Thread: [psa-users] Feature Request?
Brought to you by:
koivi
From: Peter H. <pe...@pe...> - 2003-06-28 21:49:34
|
My homegrown system on an internal site isn't that good, but one thing it does (which doesn't seem quite as easy in phpsecurityadm) is a simple test of: Does the current user have X profile? This allows me to show sections of pages, depending on the profile of the user. E.g. if(current_user->profile == 99) show_module1(); else show_module2(); Actually, since I have a numerical security scale, it tends to be more: if(current_user->securityclearance > 9) show_module1(); else show_module2(); Is there an easy way to do this with phpsecurityadmin that I am just missing? |
From: Albert L. <al...@pl...> - 2003-07-01 15:21:27
|
Hi Peter, Thanks for your question and apologies for taking so long to respond. Been incredibly busy over here. Yes, of course that is terribly simple. The $_SESSION variables in PSA are very strong and flexible. You can access the user's profile with: $_SESSION["psag"] // PSA User Group The user's id with: $_SESSION["psau"] // PSA User Etc. Simply do what you've described with these vars: If($_SESSION["psag"]>"9") { // show them this... } else { // do this } Does that answer your question? Albert On 6/28/03 5:49 PM, "Peter Hiltz" <pe...@pe...> wrote: > My homegrown system on an internal site isn't that good, but one thing it does > (which doesn't seem quite as easy in phpsecurityadm) is a simple test of: > > Does the current user have X profile? > > This allows me to show sections of pages, depending on the profile of the > user. E.g. > > if(current_user->profile == 99) show_module1(); > else show_module2(); > > Actually, since I have a numerical security scale, it tends to be more: > > if(current_user->securityclearance > 9) show_module1(); > else show_module2(); > > Is there an easy way to do this with phpsecurityadmin that I am just missing? > > > > > ------------------------------------------------------- > This SF.Net email sponsored by: Free pre-built ASP.NET sites including > Data Reports, E-commerce, Portals, and Forums are available now. > Download today and enter to win an XBOX or Visual Studio .NET. > http://aspnet.click-url.com/go/psa00100006ave/direct;at.asp_061203_01/01 > _______________________________________________ > phpsecurityadm-users mailing list > php...@li... > https://lists.sourceforge.net/lists/listinfo/phpsecurityadm-users > |
From: Peter H. <pe...@pe...> - 2003-07-03 18:07:51
|
Hi Albert, I guess I'm missing something. Dumping array $_SESSION show only two string variables: PSA_psaun and PSA_remote. I don't find psau or psag in the source files. Obviously I can use PSA_psaun and do a lookup in the database for further permissions, but you indicate that it should be much easier. Peter On Tuesday 01 July 2003 05:21 pm, Albert Lash wrote: > Hi Peter, > > Thanks for your question and apologies for taking so long to respond. Been > incredibly busy over here. Yes, of course that is terribly simple. > > The $_SESSION variables in PSA are very strong and flexible. You can access > the user's profile with: > $_SESSION["psag"] // PSA User Group > The user's id with: > $_SESSION["psau"] // PSA User > > Etc. > > Simply do what you've described with these vars: > > If($_SESSION["psag"]>"9") { > // show them this... > } else { > // do this > } > > Does that answer your question? > > Albert > > On 6/28/03 5:49 PM, "Peter Hiltz" <pe...@pe...> wrote: > > My homegrown system on an internal site isn't that good, but one thing it > > does (which doesn't seem quite as easy in phpsecurityadm) is a simple > > test of: > > > > Does the current user have X profile? > > > > This allows me to show sections of pages, depending on the profile of the > > user. E.g. > > > > if(current_user->profile == 99) show_module1(); > > else show_module2(); > > > > Actually, since I have a numerical security scale, it tends to be more: > > > > if(current_user->securityclearance > 9) show_module1(); > > else show_module2(); > > > > Is there an easy way to do this with phpsecurityadmin that I am just > > missing? > > > > > > > > > > ------------------------------------------------------- > > This SF.Net email sponsored by: Free pre-built ASP.NET sites including > > Data Reports, E-commerce, Portals, and Forums are available now. > > Download today and enter to win an XBOX or Visual Studio .NET. > > http://aspnet.click-url.com/go/psa00100006ave/direct;at.asp_061203_01/01 > > _______________________________________________ > > phpsecurityadm-users mailing list > > php...@li... > > https://lists.sourceforge.net/lists/listinfo/phpsecurityadm-users |
