phpgacl 3.3.7-7.3 / usr / share / phpgacl / docs / examples / millennium_falcon / fineGrainAccessControl.php

This file is indexed.

/usr/share/phpgacl/docs/examples/millennium_falcon/fineGrainAccessControl.php is in phpgacl 3.3.7-7.3.

This file is owned by root:root, with mode 0o644.

The actual contents of the file can be viewed below. 

  1
  2
  3
  4
  5
  6
  7
  8
  9
 10
 11
 12
 13
 14
 15
 16
 17
 18
 19
 20
 21
 22
 23
 24
 25
 26
 27
 28
 29
 30
 31
 32
 33
 34
 35
 36
 37
 38
 39
 40
 41
 42
 43
 44
 45
 46
 47
 48
 49
 50
 51
 52
 53
 54
 55
 56
 57
 58
 59
 60
 61
 62
 63
 64
 65
 66
 67
 68
 69
 70
 71
 72
 73
 74
 75
 76
 77
 78
 79
 80
 81
 82
 83
 84
 85
 86
 87
 88
 89
 90
 91
 92
 93
 94
 95
 96
 97
 98
 99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
<?php
/*
 *	PHPGACL Millennium Falcon ACL fineGrainAccessControl.php
 *
 *	Fine-grain access Control. (manual p.8-9)
 *
 * The ACL tree for this example should start as:
 * Millennium Falcon Passengers Group
 * |-Crew Group			[ALLOW: ALL]
 * | |-Han ARO
 * | '-Chewie ARO
 * '-Passengers Group	[ALLOW: Lounge]
 *   |-Obi-wan ARO
 *   |-Luke ARO
 *   |-R2D2 ARO
 *   '-C3PO ARO
 *
 * The ACL tree at the end of this example will be:
 * Millennium Falcon Passengers Group
 * |-Crew Group			[ALLOW: ALL]
 * | |-Han ARO
 * | '-Chewie ARO		[DENY: Engines]
 * '-Passengers Group	[ALLOW: Lounge]
 *   |-Obi-wan ARO
 *   |-Luke ARO			[ALLOW: Guns]
 *   |-R2D2 ARO			[ALLOW: Engines]
 *   '-C3PO ARO
 */

/*
 * Initialise the database - by clearing and running the previous examples.
 */

// Let's get ready to RUMBLE!!!
$gacl_api = new gacl_api($gacl_options);

/*
 * Keep in mind, all of this can be done through the Administration Interface via your browser.
 */

/*
 * Deny Chewie Access to the Engines!
 */
//Associative array, with Object Section Value => array( Object Value ) pairs. 
$aco_array = array('access' => array('engines') );
$aro_array = array('crew' => array('chewie') );
$allow = FALSE;
$enabled = TRUE;
$return_value = NULL;
$note = "Denying Chewie access to the engines!";

//The NULL values are for the more advanced options such as groups, and AXOs. Refer to the manual for more info.
$result = $gacl_api->add_acl($aco_array, $aro_array, NULL, NULL, NULL, $allow, $enabled, $return_value, $note);
if ($outputDebug == TRUE){
	if ($result !== FALSE) {
		echo "Chewie has been denied access to the Engines!<br>\n";
	} else {
		echo "Error creating ACL.<br>\n";
	}
	echo "<br>\n";
	echo "=================================================================================================<br>\n";
	echo "-- Lets test the new ACL for Chewie! --<br>\n";
	echo "=================================================================================================<br>\n";
}
// Lets check if Chewie has access to the engines
if ( $gacl_api->acl_check('access', 'engines', 'crew', 'chewie') ) {
	if ($outputDebug == TRUE){
		echo "Chewie still has access to the engines!<br>\n";	
	}
} else {
	if ($outputDebug == TRUE){
		echo "Chewie has been denied access to the engines! (Han saves the hyperdrive from further distress!)<br>\n";	
	}
}
// Lets check if Chewie still has access to the cockpit
if ( $gacl_api->acl_check('access', 'cockpit', 'crew', 'chewie') ) {
	if ($outputDebug == TRUE){
		echo "And Chewie still has access to the cockpit! (Hans plan worked!)<br>\n";	
	}
} else {
	if ($outputDebug == TRUE){
		echo "Chewie has been denied access to the cockpit! (Not good - somethings not right!)<br>\n";	
	}
}

if ($outputDebug == TRUE){
	echo "<br>\n";
	echo "=================================================================================================<br>\n";
	echo "-- Under Attack - Allow Luke Access to the Guns and R2D2 to the Engines! --<br>\n";
	echo "=================================================================================================<br>\n";
}
/*
 * Allow Luke Access to the Guns!
 */
//Associative array, with Object Section Value => array( Object Value ) pairs. 
$aco_array = array('access' => array('guns') );
$aro_array = array('passengers' => array('luke') );
$allow = TRUE;
$enabled = TRUE;
$return_value = NULL;
$note = "Allowing Luke access to the guns!";

//The NULL values are for the more advanced options such as groups, and AXOs. Refer to the manual for more info.
$result = $gacl_api->add_acl($aco_array, $aro_array, NULL, NULL, NULL, $allow, $enabled, $return_value, $note);
if ($outputDebug == TRUE){
	if ($result !== FALSE) {
		echo "Luke has been granted access to the Guns!<br>\n";
	} else {
		echo "Error creating ACL - Luke can't get to the Guns.<br>\n";
	}
}

/*
 * Allow R2D2 Access to the Engines!
 */
//Associative array, with Object Section Value => array( Object Value ) pairs. 
$aco_array = array('access' => array('engines') );
$aro_array = array('passengers' => array('r2d2') );
$allow = TRUE;
$enabled = TRUE;
$return_value = NULL;
$note = "Allowing R2D2 access to the engines!";

//The NULL values are for the more advanced options such as groups, and AXOs. Refer to the manual for more info.
$result = $gacl_api->add_acl($aco_array, $aro_array, NULL, NULL, NULL, $allow, $enabled, $return_value, $note);
if ($outputDebug == TRUE){
	if ($result !== FALSE) {
		echo "R2D2 has been granted access to the Engines!<br>\n";
	} else {
		echo "Error creating ACL - R2D2 can't get to the Engines! (we're doomed says C3PO!).<br>\n";
	}
}

if ($outputDebug == TRUE){
	echo "<br>\n<br>\nDone! Now how easy was that? <br>\n";
	echo "Remember to check out the <a href='../../../admin/acl_list.php'>Administration Interface</a> which can do all of the above in a few simple clicks.<br>\n<br>\n";
}
?>

APT Browse - Built by Thomas Orozco.