[ic] Setting customer groups for access different pages

Bill Carr interchange-users@interchange.redhat.com
Fri May 10 07:08:01 2002


On Fri, 2002-05-10 at 02:13, Alma Nuker wrote:
> >I have handled this by creating a group table (describes groups),
> >group_index table (relataionship of users to groups), and a usertag
> that
> >returns 1 if the logged in user is in the given group. I call this
> usertag
> >acl. I have things like:
> .>access_gate:
> >*: [acl @worldwideimpact.com,superusers,itemeditors@bnose.com]
> 
> >I will give more detail if you are interested.
> 
> >Bill Carr
> 
> 
> Thank you so much Bill, that would be great.
> 
> Once agin thanks for your help.
> 
> Alma
CREATE TABLE groups (
  gid int(11) NOT NULL auto_increment,
  title char(20) NOT NULL,
  description char(128),
  PRIMARY KEY (gid),
  KEY gid (gid)
);

CREATE TABLE group_index (
  id int(11) NOT NULL auto_increment,
  username int(11) NOT NULL,
  gid int(11) NOT NULL
)


UserTag acl Order group
UserTag acl Routine <<EOR
sub {
	return 0 unless($Vend::Session->{logged_in});
	my $group = shift;

	my $username = $dbh->quote($Session->{username});
	# GET A Database Handle
	# Make a query like SELECT 1 FROM group_index LEFT JOIN groups
USING(gid) WHERE username=$username AND group=$group
	# MAke your query smarter so your acl tag can handle a list of groups
}
EOR

then in the directory you want to control access to put
.access
.access_gate
*: [acl group1]

You could also skip the acl tag and write
.access_gate
*: [query sql=|SELECT 1 FROM group_index ...| list=1][sql-code][/query]

Sorry I don't have time to give more detail. I just checked out our
stuff and it is way more complicated than you need since we are sharing
the userdb and groups tables among many catalogs

I hope this gets you going in the right direction.
-- 
Bill Carr
Worldwide Impact
bill@worldwideimpact.com
413-253-6700