I have an admin with 5 or 6 user types (admins, users, partners, curators, vendors, etc.) each can have access to different pages as well as different functions within a page. Wondering what best practices might be in designing a methodology for this with least amount of if statements, which is pretty much how I handle it now.
Hi,
I have been a PHP developer for 13 years and have experience building enterprise applications.
What framework are you using? Most PHP frameworks have a built in authentication and authorization mechanism. For example, Yii has a builtin RBAC system that allow you to define a hierarchical permission system.
If you're not using a framework or you just want to implement your own system for whatever reason then you can utilize Object Oriented Design and implement a Base controller (if MVC) that checks the permission for each request. That won't use a lot of if statements.
Probably need more info, to give definitive guidance. Hope that helps.
Answered 10 years ago
Access 20,000+ Startup Experts, 650+ masterclass videos, 1,000+ in-depth guides, and all the software tools you need to launch and grow quickly.
Already a member? Sign in