I wanted to expand on the permissions in Raid Ninja a bit more. Over the last week I created a page to allow admins the ability to edit user permissions. The page displays a list of links that are the user names. Click the link and the page will display a list of checkboxes for the various permissions. Those permissions that the user has are checked. The admins can then (un)check permissions as they see fit.

Now previously RN used an adminCheck page to see if the user was allow into the admin pages and if not it booted them to the main index. In order to set up Raid Ninja to use this new permission system I had to create a helper function, checkForPermission($permissionName), which will check if the current user has the permission and if not it will boot them to the main screen. So I replaced all instances of the include('adminCheck'.$phpEx); line that I could find with checkForPermission('is_admin'); All seems well. This checkForPermission() function will check for the permission passed in and the 'is_admin' permission. Since if a user is an admin they will have access to anything regardless of other permissions.

If you want to check if a user has a certain permission, but don't want to boot them. Like say you want to display a button for adding groups, but not if the user only has permission to edit them. $checkPermission($permissionName) will return a boolean if the user has this permission.

I have to talk to Nate to about where to put these checks for other permissions, but once I have an idea I'll be updating the other admin pages with the specific permissions that are needed.

I haven't quite decided on my next project for RN, but I'm thinking I might take a look into the calendar view.