Managing Permissions

[chronister]

Hello All,

 

I am creating an intranet for the company I work for. I am wondering about the best way to keep track of users and the permissions.

 

For instance, I have an email system to send bulk emails to customers who have signed up for them. Not everyone is going to have access to that. We have over 60 restaurants across the country and I plan on making it so a franchisee can login and modify their own store(s).

 

So I am going to have close to 100 users, and probably when all is said and done, 25-50 permissions.

 

How would some of the experts here manage this? I currently have 3 tables that I have been playing with in this regard. Users, Permissions, and user_permissions. Users keeps track of users, permissions keeps track of permissions and user_permissions holds the ID's of each to tie them together. Is this the way to go, or is there an easier way.

 

Also, for coding this in the site. This is how I have started doing it... is this the best way???

 

 

this is located in a file called includes.php

<?php
function checkProtected($permission_name)
{
if($_SESSION['Global Admin'] == 1 || $_SESSION[$permission_name] == 1)
{
	//do nothing they can access this resource
}
else
{
	header("Location: http://mydomain.com/access_denied.php");
}
}

// run access check function
checkProtected('Access E-Mail List');  

?>

 

So currently I have it set up to where I manually specify the permission name, and then manually check to see if the user has the rights to access a particular resource.

 

Am I on the right track, or is there a better way?

 

thanks for the help on this.

 

Nate

[revraz]

Put some type of Role field in your user table.  But 20-25, you may see if you could cut that down a bit or it will turn into a spiderweb.