A humble PHP framework & CMS
Humblee allows for multiple role-based authorization levels. By default, the system utilizes the following:
~/admin
pages of the CMSThe first two roles were "access" based roles. The following are "task" based roles used in the CMS:
New roles can be added through the database in the humblee_roles
table. By setting the role_type
to "access" the new role will appear in the list of access roles when editing a page in the page manager or a file in the media manager.
Setting the new role's type to "task" will suppress it from the list of available roles in the page manager and media manger but leave it available for use as needed throughout the application.
When building custom functionality, the current user's roles can be checked by using the Core::auth()
function. This method accepts either a role name, such as "login," a role ID, or an array containing multiple role IDs and or names. For example:
<?php
return Core::auth(2); // returns true if user has the 'admin' role (which is row id #2 in the table of roles)
return Core::auth('content'); // returns true if user has the 'content' role
return Core::auth(array('content','publish','developer')); // returns true if user has ANY of these roles
if(!Core::auth('publish')){
echo "Sorry, you do not have permission to publish this content.";
}
Additionally, when extending the Core_Controller_Xhr
class, you can call $this->require_role();
which is a wrapper for Core::auth() that, on false
returns a "403 Forbidden" header and stops the script from continuing.
<?php
class MyAPI extends Core_Controller_Xhr {
public function do_something(){
$this->require_role(array('content','publish'));
echo "doing something...";
}
}