[Phplib-users] handle perm in auth
Brought to you by:
nhruby,
richardarcher
Menu
▾
▴
[Phplib-users] handle perm in auth
|
From: Giancarlo <gia...@na...> - 2002-10-09 23:46:13
|
you know, the perm stuff was added later to phplib. And there are in fatc two
ways of working with phplib: auth check is dome at the obj start, perm has to
be checked in the page eventually. auth is start-checked, perm has to be
post-checked.
So imagine the possibility of handling perm->has_the_moon within your
extended auth class methods... It is an alternative anyway, something that
with the new design becomes possible.
I propose you these two pieces, one of the actual page.inc (snapshot), and
the other of tomorrow's. There is infact no difference in the flow, just a
lot of development doors open, eg by extending the lifetime concept from an
unique general value, to something related to the permissions.
Ofcourse, we could also add a new $perm->check_expire functionality, and
place it everywhere needed, but...the auth[exp] is broken logic also, because
it doesn't tell us the expire that was calculated on, and this new snapshot
coming out is ready for this new fubctionality.
With this I think the circle is really closed, and I am surprised myself how
many things went right and how this all in fact changes nothing in the usual
usage.
Maybe an interesting discussion.
Will work on this, thanks all
Gian
<snip>
I attach you a page inc that perfectly works with the latest snapshot.
The revolution is that the perm object can be started before the auth object
is started, even though after it has been instantiated.
This is perfectly functional, an allows further, optional, development and
usage
I attach a commented version of a part of it. I'd wait for this, although it
has no practical differences but just opens doors.
I hope I am not getting a crab with this..
----------old (snapshot) page.inc--------------------------------
# the auth feature depends on sess
if (isset($feature["auth"])) {
global $auth;
if (!is_object($auth)) {
$auth = new $feature["auth"];
}
$auth->start();
####################################################
## start does not rely on the perm obj anyway
## start does not set any of his auth[perm] values, except,
## if not authed, start() will clear his auth[perm], splash and exit
## this is the only action of auth on its own auth[perm]
####################################################
# the perm feature depends on auth and sess
if (isset($feature["perm"])) {
global $perm;
if (!is_object($perm)) {
$perm = new $feature["perm"];
}
}
# the user feature depends on auth and sess
...
---------new page.inc------------------------------------------------
# the auth feature depends on sess
if (isset($feature["auth"])) {
global $auth;
if (is_object($auth))
$auth= $auth->check_feature($feature["auth"]);
else
$auth = new $feature["auth"];
#########################################
# the perm object is started if requested
#########################################
# the perm feature depends on auth and sess
if (isset($feature["perm"])) {
global $perm;
if (!is_object($perm)) {
$perm = new $feature["perm"];
}
}
####################################################
## start does not rely on the perm obj
## start does not set anyof his auth[perm] values, except,
## if not authed, start() will clear his auth[perm], splash and exit
## this is the only action of auth on its own auth[perm]
####################################################
## ***** BUT WE CAN CHECK STUFF FROM PERM,
## eg assign different auth->lifetime for different perms ******
## ***** in is_authenticated/check_expire
########################################################
if (!$auth->start() ) { ### user is not authenticated, nobody
if (!$auth->nobody) { ### page cannot be seen by unauthed users
page_showform(); ### splash the form
$sess->freeze(); ### save state
exit;
}
}
# the user feature depends on auth and sess
...
|
