123 lines
4.0 KiB
PHP
123 lines
4.0 KiB
PHP
<?php
|
|
|
|
declare(strict_types=1);
|
|
|
|
/**
|
|
* This file is part of CodeIgniter Shield.
|
|
*
|
|
* (c) CodeIgniter Foundation <admin@codeigniter.com>
|
|
*
|
|
* For the full copyright and license information, please view
|
|
* the LICENSE file that was distributed with this source code.
|
|
*/
|
|
|
|
namespace Config;
|
|
|
|
use CodeIgniter\Shield\Config\AuthGroups as ShieldAuthGroups;
|
|
|
|
class AuthGroups extends ShieldAuthGroups
|
|
{
|
|
/**
|
|
* --------------------------------------------------------------------
|
|
* Default Group
|
|
* --------------------------------------------------------------------
|
|
* The group that a newly registered user is added to.
|
|
*/
|
|
public string $defaultGroup = 'user';
|
|
|
|
/**
|
|
* --------------------------------------------------------------------
|
|
* Groups
|
|
* --------------------------------------------------------------------
|
|
* An associative array of the available groups in the system, where the keys
|
|
* are the group names and the values are arrays of the group info.
|
|
*
|
|
* Whatever value you assign as the key will be used to refer to the group
|
|
* when using functions such as:
|
|
* $user->addGroup('superadmin');
|
|
*
|
|
* @var array<string, array<string, string>>
|
|
*
|
|
* @see https://codeigniter4.github.io/shield/quick_start_guide/using_authorization/#change-available-groups for more info
|
|
*/
|
|
public array $groups = [
|
|
'superadmin' => [
|
|
'title' => 'Super Admin',
|
|
'description' => 'Complete control of the site.',
|
|
],
|
|
'admin' => [
|
|
'title' => 'Admin',
|
|
'description' => 'Day to day administrators of the site.',
|
|
],
|
|
'finanzen' => [
|
|
'title' => 'Finanzmanger User',
|
|
'description' => 'Buchhaltung.',
|
|
],
|
|
'user' => [
|
|
'title' => 'User',
|
|
'description' => 'General users of the site. Often customers.',
|
|
],
|
|
'smarthome' => [
|
|
'title' => 'Smarthome User',
|
|
'description' => 'Kann Smarthome eingeschränkt benutzen.',
|
|
],
|
|
];
|
|
|
|
/**
|
|
* --------------------------------------------------------------------
|
|
* Permissions
|
|
* --------------------------------------------------------------------
|
|
* The available permissions in the system.
|
|
*
|
|
* If a permission is not listed here it cannot be used.
|
|
*/
|
|
public array $permissions = [
|
|
'admin.access' => 'Can access the sites admin area',
|
|
'admin.settings' => 'Can access the main site settings',
|
|
'users.manage-admins' => 'Can manage other admins',
|
|
'users.create' => 'Can create new non-admin users',
|
|
'users.edit' => 'Can edit existing non-admin users',
|
|
'users.delete' => 'Can delete existing non-admin users',
|
|
'finanzen.view' => 'Can view FinanzManager',
|
|
'finanzen.change' => 'Can use FinanzManager',
|
|
'smarthome.settings' => 'Can change settings in smarthome',
|
|
'smarthome.action' => 'Can switch lights in smarthome',
|
|
'smarthome.view' => 'Can view smarthome site',
|
|
];
|
|
|
|
/**
|
|
* --------------------------------------------------------------------
|
|
* Permissions Matrix
|
|
* --------------------------------------------------------------------
|
|
* Maps permissions to groups.
|
|
*
|
|
* This defines group-level permissions.
|
|
*/
|
|
public array $matrix = [
|
|
'superadmin' => [
|
|
'admin.*',
|
|
'users.*',
|
|
'smarthome.*',
|
|
'finanzen.*',
|
|
|
|
],
|
|
'admin' => [
|
|
'admin.access',
|
|
'users.create',
|
|
'users.edit',
|
|
'users.delete',
|
|
'beta.access',
|
|
],
|
|
'finanzen' => [
|
|
'finanzen.view',
|
|
'finanzen.change',
|
|
],
|
|
'user' => [
|
|
'smarthome.view',
|
|
],
|
|
'smarthome' => [
|
|
'smarthome.action',
|
|
],
|
|
];
|
|
}
|