phpBB

Development Wiki

Tutorial.Permissions

From phpBB Development Wiki

Revision as of 22:13, 22 February 2007 by Lew21 (Talk | contribs)

Checking permissions

To check if user can for example view other users profiles, use this code:

if (!$auth->acl_get('u_viewprofile'))
{
     
trigger_error('NOT_AUTHORIZED');
}

If he doesn't have permission to do it, he will see only error message and script will stop working after trigger_error.

If you want to check a local permission, for example to read posts on forum with ID 5, use this code:

if (!$auth->acl_get('f_read'5))
{
     
trigger_error('NOT_AUTHORIZED');
}

Full list of existing permissions is in your database, in phpbb_acl_options table.

Adding a permission

Adding new permissions to Olympus is simple. Example how to add a permission to control who can access and manage foo:

  • Create a file named permissions_foo.php in language/xx/mods
<?php
/**
* DO NOT CHANGE
*/
if (empty($lang) || !is_array($lang))
{
    
$lang = array();
}

// DEVELOPERS PLEASE NOTE
//
// All language files should use UTF-8 as their encoding and the files must not contain a BOM.
//
// Placeholders can now contain order information, e.g. instead of
// 'Page %s of %s' you can (and should) write 'Page %1$s of %2$s', this allows
// translators to re-order the output of data while ensuring it remains correct
//
// You do not need this where single placeholders are used, e.g. 'Message %d' is fine
// equally where a string contains only two placeholders which are used to wrap text
// in a url you again do not need to specify an order e.g., 'Click %sHERE%s' is fine

// Adding new category
$lang['permission_cat']['foo'] = 'Foo management';

// Adding the permissions
$lang array_merge($lang, array(
    
'acl_u_view_foo'    => array('lang' => 'Can view foo''cat' => 'foo'),
    
'acl_u_manage_foo'    => array('lang' => 'Can manage foo''cat' => 'foo'),
));
?>
  • Run this code in the installer:
<?php
// Setup $auth_admin class so we can add permission options
include($phpbb_root_path '/includes/acp/auth.' $phpEx);
$auth_admin = new auth_admin();

// Add permissions
$auth_admin->acl_add_option(array(
    
'local'      => array(),
    
'global'   => array('u_view_foo''u_manage_foo')
));
?>

The permission should be ready to assign to users/groups in the acp. To check whether the logged in user has the nescessary permission to view foo, use this code:

if (!$auth->acl_get('u_view_foo'))
{
     
trigger_error('NOT_AUTHORIZED');
}