RBAC stands for Role Based Access Control. RBAC separates the concepts of Users, Roles, and Permissions. Roles and Permissions are defined separately. Then the security Administrator decides what role should be permitted to do what action, by assigning that role to the permission. Finally, Users are assigned to Roles. The system does the rest. For further information about RBAC, you can read it from this link.
PHPMaker uses RBAC to make the relationship between Users, User Levels, and User Level Permissions. This will allow Administrator to define the certain role (User Levels) to do the certain actions (User Level Permissions), afterwards, assigning the certain role for the certain users (Users). Up to PHPMaker 10, there are six actions/operations which are handled nicely by using a RBAC approach in the web applications that generated by it. These operations (CRUD + Search) are actually common being used in any web applications.
Those six actions as follow:
- Add/Copy
- Delete
- Edit
- List
- View
- Search
You can actually separate the List, View, and Search, or even make them become one action (List/View/Search) by customizing the related setting from Tools -> Advanced Settings -> Separate permissions for List/View/Search setting item.
Unlike the common web applications, now I have successfully enhanced the RBAC in PHPMaker by adding 8 (eight) other actions which are related to the current page object and very often being used in the generated List and View pages, as follow:
- Printer Friendly
- Export to Excel
- Export to Word
- Export to HTML
- Export to XML
- Export to CSV
- Export to PDF
- Export/Send to Email
So, the completed enhanced RBAC in PHPMaker will become 14 (fourteen) actions, as shown in the following screenshot below (click on the picture to enlarge the screenshot):
Now you can implement it easily and quickly by using MasinoFixedWidthSite10 extension. So, don't waste your time to customize PHPMaker template to implement the enhanced RBAC in PHPMaker! Simply enable that extension in your PHPMaker project, and you're ready to go! 🙂
Ame Abdi says
Pak Masino, I need to set user access level for certain fields, not for whole table. How to do that? Please, thanks.
Masino Sinaga says
Try to use FieldVisibility extension from PHPMaker.