Jump to content

Assigning and designing user levels question

andytan91

By andytan91
in PHP Coding Help

 Share

Recommended Posts

andytan91 Member

andytan91

Posted
Posted

Hey guys right now i am designing permission, basically system administrator can create a new user and assign any combinations of the 7 different types of privileges to him as defined below. I realized that if i am going to define the total amount of  possible user levels, it would be unrealistic to code 5040 if-else statements. Can any kind soul tell me if there is another method for assign user levels? :P THanks!

 

define('Edit_Policy_and_Save_Templates', 1);
define('Show_Policy_Specs', 2);
define('Run_Policy', 4);
define('Create_Account', ;
define('Edit_Roles', 32);
define('Generate_Read_Report', 64);
define('Trace_Past', 128);


$user_level = Edit_Policy_and_Save_Templates;
$user_level1 = Edit_Policy_and_Save_Templates + Show_Policy_Specs;
$user_level2 = Edit_Policy_and_Save_Templates + Show_Policy_Specs + Run_Policy;
$user_level3 = Edit_Policy_and_Save_Templates + Show_Policy_Specs + Run_Policy + Create_Account;
$user_level5 = Edit_Policy_and_Save_Templates + Show_Policy_Specs + Run_Policy + Create_Account + Edit_Roles;
$user_level6 = Edit_Policy_and_Save_Templates + Show_Policy_Specs + Run_Policy + Create_Account + Edit_Roles + Generate_Read_Report;
$user_level7 = Edit_Policy_and_Save_Templates + Show_Policy_Specs + Run_Policy + Create_Account + Edit_Roles + Generate_Read_Report + Trace_Past;

 

<?php
if (isset($_SESSION['Access_Level']) && $_SESSION['Access_Level'] == "1")
{
{
?>
<p><a href="Changepass.php">Auditee Change Password</a>
<p><a href="auditmenu.php">Perform Audit Checks</A>
<p><a href="logout.php">Logout</A>
<?php
}
}
elseif (isset($_SESSION['Access_Level']) && $_SESSION['Access_Level'] == "2")
{
{
?>
<p><a href="Changepass.php">Generate/Read Report</a><p>
<p><a href="Changepass.php">Auditor Change Password</a><p>
<p><a href="logout.php">Logout</A>
<?php
}
}
elseif (isset($_SESSION['Access_Level']) && $_SESSION['Access_Level'] == "3")
{
{
?>
<p><a href="createaccounts.php">Create accounts</a><p>
<p><a href="editroles.php">Edit Roles</a><p>
<a href="Changepass.php">System Administrator Change Password</a><p>
<p><a href="logout.php">Logout</A>
<?php
}
}
elseif (isset($_SESSION['Access_Level']) && $_SESSION['Access_Level'] == "4")
{
{
?>
<p><a href="showpolicy.php">Show Policy Specs</a><p>
<p><a href="editpolicy.php">Edit Policy and Save Template</a><p>
<p><a href="Changepass.php">Security Administrator Change Password</a><p>
<p><a href="logout.php">Logout</A>
<?php
}
}

elseif (isset($_SESSION['Access_Level']) && $_SESSION['Access_Level'] == "5")
{
{
if($user_level == $_SESSION['Permission']) {
?>
<p><a href="createaccounts.php">Edit Policy and Save Template</a><p>
<p><a href="logout.php">Logout</A>
<p><a href="Changepass.php">Change Password</a>
<?php
}



elseif (isset($_SESSION['Access_Level']) && $_SESSION['Access_Level'] == "5")
{
{
if($user_level1 == $_SESSION['Permission']) {
?>
<p><a href="createaccounts.php">Edit Policy and Save Template</a><p>
<p><a href="createaccounts.php">Show Policy Specs</a><p>
<p><a href="Changepass.php">Change Password</a>
<p><a href="logout.php">Logout</A>
<?php
}


elseif (isset($_SESSION['Access_Level']) && $_SESSION['Access_Level'] == "5")
{
{
if($user_level2 == $_SESSION['Permission']) {
?>
<p><a href="createaccounts.php">Edit Policy and Save Template</a><p>
<p><a href="createaccounts.php">Show Policy Specs</a><p>
<p><a href="createaccounts.php">Run Policy</a><p>
<p><a href="Changepass.php">Change Password</a>
<p><a href="logout.php">Logout</A>
<?php
}



