public __construct ($file = 'conf/acl.php')
Constructor will call init()
if a file is provided, or simply
set the $rules
if an array is passed to it. With no parameters,
it will try to read conf/acl.php
for the access list.
public init ()
Parses the INI file and generates the rule list, adding default=false if no default is specified for that role (deny by default).
public allowed ($resource, $user = false)
Test whether they can access a resource. If no user object is provided,
will use User::$user->type
to determine the role.
A simple access control class for implementing custom permissions in your applications.
Usage:
The format of the INI file is as follows:
The default lines change whether you should allow or deny by default for a given role. The naming convention
user/admin
signifies a feature within an app as opposed to the app itself.To easily include access control in a handler, you can use the Controller's
require_acl()
method like this:Which says: Verify they can access the
admin
resource, as well as themyapp
resource. You can also retrieve the Acl object for the currently active user via theUser::acl()
method like this:To define new resources that your custom app will use, create a
conf/acl.php
in your app and define your resources like this:This will automatically include them in the Elefant role editor.