script access via permissions

how do I restrict access to scripts using a permission scheme? I have thought of the ff:

store permissions as arrays with keys in the power of 2 (2, 4, 8, 16) and use bitwise operators to compare user permissions with permissions required to access the script
store permissions as strings and assign a set of permissions to a script. if a user tries to access the script, a database lookup is performed (to look for permissions the user has)

do you have better approaches on this one? I tried to use bitwise operators and I saw an approach that uses constants (i.e. const ADD_FORUM = 2) but I plan to put my permissions in a configuration file and set them there, allowing me to call it from any script.

btw, I'm using Kohana and I recently started developing in PHP...I decided to build my own auth lib in Kohana

some where in the conf file:

const('VIEW_FORUM', 1);
const('ADD_FORUM', 2);
const('DELETE_FORUM', 4);

in user details:

// read only user
$userPermissions = VIEW_FORUM;
// full access
$userPermissions = VIEW_FORUM + ADD_FORUM + DELETE_FORUM;

on the page where you need to check permissions:

// permission ADD_FORUM is required  
if ($userPermissions & ADD_FORUM) echo 'all good';

// permission ADD_FORUM & DELETE is required  

if ($userPermissions & (ADD_FORUM + DELETE_FORUM)) echo 'all good';

ansaurus

tags:

views:

answers:

script access via permissions

related questions