Revision #3 has been created by szfjozsef on Jun 20, 2012, 1:12:09 PM with the memo:
Updated the introduction to better reflect the purpose of this tutorial
« previous (#2)
Simple access control
simple, access, control, accessControl, accessRules, allow, deny, user, users
For those who feel, the Controller->accessRules() or RBAC (Role-Based Access Control) is too complicated or
lengthily to code, here is a very simple, easy-to-implement solution.
As usual, you will have a table, holding the user's data, such as: username, password, email, real_name, etc. To store the user rights, you need an additional field, named **admin_level**. This will be an unsigned tinyint, and will hold the user's rights to do things around the site.
You will define the admin levels, according to your needs. Now, for this example, let's define 4 levels: