User permissions

Appskull comes with a advanced user permissions handling mechanism that allows you to easily handle permissions in Appskull. A single user permission consist of Permission name, Permission type, Permission key and Permission description. The most important part is Permission key.

A single user permission

User permissions cannot be assigned directly to users. Instead permissions can assign to user roles first and then those user roles can be assigned to users.

User permissions flow

Any user can have multiple user roles and any user role can have any number of user permissions.

User permissions list

User permissions list show a list of all Appskull user permissions and support for bellow features.

  1. Searching.
  2. Filtration.
  3. Grouping module basis permissions.
  4. Show total number of user permissions based to selected filters.
  5. Show module basis permissions count.
  6. Show permissions's active or inactive state.
  7. Show user roles's active or inactive state.
User permissions list

Origin type permissions

These are the permissions that comes with Appskull system by default. All this type of permissions are mandatory for Appskull to work properly. You can't make this type of permissions using Appskull user interface. Instead you have to use a database management software like phpMyAdmin, sequel pro to create this type of permissions. This is a intentional design choice that we made in order to keep separate origin type of permissions from other type of user permissions.

Origin type user permissions

Local type permissions

These are the permissions that not mandatory for Appskull base system. You can add this type of permissions very easily using Appskull user interface. If you want to extend the Appskull system without messing with Appskull base/core permissions then this is the recommended way to do that.

Local type user permissions

Add new user permissions

Users with appropriate permissions can add new user permissions into the Appskull system very easily. These permissions would be local type permissions. You can't add origin type permissions directly in the Appskull. but of course you can add them using a database management software like phpMyAdmin or sequel pro.

Add new user permission

Edit user permissions

Users with appropriate permissions can edit user permissions. But in origin type permissions, you can only change the state of those permissions. Other information won't be able to change using Appskull user interface. But of course you can them using a database management software. As mentioned this is very intentional and it's purely for the safety of Appskull system core.

Edit origin type user permission

But you can edit all the information of local type user permissions using Appskull user interface.

Edit local type user permission

Soft delete user permissions

Instead of deleting user permissions completely from the Appskull system. users who has user permissions edit permissions can set any user permission's state to Inactive by using user permissions edit feature. The Inactive user permission state considered as user permission deletion on the Appskull. As mentioned earlier editing (in this case changing the permission state) permissions itself is not enough. In order to take the effect, you must go back to user permissions listing page and resubmit/save user permissions with user roles.

State inactive

For developers

Appskull comes with a custom library called User. It has few methods that can be used to do things that related to user permissions.

This library can be found in [app_root]/app/libraries/common/User.php. It's a autoloaded library so you don't have to call it every time before you use it. It's available globally throughout the Appskull application. In this chapter we are gonna talk about only few methods that related to user permissions. Other methods for example, user authentication related methods will be discuss in the authentication module chapter.

  1. getUserData()

    This method is return different kind of user data for currently signned/loggedin in user. For example, his/her user state, his/her all permissions. These information are very useful for check if that user has certain kind of permissions in order to perform different kind of actions in the Appskull.

  2. hasPermission($permission)

    param $permission String (parse permission key).

    Check if user has a specific permission.

                                    
                                        if ($this->user->hasPermission($permission)) {
                                            // User has permission.
                                        } else {
                                            // User does not have permission.
                                        }
                                    
                                
  3. hasAnyPermission($permissions)

    param $permissions Array (parse permission keys).

    Check if user has any of an array of permissions.

                                    
                                        if ($this->user->hasAnyPermission($permissions)) {
                                            // User has permission.
                                        } else {
                                            // User does not have permission.
                                        }
                                    
                                
  4. hasAllPermissions($permissions)

    param $permissions Array (parse permission keys).

    Check if user has all of an array of permissions.

                                    
                                        if ($this->user->hasAllPermissions($permissions)) {
                                            // User has permission.
                                        } else {
                                            // User does not have permission.
                                        }
                                    
                                

You can look into this User custom library and check those methods. By doing that you can get a really good idea about how they work.

Copyright © Nudasoft.