Menu
I started using the MVC pattern a half year ago, and I still have some misunderstandings.
Now I want to implement a role based access control in my application. However, my question is not about RBAC, it is about MVC.
My implementation of RBAC is this: user->role->permission so every user (ex. userA) can have many roles (ex. reader, editor, admin), and every role can have many permissions (read, update, delete, etc.).
MySQL tables
Now my question is How should I implement this in MVC? Have a separate model for: users, roles, permissions, roles_permissions, users_roles, than have an authManager class that creates users, roles, permission, roles_permissions, and user_roles? Is this way correct? Is there a better, maybe more elegant way?
502
One role-based access control example is a set of permissions that allow users to read, edit, or delete articles in a writing application. There are two roles, a Writer and a Reader, and their respective permission levels are presented in this truth table.
5 Steps to Implement Role-Based Access ControlCreate a mapping of roles to resources from step 1 such that each function can access resources needed to complete their job. Create security groups that represent each role. Assign users to defined roles by adding them to the relevant role-based groups.
Choose MVC5 Controller with views, using Entity Framework and click "Add". After clicking on "Add", another window will appear. Choose Model Class and data context class and click "Add". The EmployeesController will be added under the Controllers folder with respective views.
Role-based access control (RBAC) is a method of restricting network access based on the roles of individual users within an enterprise. RBAC ensures employees access only information they need to do their jobs and prevents them from accessing information that doesn't pertain to them.
Basically I'd stick with one of many already existing Kohana ACL libraries instead of writing your own (or at least try them to see if they fit to your needs).
You may want to check this thread (Wouter A1, A2 and ACL modules) - http://forum.kohanaframework.org/discussion/1988/releases-a1-authentication-acl-acl-for-kohana-a2-object-level-authorization/p1
It's being constantly updated and maintained and it's available for 3.2 version as well.
If you feel Wouter modules are complicated, you can also check Vendo ACL module which is very simple and removes a lot of complications - https://github.com/vendo/acl
Examples how to use it - http://forum.kohanaframework.org/discussion/9517/getting-started-with-vendo-acl/p1
181
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
