Field-level ACL in CodeIgniter
Well I to answer one of your questions I am currently using a "flag based" ACL if you will. In my users table I have 3 fields, called Activated, Staffmember, Admin. I run 3 queries in 2 different models to check if the login credentials that were given
WHERE staffmember = 1WHERE Admin = 1WHERE activated = 1if a record is returned I then turn that into a return value.
This is my if else statements to decide who sees what :
function index(){ $this->load->model('staff_model'); // loads model that queries if username is associated with a admin or staff account if($staffmember = $this->staff_model->staffmember()) //Checks for staff value == 1 { if($is_admin = $this->staff_model->is_admin()) // Checks for admin value == 1 { redirect('admin_controller/index'); // redirects to what the admin will see (the admin pages, add users, delete users, deactivate users, this way I set up a sorta CMS type system }else{ // If not admin == 1 meaning it can be a staff member == 1 $data['main_content'] = 'staff_homepage_view'; //sets up template for staff member $this->load->view('includes/template', $data); // this will then load the view for staff member } }else{ // If not staff == 1 // then if it is not staff member it will load the view for a no permission account in this case : student $data1['main_content'] = 'student_homepage_view'; $this->load->view('includes/template', $data1); } }If you need to see model let me know. but this way I was able to set up what users can see via their account flag in the database.
This way as well, the admin, MUST BE a staff member, and this way the activated no permission account can not be a staffmember or admin.
So then what you can do is then set up in your users table a field called Edit
and in the controller then you can specify if Edit = 1 then user has full access to what is needed to be done, else can only be read. Now I don't know what you have to edit so I am kinda limited with the info I can supply you.