Auth API (ACL)

#1. What is Cotonti Auth System?

In short, Cotonti Auth is the system in which Groups are granted or denied access to certain features of the Core system, and or Plugins.
Auth just stands for Authentication.

#2. The Basics

Cotonti itself (mostly)uses only 3 levels of access.

Read, Write, and Admin

Here is what typically Each level gives.

• Read - This is required to view a section or plugin(s), in hooks, this allows the hook to be ran for that group.
• Write - This is required to do things for example such as Post a topic or reply in a forum, or Submit a page to a section. For plugins, it will vary for what the plugin (if at all it uses auth) has be designed it for. The creator should have given information on what gives what.
• Admin - This gives administrative access to areas of the website, such as being allowed to edit pages in a section, edit users profiles, or edit/delete/bump/sticky/etc in forums. For plugins, it will vary for what the plugin (if at all it uses auth) has be designed it for. The creator should have given information on what gives what.

Thats basiclly, all there is to know about Cotonti Auth for general use.

#3. Advanced for Plugin Development

What good will this do in my plugin?

It will allow you to set specific access to certain areas or certain features for only people given that access. Once you learn how to use this this feature of Cotonti. You will find out how simple, and wonderful it really is.

Why not just use level to allow access?

Well, the Level feature of Cotonti is really outdated and obsolete. The reason why group level is not a good method is because, different people who use your plugin may have different levels set or extra groups, and do not allow for precisely giving acess without either requiring the user to hardcode the levels of which group should have access to what, or by making them configure it. And using something like if level is greaterthan or lessthan whatever is bad, because that may include people they don't want.

The Basics

Really its the same as stated before. As far as how the levels work and to set them. Read access is still required to view(run) the plugin or hook. As for the others, they will be determined by you what they do.

How gather the auth information for a user.

The first thing to know is that cot_auth function returns TRUE(1), FALSE(0), or an array(read below).
The Syntax of the function is like this.

cot_auth('plug', 'code', 'auth level');

$auth = cot_auth('plug', 'code', 'auth level');

list($usr['auth_read'], $usr['auth_write'], $usr['isadmin']) = cot_auth('plug', 'code');

cot_block(cot_auth('plug', 'code', 'auth level')); //This is a way of checking access without storing the information in a variable (typically used if you don't need to use that value check more than once, if you do store it in a variable)
cot_block($variable); //This is a variable containing TRUE or FALSE which you obtained from above

cot_blockguests();

$auth = cot_auth('plug', 'code', 'auth level'); ///if you do it with one of the following first 3 ways, this should come before the check.
if($auth == FALSE) { then do this } //or do TRUE for false check
//or you could do it like this
if($auth == 0) { then do this } //or do 1 for TRUE check
//or you could do it like this
if(!$auth) { then do this } //or do $auth for TRUE check
//
//or you could do it like this, if you only need to check the auth once you can directly call it(if you need to use this value anywhere else more than once, do the above method and store it in a variable)
//
if(cot_auth('plug', 'code', 'auth level' == FALSE)) { then do this } //or do TRUE for false check
//or you could do it like this
if(cot_auth('plug', 'code', 'auth level' == 0)) { then do this } //or do 1 for TRUE check
//or you could do it like this
if(!cot_auth('plug', 'code', 'auth level')) { then do this } //or do cot_auth('plug', 'code', 'auth level') for TRUE check

• 'plug' - leave this alone it tells it what your looking for is a plugin.
• 'code' - the "code" name you are using for your plugin
• 'auth level' - the auth level(s) you want to check for (ex. 'R', 'W', 'A', 'RWA', or 12345 etc) - A note on this, If you put more than 1 level to check, the returned value will be an array starting with [0] for the first level you wanted to check, and increasing by 1 each time, for each level you chose to check.

• 'plug' - leave this alone it tells it what your looking for is a plugin.
• 'code' - the "code" name you are using for your plugin
• 'auth level' - There is a slight difference with using it like this, by default if you put nothing it will load RWA into the variables, if you need more (ex. RW12345A) Then you can just add ", 'auth levels'" after 'code' (don't use the double quote ").
• $usr['auth_read'] - This stores the Read access check for the user - RECOMMENDED if using this in a hook change it to something like (ex. $auth_read)
• $usr['auth_write'] - This stores the Write access check for the user - RECOMMENDED if using this in a hook change it to something like (ex. $auth_write)
• $usr['isadmin'] - This stores the Admin access check for the user - RECOMMENDED if using this in a hook change it to something like (ex. $isadmin)