Thread: [phpwslistings-dev] agent active flag
Brought to you by:
rizzo,
wendall911
Menu
▾
▴
phpwslistings-developers
|
From: Mike W. <wi...@ce...> - 2003-03-18 14:00:18
|
Don and Adam, Yesterday Don and I talked about automatically activating agents when users were added. Currently in phpwsListings the phpwsListings deity must activate a user and that activation flag allows them to use the system regardless of the permissions they are assigned through phpws. From my understanding that was to allow an assigned phpwsListings deity to activate agents without access to the user module built into phpws. I know in phpws that the "Administrator" check box will give a user access to whatever module. Adam this question is directed towards you, is it possible or could it be possible to create a User Group or User that is deity for a module? A group or user that could grant permission to any user in the database for one module only? For further clarification; I have ten users in the database including me as phpws deity. I want to give user "Joe" the ability to grant other users permission to use the phpwsListing modules and that module alone. Joe can not do anything else outside of phpwsListing module. Can this be done currently in phpws (I can't figure it out), or would changes need to be made to phpws? Currently Don has built this functionality into phpwsListing, but I think it would be easier for module developers if this could be done through phpws instead of having to code this themselves. Mike |
|
From: <ad...@tu...> - 2003-03-19 17:50:22
|
> I know in phpws that the "Administrator" check box will give a user access > to whatever module. Adam this question is directed towards you, is it > possible or could it be possible to create a User Group or User that is > deity for a module? A group or user that could grant permission to any > user in the database for one module only? No, this is not possible with the current state of the user module [not my fault :)]. If you give a user permission to edit the permissions of other users, they will be able to edit the permissions on all modules. I would suggest not using a phpws user as an agent and just associate an agent with a phpws user account. This way you can accomplish the permissioning goals you have set down and if the admin of the website wants to allow public users to have accounts on the site for various reasons (personal house listings, remembered settings, etc) you don't want them to have "agent status" in the phpwslistings system. I can say more here but I will refrain for now to hear your thoughts on what I've written so far. As far as the shopping cart goes, it should be a separate module from phpwslistings that is flexible enough to allow it to hold any type of object (house, car, shirt, soda, etc). Basically each "object" would need a few required attributes and functions to integrate with the cart correctly, a name or label, a weight (to calculate shipping), a "small view" function and a "full view" function, and a price. I'm probably missing a few things there obviously but you get the idea. Just my 2 cents Adam -- Adam Morton Developer - Electronic Student Services http://phpwebsite.appstate.edu Founder - Appalachian Linux Users Group http://alug.appstate.edu |
|
From: Mike W. <wi...@ce...> - 2003-03-20 14:02:06
|
Adam, > I would suggest not using a phpws user as an agent and just associate an > agent with a phpws user account. This way you can accomplish the > permissioning goals you have set down and if the admin of the website > wants to allow public users to have accounts on the site for various > reasons (personal house listings, remembered settings, etc) you don't want > them to have "agent status" in the phpwslistings system. I can say more > here but I will refrain for now to hear your thoughts on what I've written > so far. Sounds intersting. I think I understand your concept but would like you to elaborate some more if you would. Mike Windsor |
|
From: <ad...@tu...> - 2003-03-24 17:37:18
|
OK I may miss some things here because I'm not a real estate agent and I
don't know all the ins and outs of what needs to happen there. On the
other hand I've been looking at the system with more than real estate in
mind and so I'm trying to be as abstract as possible.
If a user is given base access to the phpwslistings module, they are
considered an "agent". A "broker" is designated with a single
sub-permisssion. If the broker permission is set for a user, they get
total access to the module almost like a deity (without access to all
other modules of course). Then you could add several other permissions
that are for refining an agents access to the system. These permissions
would be bypassed in the case of a broker.
module_rights.txt:
is_broker::User is a Broker
add_listing::Add Listings
delete_listing::Remove Listing
view_sold::View Sold Listings
This method would work for most situations but then you get into the mess
of handling multiple "dynamic" classes and controling agent and broker
permissions within each class. To best handle a situation like that you
would need limited user of the phpws user module and would need to
implement your own layer of permissions into the phpwslistings module
itself.
