Code snippets for symfony 1.x

Navigation

Refine Tags

Snippets tagged "access"

Restrict access to records

I've been looking for the right way to restrict access to records, and here's the approach I came up with:

Big thanks goes to everyone else participating in symfony, and specially to Charley Tiggs at the mailing list, who helped me getting started with restricting access to records.

by Erik Itland on 2007-12-03, tagged access  control  record 

Access control to environment and applications and custom global config file for an environment ?

With this snippet we can implement the following functionalities from the global configuration file config/config.php:

I developed a mini-library (config/config.lib.php) to include and use in the global config file config/config.php.

<?php
/**
 * IP access control to an environment
 *
 * @param string $env environment name
 * @param array $ips IPs that has access
 * @param string $clientip client IP
 */
function envCorrecte ($env,$ips,$clientip)
{
    if (SF_ENVIRONMENT==$env)
    {
        $acces=0;
        foreach($ips as $ip)
        {
            $ipclient=substr($clientip,0,strlen($ip));
            if ($ipclient==$ip)
            {
                $acces=1;
            }
        }
        if ($acces==0)
        {
            echo "Keep away! this is not a public environment.";
            exit;
        }
    }
}
/**
 * IP access control to an application of the symfony project
 *
 * @param array $apps no public applications
 * @param array $ips IPs that has access
 * @param string $clientip client IP
 */
function appCorrecte ($apps,$ips,$clientip)
{
    // solve problem with key '0' in array
        $apps_aux[0]='';
    $apps = $apps_aux + $apps;
    //
    if (array_search(SF_APP,$apps)!=false)
    {
        $acces=0;
        foreach($ips as $ip)
        {
            $ADR=$HTTP_SERVER_VARS['REMOTE_ADDR'];
            $ipclient=substr($clientip,0,strlen($ip));
            if ($ipclient==$ip)
            {
                $acces=1;
            }
        }   
        if ($acces==0)
        {
            echo "Keep away! ".SF_APP." is not a public application.";
            exit;
        }
    }
 
}
?>

Finally config/config.php file can be like this:

<?php
include("config.lib.php");
 
/**
 * IP access control to 'env' and 'int' environments
 */
$ip_dev=array("10.138.0.","192.168.");
$ip_int=array("10.138.0.","192.168.");
envCorrecte('env',$ip_env,$HTTP_SERVER_VARS['REMOTE_ADDR']);
envCorrecte('int',$ip_int,$HTTP_SERVER_VARS['REMOTE_ADDR']);
 
/**
 * IP access control to backend applications
 */
$ip_apps=array("10.138.0.","192.168.","w.x.y.z");
$apps=array('myapp_1','myapp_2','myapp_n');
appCorrecte($apps,$ip_apps,$HTTP_SERVER_VARS['REMOTE_ADDR']);
 
/**
 * Custom config.php file for each environment
 */
include("config.".SF_ENVIRONMENT.".php");
 
/**
 * Common config.php file for all environments
 */
define("example","content1");
 
?>
by Oriol Rius on 2006-08-11, tagged access  administration  backend  config  environment  security