2 require_once(dirname(__FILE__
).'/gacl.class.php');
3 require_once(dirname(__FILE__
).'/gacl_api.class.php');
4 require_once(dirname(__FILE__
).'/admin/gacl_admin.inc.php');
7 * Create an array containing your preferred settings, including how to connect to your database.
10 'debug' => $gacl_options['debug'],
11 'items_per_page' => 100,
12 'max_select_box_items' => 100,
13 'max_search_return_items' => 200,
14 'db_type' => $gacl_options['db_type'],
15 'db_host' => $gacl_options['db_host'],
16 'db_user' => $gacl_options['db_user'],
17 'db_password' => $gacl_options['db_password'],
18 'db_name' => $gacl_options['db_name'],
19 'db_table_prefix' => $gacl_options['db_table_prefix'],
21 'force_cache_expire' => TRUE,
22 'cache_dir' => '/tmp/phpgacl_cache',
23 'cache_expire_time' => 600
27 * Let's get ready to RUMBLE!!!
29 $gacl_api = new gacl_api($gacl_options);
33 * Keep in mind, all of this can be done through the Administration Interface via your browser.
38 * Create an Access Control Object (ACO) section.
39 * Sections serve no other purpose than to categorize ACOs.
41 * add_object_section($name, $value=0, $order=0, $hidden=0, $object_type=NULL)
44 $result = $gacl_api->add_object_section('System', 'system', 10, 0, 'ACO'); //Must specifiy Object Type.
46 if ($result !== FALSE) {
47 echo "Created ACO section sucessfully. <br>\n";
49 echo "Error creating ACO section.<br>\n";
54 * Now that we have our ACO Section created, lets put a Access Control Object (ACO) in it.
55 * You can think of ACO's as "Actions".
57 * add_object($section_value, $name, $value=0, $order=0, $hidden=0, $object_type=NULL)
59 $result = $gacl_api->add_object('system', 'Enable - Login', 'login', 10, 0, 'ACO'); //Must specifiy Object Type.
61 if ($result !== FALSE) {
62 echo "Created ACO sucessfully. <br>\n";
64 echo "Error creating ACO.<br>\n";
69 * So we've created our ACO that will enable login access. Now we have create Access Request Objects (ARO)
70 * that will eventually "request" access to login. This is an almost identical process.
72 * add_object_section($name, $value=0, $order=0, $hidden=0, $object_type=NULL)
73 * add_object($section_value, $name, $value=0, $order=0, $hidden=0, $object_type=NULL)
75 $result = $gacl_api->add_object_section('Users', 'users', 10, 0, 'ARO'); //Must specifiy Object Type, notice it is ARO now.
76 if ($result !== FALSE) {
77 echo "Created ARO section sucessfully. <br>\n";
79 echo "Error creating ARO section.<br>\n";
83 //Notice the Object Type. In most cases you'll want to make the ARO value for users a unique User ID,
84 //or user name of some sort.
85 $result = $gacl_api->add_object('users', 'John Doe', 'john_doe', 10, 0, 'ARO');
87 if ($result !== FALSE) {
88 echo "Created 'John Doe' ARO sucessfully. <br>\n";
90 echo "Error creating 'John Doe' ARO.<br>\n";
94 //Lets create two users, just for fun.
95 $result = $gacl_api->add_object('users', 'Jane Doe', 'jane_doe', 11, 0, 'ARO');
97 if ($result !== FALSE) {
98 echo "Created 'Jane Doe' ARO sucessfully. <br>\n";
100 echo "Error creating 'Jane Doe' ARO.<br>\n";
106 * There, we now have the building blocks to start creating our ACL matrix from.
107 * Lets give John Doe access to login.
109 * add_acl($aco_array, $aro_array, $aro_group_ids=NULL, $axo_array=NULL, $axo_group_ids=NULL, $allow=1, $enabled=1, $return_value=NULL, $note=NULL, $acl_id=FALSE )
112 //Associative array, with Object Section Value => array( Object Value ) pairs.
113 $aco_array = array('system' => array('login') );
114 $aro_array = array('users' => array('john_doe', 'jane_doe') );
118 $return_value = NULL;
119 $note = "Allowing John and Jane Doe access to login!";
121 //The NULL values are for the more advanced options such as groups, and AXOs. Refer to the manual for more info.
122 $result = $gacl_api->add_acl($aco_array, $aro_array, NULL, NULL, NULL, $allow, $enabled, $return_value, $note);
124 if ($result !== FALSE) {
125 echo "Created our first ACL sucessfully. Click <a href=admin/acl_test.php>here</a> to see it in action!<br>\n";
127 echo "Error creating ACL.<br>\n";
132 echo "-- Lets test our work --<br>\n";
135 * Awesome, we've setup our ACL system just the way we want it. Now for the easy part,
136 * the code to check ACLs.
138 * Keep in the mind the API class does not need to be included in scripts that just
139 * check ACLs. This is for performance reasons of course.
141 * I'm including gacl.class.php again here just to give you the full picture of what you
142 * need in each script to check ACLs.
144 require_once(dirname(__FILE__
).'/gacl.class.php');
145 $gacl = new gacl($gacl_options); //Use the same options as above.
147 if ( $gacl->acl_check('system','login','users','john_doe') ) {
148 echo "John Doe has been granted access to login!<br>\n";
150 echo "John Doe has been denied access to login!<br>\n";
153 if ( $gacl->acl_check('system','login','users','jane_doe') ) {
154 echo "Jane Doe has been granted access to login!<br>\n";
156 echo "Jane Doe has been denied access to login!<br>\n";
160 echo "<br>\n<br>\nDone! Now how easy was that? <br>\n";
161 echo "Remember to check out the <a href=admin/acl_list.php>Administration Interface</a> which can do all of the above in a few simple clicks.<br>\n<br>\n";
163 echo "<b>If you run this script more then once, you may get some errors, as duplicate object entries can not be created.</b><br>\n";