Prototype access control model. There's much left to do, but it's a

working implementation.
author: Bharat Mediratta <bharat@menalto.com> 2008-12-01 08:50:00 +0000
committer: Bharat Mediratta <bharat@menalto.com> 2008-12-01 08:50:00 +0000
commit: 91c4bda1ec6640abb8b1a585e1fd1f8955d53fd1 (patch)
tree: 42f8f79c6d356a04d0e8365a0921d7257f12c64d /core/helpers/core_installer.php
parent: ab0fcb7453db7d93c9dc1dfd38e6d6f84a5b16b5 (diff)
1 files changed, 25 insertions, 4 deletions
diff --git a/core/helpers/core_installer.php b/core/helpers/core_installer.php
index 792798ea..d1e359c7 100644
--- a/core/helpers/core_installer.php
+++ b/core/helpers/core_installer.php
@@ -31,11 +31,15 @@ class core_installer {
     }
 
     if ($version == 0) {
-      $db->query("CREATE TABLE `access` (
+      $db->query("CREATE TABLE `access_caches` (
+                   `id` int(9) NOT NULL auto_increment,
+                   `item_id` int(9),
+                   PRIMARY KEY (`id`))
+                 ENGINE=InnoDB DEFAULT CHARSET=utf8;");
+
+      $db->query("CREATE TABLE `access_intents` (
                    `id` int(9) NOT NULL auto_increment,
                    `item_id` int(9),
-                   `group_id` int(9) NOT NULL,
-                   `perm` char(255) default NULL,
                    PRIMARY KEY (`id`))
                  ENGINE=InnoDB DEFAULT CHARSET=utf8;");
 
@@ -70,10 +74,21 @@ class core_installer {
                    UNIQUE KEY(`name`))
                  ENGINE=InnoDB DEFAULT CHARSET=utf8;");
 
+      $db->query("CREATE TABLE `permissions` (
+                   `id` int(9) NOT NULL auto_increment,
+                   `name` char(255) default NULL,
+                   `version` int(9) default NULL,
+                   PRIMARY KEY (`id`),
+                   UNIQUE KEY(`name`))
+                 ENGINE=InnoDB DEFAULT CHARSET=utf8;");
+
       foreach (array("albums", "resizes") as $dir) {
         @mkdir(VARPATH . $dir);
       }
 
+      access::register_permission("view");
+      access::register_permission("edit");
+
       $root = ORM::factory("item");
       $root->type = 'album';
       $root->title = "Gallery";
@@ -85,13 +100,19 @@ class core_installer {
       $root->set_thumbnail(DOCROOT . "core/tests/test.jpg", 200, 150)
         ->save();
 
+      access::add_item($root);
+      access::allow(0, "view", $root->id);
+      access::deny(0, "edit", $root->id);
+
       module::set_version("core", 1);
     }
   }
 
   public static function uninstall() {
     $db = Database::instance();
-    $db->query("DROP TABLE IF EXISTS `access`;");
+    $db->query("DROP TABLE IF EXISTS `access_cache`;");
+    $db->query("DROP TABLE IF EXISTS `access_intent`;");
+    $db->query("DROP TABLE IF EXISTS `permissions`;");
     $db->query("DROP TABLE IF EXISTS `items`;");
     $db->query("DROP TABLE IF EXISTS `modules`;");
     system("/bin/rm -rf " . VARPATH . "albums");
author	Bharat Mediratta <bharat@menalto.com>	2008-12-01 08:50:00 +0000
committer	Bharat Mediratta <bharat@menalto.com>	2008-12-01 08:50:00 +0000
commit	91c4bda1ec6640abb8b1a585e1fd1f8955d53fd1 (patch)
tree	42f8f79c6d356a04d0e8365a0921d7257f12c64d /core/helpers/core_installer.php
parent	ab0fcb7453db7d93c9dc1dfd38e6d6f84a5b16b5 (diff)