【发布时间】:2012-11-08 19:56:04
【问题描述】:
我正在做我的第一个应用程序,其中包含多个用户的权限和角色。 我的理解是最好的方法是使用 BitWise 格式。这是真的吗,还是有更好的选择?
这是我当前的测试代码,我得到了一个相当奇怪的效果。 如果有人能解释为什么会这样,那将不胜感激。
示例:
$user = array('permissions' => 1); // This *should* return ONLY READ, (except it shows all)
$user = array('permissions' => 8); // Shows correct, FULL resources.
你可以用它来测试代码...http://writecodeonline.com/php/
define("PERM_R", 1); # Read
define("PERM_W", 2); # Write
define("PERM_E", 4); # Edit
define("PERM_D", 8); # Delete
define("ROLE_GUEST", PERM_R);
define("ROLE_EDITOR", ROLE_GUEST | PERM_W | PERM_E);
define("ROLE_FULL", ROLE_EDITOR | PERM_D);
function hasAccess($user, $action) {
if( is_array($user) ) {
return $user['permissions'] & $action;
} else if ( is_int($user) ) {
return $user & $action;
}
}
$user = array('permissions' => 1);
echo "USER PERMISSIONS: ". $user['permissions'] ."<br /><br />";
# TEST PERMS
if(hasAccess($user, PERM_R)) {
echo PERM_R;
echo " - Yes you can see READ <br />";
}
if(hasAccess($user, PERM_R | PERM_W)) {
echo PERM_R | PERM_W;
echo " - Yes you can see READ & WRITE<br />";
}
if(hasAccess($user, PERM_R | PERM_W | PERM_E)) {
echo PERM_R | PERM_W | PERM_E;
echo " - Yes you can see READ & WRITE & EDIT<br />";
}
if(hasAccess($user, PERM_R | PERM_W | PERM_E | PERM_D)) {
echo PERM_R | PERM_W | PERM_E | PERM_D;
echo " - Yes you can see READ & WRITE & EDIT & DELETE<br />";
}
# TEST ROLES
if(hasAccess($user, ROLE_GUEST)) {
echo ROLE_GUEST;
echo " - Yes, You Are A GUEST <br />";
}
if(hasAccess($user, ROLE_EDITOR)) {
echo ROLE_EDITOR;
echo " - Yes, You Are A EDITOR <br />";
}
if(hasAccess($user, ROLE_FULL)) {
echo ROLE_FULL;
echo " - Yes, You Are A FULL <br />";
}
【问题讨论】:
-
我发现 Cake 的 ACL 是管理权限的最简单方法。它在不牺牲简单性的情况下为您提供了良好的粒度。要点:book.cakephp.org/2.0/en/core-libraries/components/…。一开始它看起来很复杂,但一旦你理解它就会很有意义。
-
会评论“编辑”=读/写和缺少“创建”,但那是个人笔记。
-
详细博客在这里:goo.gl/ATnj6j
标签: php permissions bit-manipulation bit user-permissions