elseif (isset($_SESSION['Access_Level']) && $_SESSION['Access_Level'] == "5")
{
{
if($user_level3 == $_SESSION['Permission']) {
?>
<p><a href="createaccounts.php">Edit Policy and Save Template</a><p>
<p><a href="createaccounts.php">Show Policy Specs</a><p>
<p><a href="createaccounts.php">Run Policy</a><p>
<p><a href="createaccounts.php">Create Account</a><p>
<p><a href="Changepass.php">Change Password</a>
<p><a href="logout.php">Logout</A>
<?php
}





elseif (isset($_SESSION['Access_Level']) && $_SESSION['Access_Level'] == "5")
{
{
if($user_level5 == $_SESSION['Permission']) {
?>
<p><a href="createaccounts.php">Edit Policy and Save Template</a><p>
<p><a href="createaccounts.php">Show Policy Specs</a><p>
<p><a href="createaccounts.php">Run Policy</a><p>
<p><a href="createaccounts.php">Create Account</a><p>
<p><a href="editroles.php">Edit Roles</a><p>
<p><a href="Changepass.php">Change Password</a>
<p><a href="logout.php">Logout</A>
<?php
}



elseif (isset($_SESSION['Access_Level']) && $_SESSION['Access_Level'] == "5")
{
{
if($user_level6 == $_SESSION['Permission']) {
?>
<p><a href="createaccounts.php">Edit Policy and Save Template</a><p>
<p><a href="createaccounts.php">Show Policy Specs</a><p>
<p><a href="createaccounts.php">Run Policy</a><p>
<p><a href="createaccounts.php">Create Account</a><p>
><p><a href="editroles.php">Edit Roles</a><p>
<p><a href="createaccounts.php">Generate Read Report</a><p>
<p><a href="Changepass.php">Change Password</a>
<p><a href="logout.php">Logout</A>
<?php
}

elseif (isset($_SESSION['Access_Level']) && $_SESSION['Access_Level'] == "5")
{
{
if($user_level7 == $_SESSION['Permission']) {
?>
<p><a href="createaccounts.php">Edit Policy and Save Template</a><p>
<p><a href="createaccounts.php">Show Policy Specs</a><p>
<p><a href="createaccounts.php">Run Policy</a><p>
<p><a href="createaccounts.php">Create Account</a><p>
<p><a href="editroles.php">Edit Roles</a><p>
<p><a href="createaccounts.php">Generate Read Report</a><p>
<p><a href="createaccounts.php">Trace Past</a><p>
<p><a href="Changepass.php">Change Password</a>
<p><a href="logout.php">Logout</A>
<?php
}

elseif (isset($_SESSION['Access_Level']) && $_SESSION['Access_Level'] == "5")
{
{
if($user_level8 == $_SESSION['Permission']) {
?>
<p><a href="createaccounts.php">Edit Policy and Save Template</a><p>
<p><a href="createaccounts.php">Run Policy</a><p>
<p><a href="Changepass.php">Change Password</a>
<p><a href="logout.php">Logout</A>
<?php
}



elseif (isset($_SESSION['Access_Level']) && $_SESSION['Access_Level'] == "5")
{
{
if($user_level9 == $_SESSION['Permission']) {
?>
<p><a href="createaccounts.php">Edit Policy and Save Template</a><p>
<p><a href="createaccounts.php">Run Policy</a><p>
<p><a href="createaccounts.php">Create Account</a><p>
<p><a href="Changepass.php">Change Password</a>
<p><a href="logout.php">Logout</A>
<?php
}




elseif (isset($_SESSION['Access_Level']) && $_SESSION['Access_Level'] == "5")
{
{
if($user_level11 == $_SESSION['Permission']) {
?>
<p><a href="createaccounts.php">Edit Policy and Save Template</a><p>
<p><a href="createaccounts.php">Run Policy</a><p>
<p><a href="createaccounts.php">Create Account</a><p>
<p><a href="editroles.php">Edit Roles</a><p>
<p><a href="Changepass.php">Change Password</a>
<p><a href="logout.php">Logout</A>
<?php
}

andytan91 Member

andytan91

Posted
  • Author
Posted

Well, when the user signs up shouldn't they start off as a Normal User and from there work their way up to being an Admin or whatnot?

 

Well i am doing a project on a web based auditing toolkit. There will be a role called system administrator. That account will be able to create accounts based on the 7 privileges defined above...

This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
 Share
Go to topic listing
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.