Assigning and designing user levels question

andytan91 · July 21, 2010

Hey guys right now i am designing permission, basically system administrator can create a new user and assign any combinations of the 7 different types of privileges to him as defined below. I realized that if i am going to define the total amount of possible user levels, it would be unrealistic to code 5040 if-else statements. Can any kind soul tell me if there is another method for assign user levels? THanks!

define('Edit_Policy_and_Save_Templates', 1);
define('Show_Policy_Specs', 2);
define('Run_Policy', 4);
define('Create_Account', ;
define('Edit_Roles', 32);
define('Generate_Read_Report', 64);
define('Trace_Past', 128);


$user_level = Edit_Policy_and_Save_Templates;
$user_level1 = Edit_Policy_and_Save_Templates + Show_Policy_Specs;
$user_level2 = Edit_Policy_and_Save_Templates + Show_Policy_Specs + Run_Policy;
$user_level3 = Edit_Policy_and_Save_Templates + Show_Policy_Specs + Run_Policy + Create_Account;
$user_level5 = Edit_Policy_and_Save_Templates + Show_Policy_Specs + Run_Policy + Create_Account + Edit_Roles;
$user_level6 = Edit_Policy_and_Save_Templates + Show_Policy_Specs + Run_Policy + Create_Account + Edit_Roles + Generate_Read_Report;
$user_level7 = Edit_Policy_and_Save_Templates + Show_Policy_Specs + Run_Policy + Create_Account + Edit_Roles + Generate_Read_Report + Trace_Past;

<?php
if (isset($_SESSION['Access_Level']) && $_SESSION['Access_Level'] == "1")
{
{
?>
<p><a href="Changepass.php">Auditee Change Password</a>
<p><a href="auditmenu.php">Perform Audit Checks</A>
<p><a href="logout.php">Logout</A>
<?php
}
}
elseif (isset($_SESSION['Access_Level']) && $_SESSION['Access_Level'] == "2")
{
{
?>
<p><a href="Changepass.php">Generate/Read Report</a><p>
<p><a href="Changepass.php">Auditor Change Password</a><p>
<p><a href="logout.php">Logout</A>
<?php
}
}
elseif (isset($_SESSION['Access_Level']) && $_SESSION['Access_Level'] == "3")
{
{
?>
<p><a href="createaccounts.php">Create accounts</a><p>
<p><a href="editroles.php">Edit Roles</a><p>
<a href="Changepass.php">System Administrator Change Password</a><p>
<p><a href="logout.php">Logout</A>
<?php
}
}
elseif (isset($_SESSION['Access_Level']) && $_SESSION['Access_Level'] == "4")
{
{
?>
<p><a href="showpolicy.php">Show Policy Specs</a><p>
<p><a href="editpolicy.php">Edit Policy and Save Template</a><p>
<p><a href="Changepass.php">Security Administrator Change Password</a><p>
<p><a href="logout.php">Logout</A>
<?php
}
}

elseif (isset($_SESSION['Access_Level']) && $_SESSION['Access_Level'] == "5")
{
{
if($user_level == $_SESSION['Permission']) {
?>
<p><a href="createaccounts.php">Edit Policy and Save Template</a><p>
<p><a href="logout.php">Logout</A>
<p><a href="Changepass.php">Change Password</a>
<?php
}



elseif (isset($_SESSION['Access_Level']) && $_SESSION['Access_Level'] == "5")
{
{
if($user_level1 == $_SESSION['Permission']) {
?>
<p><a href="createaccounts.php">Edit Policy and Save Template</a><p>
<p><a href="createaccounts.php">Show Policy Specs</a><p>
<p><a href="Changepass.php">Change Password</a>
<p><a href="logout.php">Logout</A>
<?php
}


elseif (isset($_SESSION['Access_Level']) && $_SESSION['Access_Level'] == "5")
{
{
if($user_level2 == $_SESSION['Permission']) {
?>
<p><a href="createaccounts.php">Edit Policy and Save Template</a><p>
<p><a href="createaccounts.php">Show Policy Specs</a><p>
<p><a href="createaccounts.php">Run Policy</a><p>
<p><a href="Changepass.php">Change Password</a>
<p><a href="logout.php">Logout</A>
<?php
}



elseif (isset($_SESSION['Access_Level']) && $_SESSION['Access_Level'] == "5")
{
{
if($user_level3 == $_SESSION['Permission']) {
?>
<p><a href="createaccounts.php">Edit Policy and Save Template</a><p>
<p><a href="createaccounts.php">Show Policy Specs</a><p>
<p><a href="createaccounts.php">Run Policy</a><p>
<p><a href="createaccounts.php">Create Account</a><p>
<p><a href="Changepass.php">Change Password</a>
<p><a href="logout.php">Logout</A>
<?php
}





