Flourish PHP Unframework
This is an archived copy of the forum for reference purposes

fAuthorization; checking userlevels against database

posted by samzzi 9 years ago

Hi,

First; Love flourishlib, great job guyz! :)

Is there a public method of some sort to get the numeric value of the userlevels you set? What I want to do is check the userlevels against a database (for example 'where userlevel <= $fAuthorization::getUserAuthLevelNumeric()'

You already have getUserAuthLevel() but that just returns the string value of your userlevel zo that's a little less efficient to work with a database with userlevels.

Any feedback is appreciated!

Kind Regards, Sam

There isn't such functionality because I've never really needed it. I store the authorization level name in the database, and the numbers are just used when setting up fAuthorization to make the names relative to each other. Whenever I've needed to get back users, I just specify the auth level names.

In your case it seems to me like it might make the most sense to store your auth level as a public static member of your User class, then you could use array_search() to get the numeric values. 

class User
{
    static public $auth_levels = array(
        100 => 'Admin',
        50  => 'User'
    );
}

fAuthorization::setAuthLevels(User::$auth_levels);

$numeric_level = array_search($user->getAuthLevel(), User::$auth_levels);
posted by wbond 9 years ago

Tx for your feedback :)

Indeed a solution but I'm curious if you store the level name in the database; If you store 'manager' in the db the manager and the admin also needs access to that you won't have the 'drill down' functionality? (Or you should store all the levels in your table but that's much more effort for the administratior offcourse)

posted by samzzi 9 years ago

Yes, I believe that if you need to check something in the database and you are only dealing with auth levels that storing the number probably makes the most sense.

In most situations where the access controls are dynamic per record I usually start down the route of having a table that handles associating permissions to users or groups, and user can be placed in groups. This allows you to do all of the checking in the database, while keeping the semantic information about what the numbers mean where the numbers are.

posted by wbond 9 years ago