I am currently looking into re-working a permissions system in PHP that was built a while ago. The current version has exact permissions so for Admin you would have the following permissions:
acl.manage.self
acl.manage.others
That would say the user has access to manage his own permissions, as-well as others.
However while working on some new applications, I attempted to tap into the current permissions system by giving myself access to my entire application via:
lst.*
That way I don't have to give myself a bunch .view
.manage
etc.
It seems as though the existing system does not understand the * wildcard. So I am sitting here trying to re-write the "has_permission"
So my current working test environment I have created a user with the following permissions:
array(3) { [0]=> string(1) "*" [1]=> string(15) "fake.permission" [2]=> string(27) "none.of.these.should.matter" }
Technically the only permission that matters is [0] which says I should have permission to do anything and everything I want.
I am at a loss as to how to implement this flow into my method:
function has_perm($perm){
//if I am checking if I have the perm 'acl.manage.all'
//This function should return true if I have any of the following:
// *, acl.*, acl.manage.*, acl.manage.all
//exact check
foreach($this->perms as $p){
if($p===$perm){ return true; }
}
}
any nudge in the right direction would be awesome.