ullright Access Control
The ullright access control system is based on users, groups and permissions.
Users are organized in groups, and groups have permissions.
Entity relation diagram for ullCore
ullsfActions::checkPermission($permission)
The default way to protect an (symfony) action is to check for a certain permission.
Example for the ullWiki edit action:
// File plugins/lib/ullWikiPlugin/modules/ullWiki/lib/BaseUllWikiActions.class.php public function executeEdit($request) { $this->checkPermission('ull_wiki_edit'); ... }
The checkPermission() method explained:
- First it checks if a user is logged in. If not, it redirects to the login action.
- If a user is logged in, it checks the access for the given permission "ull_wiki_edit".
- If the user doesn't have the required permission a "no access" page is displayed.
- Otherwise it displays the desired page.
The permission "ull_wiki_edit" must be defined in the table "UllPermission".