MANAGEMENT Concept & functions Levels of management Managerial roles & skills.
Security with User Roles and Access Levels
-
Upload
prodigyview -
Category
Technology
-
view
3.260 -
download
0
description
Transcript of Security with User Roles and Access Levels
![Page 1: Security with User Roles and Access Levels](https://reader033.fdocuments.in/reader033/viewer/2022061206/5482879db4af9fa50d8b4810/html5/thumbnails/1.jpg)
Basic Security with Access Levels and Roles
![Page 2: Security with User Roles and Access Levels](https://reader033.fdocuments.in/reader033/viewer/2022061206/5482879db4af9fa50d8b4810/html5/thumbnails/2.jpg)
Overview
Objective
Learn how to use access levels and user levels to restrict or allow access of content to a user..
Requirements
Installed version of ProdigyView with database
Understanding of how to create a user
Understanding of how to create user roles
Estimated Time
12 Minuteswww.prodigyview.com
![Page 3: Security with User Roles and Access Levels](https://reader033.fdocuments.in/reader033/viewer/2022061206/5482879db4af9fa50d8b4810/html5/thumbnails/3.jpg)
Follow Along With Code Example
1. Download a copy of the example code at www.prodigyview.com/source.
2.Install the system in an environment you feel comfortable testing in.
3.Proceed to examples/security/Roles_Access.php
![Page 4: Security with User Roles and Access Levels](https://reader033.fdocuments.in/reader033/viewer/2022061206/5482879db4af9fa50d8b4810/html5/thumbnails/4.jpg)
Roles and Access LevelsProdigyView implements a dual verification for checking if a user has the required security clearance to access an area.
Access Level
Access levels is the least complicated way of verifying if a user has the required permission. Access levels are numbers and if a user is below a certain number, access is denied.
Roles
Roles are a little more complicated but create a more robust verification. A user can have multiple roles and anyone of those roles can allow access to an area.
Also remember access level and roles can be combined.www.prodigyview.com
![Page 5: Security with User Roles and Access Levels](https://reader033.fdocuments.in/reader033/viewer/2022061206/5482879db4af9fa50d8b4810/html5/thumbnails/5.jpg)
Creating A RoleOne major difference between access levels and roles is access level do not have to be created but only assigned to a user. Roles on the other hand have to be created. Let’s take a moment to create a role or two.
www.prodigyview.com
![Page 6: Security with User Roles and Access Levels](https://reader033.fdocuments.in/reader033/viewer/2022061206/5482879db4af9fa50d8b4810/html5/thumbnails/6.jpg)
Users with PermissionsOk great, we have our user roles. Now let’s create a user with an access level and a role. They are both easily defines in the arguments that are used to create a user. Lets gives them an access level of 2 and the role of ‘Administrator’.
1. Assign the user an access level 2. Assign the user a role
3. Create the user
![Page 7: Security with User Roles and Access Levels](https://reader033.fdocuments.in/reader033/viewer/2022061206/5482879db4af9fa50d8b4810/html5/thumbnails/7.jpg)
Checking Access LevelSo in our example we created a user with the access level of 2. Access level is numeric verification where the number assigned to the user must be greater an or equal too the number we are checking against. Let’s put that to the test.
1. The id of the user 2. The numeric level to check against
3. Check with method checkUserAccessLevel
www.prodigyview.com
![Page 8: Security with User Roles and Access Levels](https://reader033.fdocuments.in/reader033/viewer/2022061206/5482879db4af9fa50d8b4810/html5/thumbnails/8.jpg)
And the results are...
And looks like the results hold true. I want to take a moment to explain something for viewers who might not know the ? : syntax we will be using. Whenever you come across an expression like:
$value = (exp1) ? exp2 : exp3;
This actually means if the value from expression 1 is true, the display contents from expression 2. If value from expression 1 is false, then display expression 3. We will use this a lot.
![Page 9: Security with User Roles and Access Levels](https://reader033.fdocuments.in/reader033/viewer/2022061206/5482879db4af9fa50d8b4810/html5/thumbnails/9.jpg)
User Role ChecksNow we are going to the roles by using the PVSecurity::checkUserRole() method. The roles passed can either be the id of the role or the actual name of the role. And when roles are passed through the method they can either be as a single value or in an array. Let’s take a look.
1. Id of the user 2. Name of the role
3. Add the roles in an array to check
![Page 10: Security with User Roles and Access Levels](https://reader033.fdocuments.in/reader033/viewer/2022061206/5482879db4af9fa50d8b4810/html5/thumbnails/10.jpg)
Role Check Results
The role check results should look like the above. According to the role we added in our example, ‘Administrator’ those results are correct.
www.prodigyview.com
![Page 11: Security with User Roles and Access Levels](https://reader033.fdocuments.in/reader033/viewer/2022061206/5482879db4af9fa50d8b4810/html5/thumbnails/11.jpg)
Adding a role and checking
For a final test, let’s add a role to the user and then check. With the code below, the user will now have access too super administrator roles.
www.prodigyview.com
![Page 12: Security with User Roles and Access Levels](https://reader033.fdocuments.in/reader033/viewer/2022061206/5482879db4af9fa50d8b4810/html5/thumbnails/12.jpg)
Challenge!This optional challenge is designed to help you better understand ProdigyView.
Now that you have an understanding of Access Levels and User Roles, write a script that will block a user unless both the access level and user role requirements are met. Also find a way to update the user’s access level.
www.prodigyview.com
![Page 13: Security with User Roles and Access Levels](https://reader033.fdocuments.in/reader033/viewer/2022061206/5482879db4af9fa50d8b4810/html5/thumbnails/13.jpg)
Summary1. Check the user’s access level by using the
method: PVSecurity::checkUserAccessLevel()
2. Check the user’s role by using the method: PVSecurity::checkUserRole()
www.prodigyview.com
![Page 14: Security with User Roles and Access Levels](https://reader033.fdocuments.in/reader033/viewer/2022061206/5482879db4af9fa50d8b4810/html5/thumbnails/14.jpg)
API ReferenceFor a better understanding of access levels and role access in ProdigyView, visit the api by clicking on the link below.
PVSecurity
www.prodigyview.com
More Tutorials
For more tutorials, please visit:
http://www.prodigyview.com/tutorials