phpBB

Development Wiki

Difference between revisions of "Tutorial.Permissions"

From phpBB Development Wiki

(Adding a permission: Changed the method to 0-edits-and-SQL-queries method)
(Adding a permission: merged the previous two revisions and restored sql version)
Line 21: Line 21:
 
== Adding a permission ==
 
== Adding a permission ==
 
Adding new permissions to Olympus is simple. Example how to add a permission to control who can access and manage foo:
 
Adding new permissions to Olympus is simple. Example how to add a permission to control who can access and manage foo:
*Create a file named permissions_foo.php in language/xx/mods
+
=== Using the API (recommended) ===
 +
*Run this code in the installer:
 +
<php>
 +
<?php
 +
// Setup $auth_admin class so we can add permission options
 +
include($phpbb_root_path . '/includes/acp/auth.' . $phpEx);
 +
$auth_admin = new auth_admin();
 +
 
 +
// Add permissions
 +
$auth_admin->acl_add_option(array(
 +
'local'      => array(),
 +
'global'  => array('u_view_foo', 'u_manage_foo')
 +
));
 +
?>
 +
</php>
 +
 
 +
=== Using SQL ===
 +
You can also directly insert new rows into the [[Tables/phpbb_acl_options|phpbb_acl_options table]]:
 +
<highlightSyntax language="sqlnew">INSERT INTO phpbb_acl_options (auth_option, is_global, is_local, founder_only) VALUES ('u_view_foo', 1, 0, 0);
 +
INSERT INTO phpbb_acl_options (auth_option, is_global, is_local, founder_only) VALUES ('u_manage_foo', 1, 0, 0);</highlightSyntax>
 +
Please note that you need to clear the cache by either deleting <code>cache/data_global.php</code> or executing <code>$cache->destroy('acl_options');</code> after this.
 +
 
 +
=== Language file ===
 +
In both cases it is highly recommended to add language variables for the permissions just added. To do this, simply create a file named permissions_foo.php in language/xx/mods. It will automaticly included, don't worry about how.
 
<php>
 
<php>
 
<?php
 
<?php
Line 54: Line 77:
 
?>
 
?>
 
</php>
 
</php>
*Run this code in the installer:
 
<php>
 
<?php
 
// Setup $auth_admin class so we can add permission options
 
include($phpbb_root_path . '/includes/acp/auth.' . $phpEx);
 
$auth_admin = new auth_admin();
 
  
// Add permissions
+
The permission should be ready to assign to users/groups in the acp now. To check whether the logged in user has the nescessary permission to view foo, use this code:
$auth_admin->acl_add_option(array(
+
'local'      => array(),
+
'global'  => array('u_view_foo', 'u_manage_foo')
+
));
+
?>
+
</php>
+
The permission should be ready to assign to users/groups in the acp. To check whether the logged in user has the nescessary permission to view foo, use this code:
+
 
<php>
 
<php>
 
if (!$auth->acl_get('u_view_foo'))
 
if (!$auth->acl_get('u_view_foo'))

Revision as of 01:08, 23 February 2007

Checking permissions

To check if user can for example view other users profiles, use this code:

if (!$auth->acl_get('u_viewprofile'))
{
     
trigger_error('NOT_AUTHORIZED');
}

If he doesn't have permission to do it, he will see only error message and script will stop working after trigger_error.

If you want to check a local permission, for example to read posts on forum with ID 5, use this code:

if (!$auth->acl_get('f_read'5))
{
     
trigger_error('NOT_AUTHORIZED');
}

Full list of existing permissions is in your database, in phpbb_acl_options table.

Adding a permission

Adding new permissions to Olympus is simple. Example how to add a permission to control who can access and manage foo:

Using the API (recommended)

  • Run this code in the installer:
<?php
// Setup $auth_admin class so we can add permission options
include($phpbb_root_path '/includes/acp/auth.' $phpEx);
$auth_admin = new auth_admin();

// Add permissions
$auth_admin->acl_add_option(array(
    
'local'      => array(),
    
'global'   => array('u_view_foo''u_manage_foo')
));
?>

Using SQL

You can also directly insert new rows into the phpbb_acl_options table:

INSERT INTO phpbb_acl_options (auth_option, is_global, is_local, founder_only) VALUES ('u_view_foo', 1, 0, 0);
INSERT INTO phpbb_acl_options (auth_option, is_global, is_local, founder_only) VALUES ('u_manage_foo', 1, 0, 0);

Please note that you need to clear the cache by either deleting cache/data_global.php or executing $cache->destroy('acl_options'); after this.

Language file

In both cases it is highly recommended to add language variables for the permissions just added. To do this, simply create a file named permissions_foo.php in language/xx/mods. It will automaticly included, don't worry about how.

<?php
/**
* DO NOT CHANGE
*/
if (empty($lang) || !is_array($lang))
{
    
$lang = array();
}

// DEVELOPERS PLEASE NOTE
//
// All language files should use UTF-8 as their encoding and the files must not contain a BOM.
//
// Placeholders can now contain order information, e.g. instead of
// 'Page %s of %s' you can (and should) write 'Page %1$s of %2$s', this allows
// translators to re-order the output of data while ensuring it remains correct
//
// You do not need this where single placeholders are used, e.g. 'Message %d' is fine
// equally where a string contains only two placeholders which are used to wrap text
// in a url you again do not need to specify an order e.g., 'Click %sHERE%s' is fine

// Adding new category
$lang['permission_cat']['foo'] = 'Foo management';

// Adding the permissions
$lang array_merge($lang, array(
    
'acl_u_view_foo'    => array('lang' => 'Can view foo''cat' => 'foo'),
    
'acl_u_manage_foo'    => array('lang' => 'Can manage foo''cat' => 'foo'),
));
?>

The permission should be ready to assign to users/groups in the acp now. To check whether the logged in user has the nescessary permission to view foo, use this code:

if (!$auth->acl_get('u_view_foo'))
{
     
trigger_error('NOT_AUTHORIZED');
}