If a user is given base access to the phpwslistings module, they are
considered an agent with no permissions (yet). Then with a single
sub-permission you could designate a user as a broker.
module_rights.txt:
is_broker::User is a Broker
Then, within phpwslistings, a broker can view and edit the permissions of
agents and assign them to classes if they wish. It should be possible to
use the setUserVar and getUserVar functions to make this easier on the
developer. For storage of those permissions I would suggest using masking
of bits for speed and limited memory usage. I actually suggested that for
the phpws user module but Matt didn't know what I meant :)
For each agent they would have a userVar called something like
phpwslistings_perms. This would simply be an integer number that
represents the permissions of that particular agent. Lets say we have 3
permissions, add listing, delete listing, and view sold listings. If we
represent each of these in binary they would look something like this:
001 = add listing
010 = delete listing
100 = view sold listings
011 = add and delete listings
111 = full access to the system - broker only functions
Then you could define masks like:
PHPWSLISTINGS_ADD_MASK = 001;
PHPWSLISTINGS_DELETE_MASK = 010;
PHPWSLISTINGS_SOLD_MASK = 100;
"AND" those with the users stored variable and you will get a boolean
TRUE/FALSE as to whether or not the agent has access to that permission:
$add_check = $_SESSION["OBJ_user"]->getUserVar("phpwslistings_perms") &
PHPWSLISTINGS_ADD_MASK;
if($add_check) {
...do add...
} else {
...doesnt have permission...
}
That probably a lot to take in. Let me know if anything was unclear as I
tend to ramble on :)
Adam
> Adam,
>
>> I would suggest not using a phpws user as an agent and just associate an
>> agent with a phpws user account. This way you can accomplish the
>> permissioning goals you have set down and if the admin of the website
>> wants to allow public users to have accounts on the site for various
>> reasons (personal house listings, remembered settings, etc) you don't
>> want
>> them to have "agent status" in the phpwslistings system. I can say more
>> here but I will refrain for now to hear your thoughts on what I've
>> written
>> so far.
>
> Sounds intersting. I think I understand your concept but would like you
> to
> elaborate some more if you would.
>
>
> Mike Windsor
>
>
>
>
> -------------------------------------------------------
> This SF.net email is sponsored by: Tablet PC.
> Does your code think in ink? You could win a Tablet PC.
> Get a free Tablet PC hat just for playing. What are you waiting for?
> http://ads.sourceforge.net/cgi-bin/redirect.pl?micr5043en
> _______________________________________________
> phpwslistings-developers mailing list
> php...@li...
> https://lists.sourceforge.net/lists/listinfo/phpwslistings-developers
>
--
Adam Morton
Developer - Electronic Student Services
http://phpwebsite.appstate.edu
Founder - Appalachian Linux Users Group
http://alug.appstate.edu
|
|
From: Don S. <do...@se...> - 2003-03-24 18:12:05
|
Masking makes my jeans creamy.
How would you assign class-specific permissions?
I have been meaning to consolidate some of the module_rights.
Don.
On Mon, 24 Mar 2003 ad...@tu... wrote:
> OK I may miss some things here because I'm not a real estate agent and I
> don't know all the ins and outs of what needs to happen there. On the
> other hand I've been looking at the system with more than real estate in
> mind and so I'm trying to be as abstract as possible.
>
> If a user is given base access to the phpwslistings module, they are
> considered an "agent". A "broker" is designated with a single
> sub-permisssion. If the broker permission is set for a user, they get
> total access to the module almost like a deity (without access to all
> other modules of course). Then you could add several other permissions
> that are for refining an agents access to the system. These permissions
> would be bypassed in the case of a broker.
>
> module_rights.txt:
>
> is_broker::User is a Broker
> add_listing::Add Listings
> delete_listing::Remove Listing
> view_sold::View Sold Listings
>
> This method would work for most situations but then you get into the mess
> of handling multiple "dynamic" classes and controling agent and broker
> permissions within each class. To best handle a situation like that you
> would need limited user of the phpws user module and would need to
> implement your own layer of permissions into the phpwslistings module
> itself.
>
> If a user is given base access to the phpwslistings module, they are
> considered an agent with no permissions (yet). Then with a single
> sub-permission you could designate a user as a broker.
