Role Manager & Role Provider

About Role Manager & Role Provider #top

Role Provider

This class is used to provide roles from database and set them in application register function. Role Manager class will access available roles and manage controller or Action permissions.

Role Manager

A basic role mananer class for Ness Framework. You can get available roles from database and set them in application register function, to manage user accesses to specific controllers.

Methods #top

FillRoles

RoleProvider::FillRoles(Array  $roles);

This function is used to fill roles with id and value from database. This is necessary for using role manager class.
Return	void
Parameters	$roles Array; Set all roles to role provider class. Array key is id in database and value is a named provision of role You need to fill all roles in Application / Register()

RequiredRoles

RoleProvider::RequiredRoles(Array  $roles);

This function is used to set required roles for controller or controller action. If you want to affect a whole controller with set role you must setup role manager in construct method.
Return	void
Parameters	$roles Array; Required roles for a action in a controller or in whole controller.

ProvidedRoles

RoleProvider::ProvidedRoles(Array  $roles);

This function is User's provided roles. Can be filled from database. Later you will have the opportunity to check it with isAuthorized method.
Return	void
Parameters	$roles Array; provided roles for user.

---

isAuthorized

RoleManager::isAuthorized();

Checks if user is authorized.
Return	Boolean
Parameters	None

ClearRequired

RoleManager::ClearRequired();

Clear All required roles.
Return	None
Parameters	None

Example #top

Let's say you have a Index controller and IndexAction, and 3 roles(User, Administrator, Guest) available totally. You have a 'x' user which has roles, (Guest, User) and wants to access IndexAction which requires role 'Administrator'. For checking if your user 'x' can access to IndexAction you need to do followings;

1. Setup All Roles in Application Register
2. Do a control in Index controller and IndexAction
3. If Not Authorized show message or redirect.

Application Confiuration; app_config.php

                                

/***********************************************
*	Application Class
*/

class Application
{

    /**
        * This function is called automatically by framework on entry...
        * You can do all your global object definitions or user-based settings...
        */
public function Register()
{
        //Fill Roles
        //We are filling manually, but you can get all roles from your database.
        $data_set = array("1"=>"User", "2"=>"Administrator", "3"=>"Guest");
        RoleProvider::FillRoles($data_set);
        
    }

}
                                
                            

Controller Configuration; Controller/indexController.php

                                
class indexController extends Ness/Controller{

    public function __construct() {
        parent::__construct();
        
        //You can get required roles from database we will give manually in this example.
        RoleProvider::RequiredRoles(array("2"=>"Administrator"));
        
        //User's roles: you can get them from your database we will fill manually...
        
        RoleProvider::ProvidedRoles(array("1"=>"User"));
        
        //now make the controls. You can block all contents of a controller or you can
        //allow your user some Actions. We will block our user to access index page.
    }

    public function IndexAction($param=0){
            
        if(RoleManager::isAuthorized())
        {
            $this->View->Render("index.php");
        }else{
            echo "You are not allowed";
            exit();
            //Do redirections or anything else;
        }    
    }
}