirname(__FILE__).'/gacl.class.php');
 145 $gacl = new gacl($gacl_options); //Use the same options as above.
 146
 147 if ( $gacl->acl_check('system','login','users','john_doe') ) {
 148         echo "John Doe has been granted access to login!<br>\n";
 149 } else {
 150         echo "John Doe has been denied access to login!<br>\n";
 151 }
 152
 153 if ( $gacl->acl_check('system','login','users','jane_doe') ) {
 154         echo "Jane Doe has been granted access to login!<br>\n";
 155 } else {
 156         echo "Jane Doe has been denied access to login!<br>\n";
 157 }
 158
 159
 160 echo "<br>\n<br>\nDone! Now how easy was that? <br>\n";
 161 echo "Remember to check out the <a href=admin/acl_list.php>Administration Interface</a> which can do all of the above in a few simple clicks.<br>\n<br>\n";
 162
 163 echo "<b>If you run this script more then once, you may get some errors, as duplicate object entries can not be created.</b><br>\n";
 164 ?>