>
> module_rights.txt:
>
> is_broker::User is a Broker
>
> Then, within phpwslistings, a broker can view and edit the permissions of
> agents and assign them to classes if they wish. It should be possible to
> use the setUserVar and getUserVar functions to make this easier on the
> developer. For storage of those permissions I would suggest using masking
> of bits for speed and limited memory usage. I actually suggested that for
> the phpws user module but Matt didn't know what I meant :)
>
> For each agent they would have a userVar called something like
> phpwslistings_perms. This would simply be an integer number that
> represents the permissions of that particular agent. Lets say we have 3
> permissions, add listing, delete listing, and view sold listings. If we
> represent each of these in binary they would look something like this:
>
> 001 = add listing
> 010 = delete listing
> 100 = view sold listings
> 011 = add and delete listings
> 111 = full access to the system - broker only functions
>
> Then you could define masks like:
>
> PHPWSLISTINGS_ADD_MASK = 001;
> PHPWSLISTINGS_DELETE_MASK = 010;
> PHPWSLISTINGS_SOLD_MASK = 100;
>
> "AND" those with the users stored variable and you will get a boolean
> TRUE/FALSE as to whether or not the agent has access to that permission:
>
> $add_check = $_SESSION["OBJ_user"]->getUserVar("phpwslistings_perms") &
> PHPWSLISTINGS_ADD_MASK;
>
> if($add_check) {
> ...do add...
> } else {
> ...doesnt have permission...
> }
>
> That probably a lot to take in. Let me know if anything was unclear as I
> tend to ramble on :)
>
> Adam
>
> > Adam,
> >
> >> I would suggest not using a phpws user as an agent and just associate an
> >> agent with a phpws user account. This way you can accomplish the
> >> permissioning goals you have set down and if the admin of the website
> >> wants to allow public users to have accounts on the site for various
> >> reasons (personal house listings, remembered settings, etc) you don't
> >> want
> >> them to have "agent status" in the phpwslistings system. I can say more
> >> here but I will refrain for now to hear your thoughts on what I've
> >> written
> >> so far.
> >
> > Sounds intersting. I think I understand your concept but would like you
> > to
> > elaborate some more if you would.
> >
> >
> > Mike Windsor
> >
> >
> >
> >
> > -------------------------------------------------------
> > This SF.net email is sponsored by: Tablet PC.
> > Does your code think in ink? You could win a Tablet PC.
> > Get a free Tablet PC hat just for playing. What are you waiting for?
> > http://ads.sourceforge.net/cgi-bin/redirect.pl?micr5043en
> > _______________________________________________
> > phpwslistings-developers mailing list
> > php...@li...
> > https://lists.sourceforge.net/lists/listinfo/phpwslistings-developers
> >
>
>
>
|
|
From: <ad...@tu...> - 2003-03-24 19:46:00
|
I might have to think about it a bit more but I would probably try using
the variable name in setUserVar to designate and check class permissions.
Ex:
$_SESSION["OBJ_users"]->setUserVar("PHPWS_LISTINGS_" . $class_name, 3);
The PHPWS_LISTINGS_ is to make sure your variable is unique among all the
user variables and the $class_name is the name of the class whos
permissions you are setting up. You would check the variable the same way
and if nothing exists at PHPWS_LISTINGS_ . $class_name then the user does
not have access to that class.
Adam
> Masking makes my jeans creamy.
>
> How would you assign class-specific permissions?
>
> I have been meaning to consolidate some of the module_rights.
>
> Don.
>
> On Mon, 24 Mar 2003 ad...@tu... wrote:
>
>> OK I may miss some things here because I'm not a real estate agent and I
>> don't know all the ins and outs of what needs to happen there. On the
>> other hand I've been looking at the system with more than real estate in
>> mind and so I'm trying to be as abstract as possible.
>>
>> If a user is given base access to the phpwslistings module, they are
>> considered an "agent". A "broker" is designated with a single
>> sub-permisssion. If the broker permission is set for a user, they get
>> total access to the module almost like a deity (without access to all
>> other modules of course). Then you could add several other permissions
>> that are for refining an agents access to the system. These permissions
>> would be bypassed in the case of a broker.
