phpBB

Development Wiki

Difference between revisions of "Tutorial.Permissions"

From phpBB Development Wiki

m (<php>)
(Added "Checking permissions", edited "Adding a permission")
Line 1: Line 1:
==Adding a permission==
+
== Checking permissions ==
 +
To check if user can for example view other users profiles, use this code:
 +
<php>
 +
if (!$auth->acl_get('u_viewprofile'))
 +
{
 +
    trigger_error('NOT_AUTHORIZED');
 +
}
 +
</php>
 +
If he doesn't have permission to do it, he will see only error message and script will stop working after trigger_error.
 +
 
 +
If you want to check a local permission, for example to read posts on forum with ID 5, use this code:
 +
<php>
 +
if (!$auth->acl_get('f_read', 5))
 +
{
 +
    trigger_error('NOT_AUTHORIZED');
 +
}
 +
</php>
 +
 
 +
Full list of existing permissions is in your database, in [[Tables/phpbb_acl_options|phpbb_acl_options]] table.
 +
 
 +
== Adding a permission ==
 
Adding new permissions to Olympus is simple. Example how to add a permission to control who can access foo.php:
 
Adding new permissions to Olympus is simple. Example how to add a permission to control who can access foo.php:
* insert a new row into [[Tables/phpbb_acl_options|phpbb_acl_options]]
+
*Insert a new row into [[Tables/phpbb_acl_options|phpbb_acl_options]]:
<highlightSyntax language="sqlnew">INSERT INTO phpbb_acl_options (auth_option, is_global, is_local, founder_only) VALUES('u_foo', 1, 0, 0)</highlightSyntax>
+
<highlightSyntax language="sqlnew">INSERT INTO phpbb_acl_options (auth_option, is_global, is_local, founder_only) VALUES ('u_foo', 1, 0, 0)</highlightSyntax>
* open language/xx/acp/permissions_phpbb.php and add the language vars
+
*Open language/xx/acp/permissions_phpbb.php and add the language vars:
 
  <php>'acl_u_foo' => array('lang' => 'Can view foo.php', 'cat' => 'misc'),</php>
 
  <php>'acl_u_foo' => array('lang' => 'Can view foo.php', 'cat' => 'misc'),</php>
* clear the cache folder by hand or use this code in a installer script:
+
*Clear the cache folder by hand or use this code in a installer script:
 
  <php>$cache->destroy('acl_options');</php>
 
  <php>$cache->destroy('acl_options');</php>
* The permission should be ready to assign to users/groups in the acp
+
The permission should be ready to assign to users/groups in the acp. To check whether the logged in user has the nescessary permission to view foo.php, use this code in that file:
* To check whether the logged in user has the nescessary permission in foo.php:
+
 
<php>
 
<php>
 
if (!$auth->acl_get('u_foo'))
 
if (!$auth->acl_get('u_foo'))
Line 17: Line 36:
  
  
Hint: You're able to create your own permission set in a separate file.
+
Hint: You're able to create your own permission set in a separate file. Simply create a new file named permissions_xxx.php in language/xx/mods. It will automaticly included, don't worry about how.
* Create a new file in language/xx/mods
+
 
* Name it permissions_xxx.php
+
* It will automaticly included, don't worry about how.
+
 
This is a sample file:
 
This is a sample file:
 
<php>
 
<php>

Revision as of 12:31, 6 January 2007

Checking permissions

To check if user can for example view other users profiles, use this code:

if (!$auth->acl_get('u_viewprofile'))
{
     
trigger_error('NOT_AUTHORIZED');
}

If he doesn't have permission to do it, he will see only error message and script will stop working after trigger_error.

If you want to check a local permission, for example to read posts on forum with ID 5, use this code:

if (!$auth->acl_get('f_read'5))
{
     
trigger_error('NOT_AUTHORIZED');
}

Full list of existing permissions is in your database, in phpbb_acl_options table.

Adding a permission

Adding new permissions to Olympus is simple. Example how to add a permission to control who can access foo.php:

INSERT INTO phpbb_acl_options (auth_option, is_global, is_local, founder_only) VALUES ('u_foo', 1, 0, 0)
  • Open language/xx/acp/permissions_phpbb.php and add the language vars:
'acl_u_foo'        => array('lang' => 'Can view foo.php''cat' => 'misc'),
  • Clear the cache folder by hand or use this code in a installer script:
$cache->destroy('acl_options');

The permission should be ready to assign to users/groups in the acp. To check whether the logged in user has the nescessary permission to view foo.php, use this code in that file:

if (!$auth->acl_get('u_foo'))
{
     
trigger_error('NOT_AUTHORIZED');
}


Hint: You're able to create your own permission set in a separate file. Simply create a new file named permissions_xxx.php in language/xx/mods. It will automaticly included, don't worry about how.

This is a sample file:

<?php 

/**
* DO NOT CHANGE
*/
if (empty($lang) || !is_array($lang))

    
$lang = array();
}

// DEVELOPERS PLEASE NOTE
//
// All language files should use UTF-8 as their encoding and the files must not contain a BOM.
//
// Placeholders can now contain order information, e.g. instead of
// 'Page %s of %s' you can (and should) write 'Page %1$s of %2$s', this allows
// translators to re-order the output of data while ensuring it remains correct
//
// You do not need this where single placeholders are used, e.g. 'Message %d' is fine
// equally where a string contains only two placeholders which are used to wrap text
// in a url you again do not need to specify an order e.g., 'Click %sHERE%s' is fine

// Adding new category
$lang['permission_cat']['mods'] = '.MODS';

// Adding the permissions
$lang array_merge($lang, array(
    
'acl_u_foo'    => array('lang' => 'Can view foo.php''cat' => 'mods'),
));

?>