elseif (isset($_SESSION['Access_Level']) && $_SESSION['Access_Level'] == "5")
{
{
if($user_level5 == $_SESSION['Permission']) {
?>
<p><a href="createaccounts.php">Edit Policy and Save Template</a><p>
<p><a href="createaccounts.php">Show Policy Specs</a><p>
<p><a href="createaccounts.php">Run Policy</a><p>
<p><a href="createaccounts.php">Create Account</a><p>
<p><a href="editroles.php">Edit Roles</a><p>
<p><a href="Changepass.php">Change Password</a>
<p><a href="logout.php">Logout</A>
<?php
}



elseif (isset($_SESSION['Access_Level']) && $_SESSION['Access_Level'] == "5")
{
{
if($user_level6 == $_SESSION['Permission']) {
?>
<p><a href="createaccounts.php">Edit Policy and Save Template</a><p>
<p><a href="createaccounts.php">Show Policy Specs</a><p>
<p><a href="createaccounts.php">Run Policy</a><p>
<p><a href="createaccounts.php">Create Account</a><p>
><p><a href="editroles.php">Edit Roles</a><p>
<p><a href="createaccounts.php">Generate Read Report</a><p>
<p><a href="Changepass.php">Change Password</a>
<p><a href="logout.php">Logout</A>
<?php
}

elseif (isset($_SESSION['Access_Level']) && $_SESSION['Access_Level'] == "5")
{
{
if($user_level7 == $_SESSION['Permission']) {
?>
<p><a href="createaccounts.php">Edit Policy and Save Template</a><p>
<p><a href="createaccounts.php">Show Policy Specs</a><p>
<p><a href="createaccounts.php">Run Policy</a><p>
<p><a href="createaccounts.php">Create Account</a><p>
<p><a href="editroles.php">Edit Roles</a><p>
<p><a href="createaccounts.php">Generate Read Report</a><p>
<p><a href="createaccounts.php">Trace Past</a><p>
<p><a href="Changepass.php">Change Password</a>
<p><a href="logout.php">Logout</A>
<?php
}

elseif (isset($_SESSION['Access_Level']) && $_SESSION['Access_Level'] == "5")
{
{
if($user_level8 == $_SESSION['Permission']) {
?>
<p><a href="createaccounts.php">Edit Policy and Save Template</a><p>
<p><a href="createaccounts.php">Run Policy</a><p>
<p><a href="Changepass.php">Change Password</a>
<p><a href="logout.php">Logout</A>
<?php
}



elseif (isset($_SESSION['Access_Level']) && $_SESSION['Access_Level'] == "5")
{
{
if($user_level9 == $_SESSION['Permission']) {
?>
<p><a href="createaccounts.php">Edit Policy and Save Template</a><p>
<p><a href="createaccounts.php">Run Policy</a><p>
<p><a href="createaccounts.php">Create Account</a><p>
<p><a href="Changepass.php">Change Password</a>
<p><a href="logout.php">Logout</A>
<?php
}




elseif (isset($_SESSION['Access_Level']) && $_SESSION['Access_Level'] == "5")
{
{
if($user_level11 == $_SESSION['Permission']) {
?>
<p><a href="createaccounts.php">Edit Policy and Save Template</a><p>
<p><a href="createaccounts.php">Run Policy</a><p>
<p><a href="createaccounts.php">Create Account</a><p>
<p><a href="editroles.php">Edit Roles</a><p>
<p><a href="Changepass.php">Change Password</a>
<p><a href="logout.php">Logout</A>
<?php
}

Stalingrad · July 21, 2010

Well, when the user signs up shouldn't they start off as a Normal User and from there work their way up to being an Admin or whatnot?

andytan91 · July 21, 2010

Well, when the user signs up shouldn't they start off as a Normal User and from there work their way up to being an Admin or whatnot?

Well i am doing a project on a web based auditing toolkit. There will be a role called system administrator. That account will be able to create accounts based on the 7 privileges defined above...

Zane · July 21, 2010

Check this thread out on bitwise operators

http://www.phpfreaks.com/forums/index.php/topic,113143.0.html

It's just what you're looking for.

andytan91 · July 21, 2010

alrighty thanks

Sign In

Assigning and designing user levels question

Recommended Posts

andytan91

Link to comment

Share on other sites

Stalingrad

Link to comment

Share on other sites

andytan91

Link to comment

Share on other sites

Zane

Link to comment

Share on other sites

andytan91

Link to comment

Share on other sites

Archived

Browse

Activity

Important Information