I know that this question has been as asked many times but as I am learning to write a better code. So need some suggestions.
Suppose, I have a controller and method as shown below:
:Account
login();
home();
manage_user();
logout();
:Company
add();
view();
edit();
delete();
:Service
add();
delete();
:Page
default();
about_us();
contact_us();
There are three types of user groups (eg. system admin, company user and general user) for which i need to specify permission to access these methods/pages.
I have a database structure as
group(id, name);
user(id, parent_id, group_id, company_id, username, password, email);
permission(id, group_id, uri, allowed);
uri field may contain values like, "company/add", "service/add", "company/view" ... etc.
I have an autoloaded library class as User having a method check_permission(), this method has been called on MY_Controller constructor.
So my question, is mapping controller/function to database field to permit access is a good practice? or do you have any other options which is more efficient than this?