Home/ Questions/Q 1004815
In Process

The Archive Base Latest Questions

Editorial Team
  • 0
Asked: 2026-05-16T08:11:37+00:00

How do people manage permissions between their code base and the database? For example,

  • 0

How do people manage permissions between their code base and the database? For example, my application is becoming littered with:

if($objects['username']['access_type'] == 'edit'){
    // print the HTML to edit the username
}

or in OO:

if($user->getPermission('username')->canEdit()){
    // print the HTML to edit the username
}

How do you keep track of where the object 'username' and the permission 'edit' are used and how do you maintain the link between these hard-coded permission ‘tags’ and their relevant entries in the permissions table in the database? Surely from time to time, some of these must get lost, renamed or misused? Any thoughts?

Share

Leave an answer

You must login to add an answer.

Need An Account,

1 Answer

  1. Editorial Team

    Cant you make a permission table?

    permisionId – UserId – Module – Permissions:

    The permissionId is autonr, the userId is the user, Module is for example ‘username’, permissions is the permission type.

    You can use the permission field as int and use the ‘AND’ bitwise operator on it (like chmod does):
    1 = read, 2=write, 1+2=3=read+write

    This way, you don’t have to make a row for eacht permission you want to give a module.

    • 0