phpBB

Development Wiki

Difference between revisions of "Tutorial.Permissions"

From phpBB Development Wiki

(Adding a permission: Changed the method to 0-edits-and-SQL-queries method)
Line 20: Line 20:
  
 
== Adding a permission ==
 
== Adding a permission ==
Adding new permissions to Olympus is simple. Example how to add a permission to control who can access foo.php:
+
Adding new permissions to Olympus is simple. Example how to add a permission to control who can access and manage foo:
*Insert a new row into [[Tables/phpbb_acl_options|phpbb_acl_options]]:
+
*Create a file named permissions_foo.php in language/xx/mods
<highlightSyntax language="sqlnew">INSERT INTO phpbb_acl_options (auth_option, is_global, is_local, founder_only) VALUES ('u_foo', 1, 0, 0)</highlightSyntax>
+
*Open language/xx/acp/permissions_phpbb.php and add the language vars:
+
<php>'acl_u_foo' => array('lang' => 'Can view foo.php', 'cat' => 'misc'),</php>
+
*Clear the cache folder by hand or use this code in a installer script:
+
<php>$cache->destroy('acl_options');</php>
+
The permission should be ready to assign to users/groups in the acp. To check whether the logged in user has the nescessary permission to view foo.php, use this code in that file:
+
 
<php>
 
<php>
if (!$auth->acl_get('u_foo'))
+
<?php
{
+
    trigger_error('NOT_AUTHORIZED');
+
}
+
</php>
+
 
+
 
+
Hint: You're able to create your own permission set in a separate file. Simply create a new file named permissions_xxx.php in language/xx/mods. It will automaticly included, don't worry about how.
+
 
+
This is a sample file:
+
<php>
+
<?php  
+
 
+
 
/**
 
/**
 
* DO NOT CHANGE
 
* DO NOT CHANGE
 
*/
 
*/
 
if (empty($lang) || !is_array($lang))
 
if (empty($lang) || !is_array($lang))
{  
+
{
 
$lang = array();
 
$lang = array();
 
}
 
}
Line 63: Line 45:
  
 
// Adding new category
 
// Adding new category
$lang['permission_cat']['mods'] = '.MODS';
+
$lang['permission_cat']['foo'] = 'Foo management';
  
 
// Adding the permissions
 
// Adding the permissions
 
$lang = array_merge($lang, array(
 
$lang = array_merge($lang, array(
'acl_u_foo' => array('lang' => 'Can view foo.php', 'cat' => 'mods'),
+
'acl_u_view_foo'   => array('lang' => 'Can view foo', 'cat' => 'foo'),
 +
'acl_u_manage_foo'    => array('lang' => 'Can manage foo', 'cat' => 'foo'),
 
));
 
));
 +
?>
 +
</php>
 +
*Run this code in the installer:
 +
<php>
 +
<?php
 +
// Setup $auth_admin class so we can add permission options
 +
include($phpbb_root_path . '/includes/acp/auth.' . $phpEx);
 +
$auth_admin = new auth_admin();
  
 +
// Add permissions
 +
$auth_admin->acl_add_option(array(
 +
'local'      => array(),
 +
'global'  => array('u_view_foo', 'u_manage_foo')
 +
));
 
?>
 
?>
 
</php>
 
</php>
 +
The permission should be ready to assign to users/groups in the acp. To check whether the logged in user has the nescessary permission to view foo, use this code:
 +
<php>
 +
if (!$auth->acl_get('u_view_foo'))
 +
{
 +
    trigger_error('NOT_AUTHORIZED');
 +
}
 +
</php>
 +
 
[[Category:Concepts]]
 
[[Category:Concepts]]
 
[[Category:Tutorials]]
 
[[Category:Tutorials]]
 
[[Category:API]]
 
[[Category:API]]

Revision as of 22:13, 22 February 2007

Checking permissions

To check if user can for example view other users profiles, use this code:

if (!$auth->acl_get('u_viewprofile'))
{
     
trigger_error('NOT_AUTHORIZED');
}

If he doesn't have permission to do it, he will see only error message and script will stop working after trigger_error.

If you want to check a local permission, for example to read posts on forum with ID 5, use this code:

if (!$auth->acl_get('f_read'5))
{
     
trigger_error('NOT_AUTHORIZED');
}

Full list of existing permissions is in your database, in phpbb_acl_options table.

Adding a permission

Adding new permissions to Olympus is simple. Example how to add a permission to control who can access and manage foo:

  • Create a file named permissions_foo.php in language/xx/mods
<?php
/**
* DO NOT CHANGE
*/
if (empty($lang) || !is_array($lang))
{
    
$lang = array();
}

// DEVELOPERS PLEASE NOTE
//
// All language files should use UTF-8 as their encoding and the files must not contain a BOM.
//
// Placeholders can now contain order information, e.g. instead of
// 'Page %s of %s' you can (and should) write 'Page %1$s of %2$s', this allows
// translators to re-order the output of data while ensuring it remains correct
//
// You do not need this where single placeholders are used, e.g. 'Message %d' is fine
// equally where a string contains only two placeholders which are used to wrap text
// in a url you again do not need to specify an order e.g., 'Click %sHERE%s' is fine

// Adding new category
$lang['permission_cat']['foo'] = 'Foo management';

// Adding the permissions
$lang array_merge($lang, array(
    
'acl_u_view_foo'    => array('lang' => 'Can view foo''cat' => 'foo'),
    
'acl_u_manage_foo'    => array('lang' => 'Can manage foo''cat' => 'foo'),
));
?>
  • Run this code in the installer:
<?php
// Setup $auth_admin class so we can add permission options
include($phpbb_root_path '/includes/acp/auth.' $phpEx);
$auth_admin = new auth_admin();

// Add permissions
$auth_admin->acl_add_option(array(
    
'local'      => array(),
    
'global'   => array('u_view_foo''u_manage_foo')
));
?>

The permission should be ready to assign to users/groups in the acp. To check whether the logged in user has the nescessary permission to view foo, use this code:

if (!$auth->acl_get('u_view_foo'))
{
     
trigger_error('NOT_AUTHORIZED');
}