; Initialize auth entities (Same commands can be executed in padmin auth-console) ; // Run as: ; $app = new app('init-auth'); ; $authc = new authc(); ; $authc->executefile('initscript.txt'); ; At first, create habitants of the house and define their passwords +user mother +passw totoro +user father +passw vzor58 +user jenny +passw rabbit +user bill +passw cthultu ; Now we need split users into four roles, so we create them +role parent +role child +role boy +role girl ; And assign roles to users. Each user has two. user mother +role parent +role girl user father +role parent +role boy user jenny +role child +role girl user bill +role child +role boy ; (note that last added role has highest priority) ; There are four rooms in the house. Let's define right for each one. +right home/rooms/kitchen +right home/rooms/garage +right home/rooms/bedroom +right home/rooms/livingroom ; It can be useful define right for whole home and for all rooms in home: +right home/* +right home/rooms/* ; (These rights will match any string which begins with "home/" or "home/rooms/" ; In other words: if you give right home/rooms/* to someone, test on rights ; home/rooms/kitchen, home/rooms/garage, home/rooms/garage/car etc. will be true) ; There is a car in the garage +right home/rooms/garage/car ; Only boys has access to garage and only girls to the kitchen. role boy +right home/rooms/garage role girl +right home/rooms/kitchen ; Only parents can use parent's bedroom role parent + right home/rooms/bedroom ; Both, parents and children can use livingroom role parent +right home/rooms/livingroom role child +right home/rooms/livingroom ; Allow use anything in garage to boys +right home/rooms/garage/* role boy +right home/rooms/garage/* ; But bill cannot use car. user bill +right home/rooms/garage/car "0" ; (Now there are two new things: We assign right to the user, not to the role ; and we set value of the right to "0" which means "deny". Individual right ; take precedence before right coming from role)