>>
>> module_rights.txt:
>>
>> is_broker::User is a Broker
>> add_listing::Add Listings
>> delete_listing::Remove Listing
>> view_sold::View Sold Listings
>>
>> This method would work for most situations but then you get into the
>> mess
>> of handling multiple "dynamic" classes and controling agent and broker
>> permissions within each class. To best handle a situation like that you
>> would need limited user of the phpws user module and would need to
>> implement your own layer of permissions into the phpwslistings module
>> itself.
>>
>> If a user is given base access to the phpwslistings module, they are
>> considered an agent with no permissions (yet). Then with a single
>> sub-permission you could designate a user as a broker.
>>
>> module_rights.txt:
>>
>> is_broker::User is a Broker
>>
>> Then, within phpwslistings, a broker can view and edit the permissions
>> of
>> agents and assign them to classes if they wish. It should be possible
>> to
>> use the setUserVar and getUserVar functions to make this easier on the
>> developer. For storage of those permissions I would suggest using
>> masking
>> of bits for speed and limited memory usage. I actually suggested that
>> for
>> the phpws user module but Matt didn't know what I meant :)
>>
>> For each agent they would have a userVar called something like
>> phpwslistings_perms. This would simply be an integer number that
>> represents the permissions of that particular agent. Lets say we have 3
>> permissions, add listing, delete listing, and view sold listings. If we
>> represent each of these in binary they would look something like this:
>>
>> 001 = add listing
>> 010 = delete listing
>> 100 = view sold listings
>> 011 = add and delete listings
>> 111 = full access to the system - broker only functions
>>
>> Then you could define masks like:
>>
>> PHPWSLISTINGS_ADD_MASK = 001;
>> PHPWSLISTINGS_DELETE_MASK = 010;
>> PHPWSLISTINGS_SOLD_MASK = 100;
>>
>> "AND" those with the users stored variable and you will get a boolean
>> TRUE/FALSE as to whether or not the agent has access to that permission:
>>
>> $add_check = $_SESSION["OBJ_user"]->getUserVar("phpwslistings_perms") &
>> PHPWSLISTINGS_ADD_MASK;
>>
>> if($add_check) {
>> ...do add...
>> } else {
>> ...doesnt have permission...
>> }
>>
>> That probably a lot to take in. Let me know if anything was unclear as
>> I
>> tend to ramble on :)
>>
>> Adam
>>
>> > Adam,
>> >
>> >> I would suggest not using a phpws user as an agent and just associate
>> an
>> >> agent with a phpws user account. This way you can accomplish the
>> >> permissioning goals you have set down and if the admin of the website
>> >> wants to allow public users to have accounts on the site for various
>> >> reasons (personal house listings, remembered settings, etc) you don't
>> >> want
>> >> them to have "agent status" in the phpwslistings system. I can say
>> more
>> >> here but I will refrain for now to hear your thoughts on what I've
>> >> written
>> >> so far.
>> >
>> > Sounds intersting. I think I understand your concept but would like
>> you
>> > to
>> > elaborate some more if you would.
>> >
>> >
>> > Mike Windsor
>> >
>> >
>> >
>> >
>> > -------------------------------------------------------
>> > This SF.net email is sponsored by: Tablet PC.
>> > Does your code think in ink? You could win a Tablet PC.
>> > Get a free Tablet PC hat just for playing. What are you waiting for?
>> > http://ads.sourceforge.net/cgi-bin/redirect.pl?micr5043en
>> > _______________________________________________
>> > phpwslistings-developers mailing list
>> > php...@li...
>> > https://lists.sourceforge.net/lists/listinfo/phpwslistings-developers
>> >
>>
>>
>>
>
>
> -------------------------------------------------------
> This sf.net email is sponsored by:ThinkGeek
> Welcome to geek heaven.
> http://thinkgeek.com/sf
> _______________________________________________
> phpwslistings-developers mailing list
> php...@li...
> https://lists.sourceforge.net/lists/listinfo/phpwslistings-developers
>
--
Adam Morton
Developer - Electronic Student Services
http://phpwebsite.appstate.edu
Founder - Appalachian Linux Users Group
http://alug.appstate.edu
|
×
Want the latest updates on software, tech news, and AI?
Get latest updates about software, tech news, and AI from SourceForge directly in your inbox once a month.
Thanks for helping keep SourceForge clean.
X