How to implement different access rights to the form?

D

Danbka2016-09-06 10:59:58

PHP

Danbka, 2016-09-06 10:59:58

Hey!
The project was implemented on Bitrix.
For example, it has 3 user groups: Administrator, Manager, Accountant.
And there is a form for editing, for example, invoices with several fields: Number, Date, Amount, Paid.
The administrator can see and edit all fields.
The manager can edit the fields "Number", "Date", "Amount". And "Paid" - only viewing.
The accountant can view the fields "Number", "Date", "Amount". And can change the "Paid" field.
In a real situation, there are more fields and options for who can do what. Now everything is implemented head-on, with the help of a bunch of if's when forming the front-end (to whom to display an editable field, and to whom - a blocked one), and on the back-end.
How to implement such differentiation of rights more competently?

Reply

Answer the question

In order to leave comments, you need to log in

1 answer(s)

D

Dave, 2016-09-06
@djay

First, use a PHP framework. as an option - Yii 2 / Laravel 5.
And then just set up the RBAC / ACL component, since they are designed specifically for such tasks. How to set permissions in these frameworks and show fields depending on the role - documentation and examples of the sea. I think you will find it.