[NA] PHP authorization/menu framework

CJones

CJones

Final Approach
Joined
Mar 14, 2005
Messages
5,812
Location
Jawjuh
Display Name
Display name:
uHaveNoIdea
I need/want to build a dynamic menu-driven site that has built-in heirarchical authorization levels in both the content and the menu itself.

I would like the menu to be driven by the access levels, so only options available to the user (based on their access level) would be displayed on the menu. Access levels would be heirarchical: CSR Manager has access to all CSR options, CSR Supervisor has fewer options, CSR Rep has even fewer options; Inventory Mgr has access to all Inventory options, Inv Supe has fewer options, Inv Tech has fewer options; etc. etc.

I know I can build one from the ground up, but thought I would check to see if there was a framework already out there that had these abilities built in before trying to reinvent the wheel. I looked at Joomla CMS, but it only allows the three built-in access levels without doing some core hacking, and then it would probably require creating a 'module' for each report/tool that I wanted to use.

Being able to add menu options through some sort of GUI would be nice as well - by 'GUI', I mean anything more 'smooth' than inserting links via phpMyAdmin or hard-coding to the menu directly.

Is there anything out there that does this well without having to hack it together to do what I want, or should I just start creating it myself? If I build it, I think I will put the menu links in a database with their 'minimum' access level and use a simple query to pull back available links for the user's access level and build the menu dynamically each time the page is refreshed.

Any ideas?
 
CJones said:
I looked at Joomla CMS, but it only allows the three built-in access levels without doing some core hacking, and then it would probably require creating a 'module' for each report/tool that I wanted to use.
Click to expand...

EppyGA said:
Not sure if it meets your needs, but you can take a look at www.joomla.org
Click to expand...

;)

Thanks, though. That was my first idea as well.
 
I don't have a package to recommend but I've been hacking together a site wide authorization system in PHP that's getting there.

If you decide you're going to go on your own, maybe we can set up a private project on kenai and collaborate on common libraries.

Joe
 
You'll need to go beyond the menu and secure the actual pages themselves.
 
I haven't used it, but you can also look at php-nuke. I would also suggest dotnetnuke but your interest is in Linux and php.
 
jesse said:
You'll need to go beyond the menu and secure the actual pages themselves.
Click to expand...

Yep. I figure I can use the same general mechanism for validating the user's access level on the page that I use for creating the menu.

EppyGA said:
I haven't used it, but you can also look at php-nuke. I would also suggest dotnetnuke but your interest is in Linux and php.
Click to expand...

I know DNN would do what I want - I used it extensively at my previous job - but we don't have access to .NET hosting.

I'll take a look at php-nuke.

It's looking more and more like it's going to be a homemade job for this one.
 
You might also look into Drupal (drupal dot org).

I have used it in the past and I know it can allow for content that is invisible/visible depending on authorization.

There are also a ton of add-ons and modules that allow it to integrate with popular forums and photo galleries for example.
 
Would this help you? (see the section on 'securing menus', in particular... looks as though the Sympal framework supports an unlimited number of user-defined 'credentials', such as 'InvMgr', 'InvSup', 'InvUser', from your examples).

http://www.sympalphp.org/documentation/1_0/book/menus/en

If you roll your own, I have a comment about this:

I think I will put the menu links in a database with their 'minimum' access level and use a simple query to pull back available links for the user's access level and build the menu dynamically each time the page is refreshed.
Click to expand...

Consider implementing a caching system; no need to to back to the database frequently for the same authorization information, unless your user's permission levels are changing frequently (unlikely).
 
Last edited:
You must log in or register to reply here.
Back
Top