From: Justin K. <ju...@ko...> - 2003-07-03 20:07:58
|
Peter Hiltz wrote: > My homegrown system on an internal site isn't that good, but one thing it does > (which doesn't seem quite as easy in phpsecurityadm) is a simple test of: > > Does the current user have X profile? > > This allows me to show sections of pages, depending on the profile of the > user. E.g. > > if(current_user->profile == 99) show_module1(); > else show_module2(); > > Actually, since I have a numerical security scale, it tends to be more: > > if(current_user->securityclearance > 9) show_module1(); > else show_module2(); > > Is there an easy way to do this with phpsecurityadmin that I am just missing? One way to do this is to put each section of a page in a separate php script using the _restrict.php file in it. Then you can assign each script a security profile. If you don't want to see a message about not having rights, you can suppress the output using either the ob_* functions or the $PSA_DISPLAY_OUTPUT flag in the PSA config file. What Albert was thinking of (with psaug) was in an older version... To do this now, you need to go through and do the following: $users=$sec_sys->getUsers(); $groups_for_user=explode(',',$users[$_SESSION['psaun']]['groups']); This will give you an array of all the groups (or profiles) that the user belongs to. In your case, you'd likely want something like: function isGroupMember($user,$group,$sec_sys){ $users=$sec_sys->getUsers(); $groups=explode(',',$users[$user]['groups']); foreach($groups as $grp){ if($grp==$group) return TRUE; } return FALSE; } Then, in your script, you could call it like: if(isGroupMember($_SESSION['psaun'],$group_number,$PSA_object)){ // display it }else{ // don't display it } For that matter, that should be added to the class... (when I (or someone else) gets around to it.) Hope this helps! |
From: Albert L. <al...@pl...> - 2003-07-03 22:07:30
|
On Thursday, July 3, 2003, at 04:07 PM, Justin Koivisto wrote: > Peter Hiltz wrote: >> My homegrown system on an internal site isn't that good, but one >> thing it does (which doesn't seem quite as easy in phpsecurityadm) is >> a simple test of: Does the current user have X profile? >> This allows me to show sections of pages, depending on the profile of >> the user. E.g. if(current_user->profile == 99) show_module1(); >> else show_module2(); >> Actually, since I have a numerical security scale, it tends to be >> more: >> if(current_user->securityclearance > 9) show_module1(); >> else show_module2(); >> Is there an easy way to do this with phpsecurityadmin that I am just >> missing? > > One way to do this is to put each section of a page in a separate php > script using the _restrict.php file in it. Then you can assign each > script a security profile. If you don't want to see a message about > not having rights, you can suppress the output using either the ob_* > functions or the $PSA_DISPLAY_OUTPUT flag in the PSA config file. > > What Albert was thinking of (with psaug) was in an older version... To > do this now, you need to go through and do the following: > > $users=$sec_sys->getUsers(); > $groups_for_user=explode(',',$users[$_SESSION['psaun']]['groups']); > > This will give you an array of all the groups (or profiles) that the > user belongs to. In your case, you'd likely want something like: > > function isGroupMember($user,$group,$sec_sys){ > $users=$sec_sys->getUsers(); > $groups=explode(',',$users[$user]['groups']); > foreach($groups as $grp){ > if($grp==$group) return TRUE; > } > return FALSE; > } > > Then, in your script, you could call it like: > > if(isGroupMember($_SESSION['psaun'],$group_number,$PSA_object)){ > // display it > }else{ > // don't display it > } > > For that matter, that should be added to the class... (when I (or > someone else) gets around to it.) > > Hope this helps! > Ay yes, this is due to the fact that users can be in multiple groups now and psag will now be an array. Yes - it should also be put into the class so it can be accessed immediately. That is a simple enough addition, I'll try to fix it this weekend. |