valan Posted April 3, 2013 Share Posted April 3, 2013 Hi! I think answer onto this question could be useful for all PW newbies with little PHP experience like myself... Let's imagine the following "typical" scenario: We have 2 user types of logged-in users: - user-type-1 - user-type-2 Each user type may have any number of actual users. The difference btw these two types is in view access to pages: - page-type-1 can be viewed only by users from user-type-1 - page-type-2 can be viewed only by users from user-type-2 - page-type-3 can be viewed both by users from user-type-1 and user-type-2 - page-type-4 can be viewed only by one user independently on its type (let's say that it is sensitive profile info page. Or individual mailbox page.) Also we have unauthorized users (not logged-in) that should have view access to sign-up, sign-in and general info pages. Looks like PW has all needed to enable scenario above, as key ingredients are in place: - API ($user, $session) - pw access management (defining users, roles, permissions) - pw template properties (defining roles that can access pages) But how to put it together and make work is a challenge for newbie like me...) Please can someone help? I'd even suggest to make kind of sample project with step-by-step tutorial as this should be a topic of common interest...I believe. 1 Link to comment Share on other sites More sharing options...
diogo Posted April 3, 2013 Share Posted April 3, 2013 Hi valan, welcome! The user-types that you refer are the roles. You vcan create as many roles as you want and assign them to users individually. Roles in itself don't do nothing, but you can define what they will do in the admin (via template access) or in your code, by using the API: if($user->hasRole($role)){ // do something } Unauthorized users would be the default guest user. You can redirect them to the sign in page by defining access on the templates or by putting something like this in your template: if($user->isGuest()){ $session->redirect($loginUrl) }; As for the individual profile pages, you can check them like this: // assuming that the profile page of each user has the same name as the user if($user->name != $page->name)){ $session->redirect($loginUrl) }; 1 Link to comment Share on other sites More sharing options...
alan Posted April 3, 2013 Share Posted April 3, 2013 Hi valan, in case you'd not spotted it, this thread also has some good info. Link to comment Share on other sites More sharing options...
valan Posted April 3, 2013 Author Share Posted April 3, 2013 diogo, alanfluff - thanks so much! It's so easy - I love PW more and more! 1 Link to comment Share on other sites More sharing options...
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now