Simple Login And Permission System

You can share your experience with HMG. Share with some screenshots/project details so that others will also be benefited.

Moderator: Rathinagiri

Post Reply
User avatar
l3whmg
Posts: 694
Joined: Mon Feb 23, 2009 8:46 pm
Location: Italy
Contact:

Simple Login And Permission System

Post by l3whmg »

Hello everyone,
I want to share with you my own interpretation for a Login And Permission System.

I was inspired by the principles of the UNIX operating system: execute, read, write and delete to which I added: export, import and print.
Obviously they were my needs :lol:

The system is based on two text files: one (logins.ini) stores the information to perform a login with password in the other (permissions.ini) stores the permissions granted to users.

Below I give a brief description of their contents; you can find it in the files and sources.
1) logins.ini
- each line refers to a user only, the fields are separated by ";"
- Each line must contain five fields:
# 1: access login or username or user ID
# 2: full name or description
# 3: activation date in the format yyyymmdd
# 4: from the date the number of days of validity (0 corresponds to infinity).
# 5: password, encrypted using the HB_CRYPT() function

2) permissions.ini
- each line refers to only one user for every application and function, the fields are separated by ";"
- Each line must contain four fields:
# 1: application Name. NB the idea is to handle multiple applications (not functions / procedures see below)
# 2: function name (or precedure) associated with the application and user related
# 3: access login or username or user ID (See #1 logins.ini)
# 4: permission granted. It's a string (currently) can contain these symbols:
X = execute, R = read, W = write, D = delete, P = print, I = import, E = export
If all permits are granted, alternatively use "all"

I preferred the text file to make changes quickly using any text editor.
Obviously, you can not use the text editor to modify encrypted passwords: you must use a function.
In a network environment, the two files could be located in a read-only folder (the passwords are encrypted :mrgreen: )

I wrote two programs: the first (l3wsetup) create two sample files, the second (l3wtest) simulates the use in an application.

Well, that's all.

I hope someone finds this useful solution. I'm available for questions and comments.

Oh! I forgot. You can freely use all materials except the logo L3W: is mine :lol:

Best regards
Attachments
LAPSecurity.zip
(1.52 MiB) Downloaded 883 times
Luigi from Italy
www.L3W.it
User avatar
Rathinagiri
Posts: 5471
Joined: Tue Jul 29, 2008 6:30 pm
DBs Used: MariaDB, SQLite, SQLCipher and MySQL
Location: Sivakasi, India
Contact:

Re: Simple Login And Permission System

Post by Rathinagiri »

Nice implementation Luigi. Definitely useful.
East or West HMG is the Best.
South or North HMG is worth.
...the possibilities are endless.
User avatar
l3whmg
Posts: 694
Joined: Mon Feb 23, 2009 8:46 pm
Location: Italy
Contact:

Re: Simple Login And Permission System

Post by l3whmg »

Hi Rathi,
many thanks for your words!
Bye
Luigi from Italy
www.L3W.it
User avatar
esgici
Posts: 4543
Joined: Wed Jul 30, 2008 9:17 pm
DBs Used: DBF
Location: iskenderun / Turkiye
Contact:

Re: Simple Login And Permission System

Post by esgici »

Ciao Luigi,

Really useful and inspirer, thanks to sharing :)

By the way, does a single .ini file will be more convenient?

Regards

--

Esgici
Viva INTERNATIONAL HMG :D
User avatar
l3whmg
Posts: 694
Joined: Mon Feb 23, 2009 8:46 pm
Location: Italy
Contact:

Re: Simple Login And Permission System

Post by l3whmg »

Hi Esgici my friend,
of course it's a possibility ;)
but I believe that all of the information, their diversity, could create management problems.
Check different applications, and each of these different functions / procedures, assigning permissions to various users, I believe it would create a very large file.
Assigning a file for each application is somewhat more laborious operation, but I thought it was easier to control and change.
Many, many thank you for your observation: I meditate 8-)

Best regards
Luigi from Italy
www.L3W.it
User avatar
esgici
Posts: 4543
Joined: Wed Jul 30, 2008 9:17 pm
DBs Used: DBF
Location: iskenderun / Turkiye
Contact:

Re: Simple Login And Permission System

Post by esgici »

Ciao amico Luigi,

Since you will meditate, may be useful considering this points too :

- Use a table for all user information
- Give "cryptic" fiels names : ie UI1, UI2, UI3 ( User information 1, 2, ... )
UI1 : User ID,
UI2 : Password
UI3 : Functions
UI4 : Permissions
...
- Keep all field in C type and crypt them in any way you like
- One of field is USER ID; and your table indexed by this field
- You can add extra field such as : IsOnline?, Last Login Date-Time ...

With this way big file doesn't will problem and maintenance will be easier, I think.

Happy HMG'ing :D

--

Esgici
Viva INTERNATIONAL HMG :D
User avatar
Rathinagiri
Posts: 5471
Joined: Tue Jul 29, 2008 6:30 pm
DBs Used: MariaDB, SQLite, SQLCipher and MySQL
Location: Sivakasi, India
Contact:

Re: Simple Login And Permission System

Post by Rathinagiri »

Nice idea Esgici. I like it.
East or West HMG is the Best.
South or North HMG is worth.
...the possibilities are endless.
User avatar
l3whmg
Posts: 694
Joined: Mon Feb 23, 2009 8:46 pm
Location: Italy
Contact:

Re: Simple Login And Permission System

Post by l3whmg »

Hi Esgici,

I've read about your idea and I've some questions:
1 - when you write "TABLE" I think you speak about .dbf. I'm in right?

2 - about fields to preserve functions and/or permissions. I give you an example: I want store (and I have a lot) function name (normally 8-15 chars for one name). At this point I need a big C type field to store all the functions (name) and one to store permissions: I can set field len to 255 or 1024 or ... but in this way I get a limitation to store (all) the functions name.

Many thanks for you attention!!
Luigi from Italy
www.L3W.it
User avatar
esgici
Posts: 4543
Joined: Wed Jul 30, 2008 9:17 pm
DBs Used: DBF
Location: iskenderun / Turkiye
Contact:

Re: Simple Login And Permission System

Post by esgici »

Ciao Luigi
l3whmg wrote:1 - when you write "TABLE" I think you speak about .dbf. I'm in right?
Yes, of course :)
l3whmg wrote: ...I need a big C type field to store ...
...in this way I get a limitation to store ...
You know, "M" type fields is for this type of requirements; isn't ?

In other hand, are you sure that the best way is using function names for managing user authorization ?

May be found more convenient, easier to build and easier to manage ways, I think.

Regards

--

Esgici
Viva INTERNATIONAL HMG :D
User avatar
l3whmg
Posts: 694
Joined: Mon Feb 23, 2009 8:46 pm
Location: Italy
Contact:

Re: Simple Login And Permission System

Post by l3whmg »

Hi Esgici,
Ok, I understand your POW.
I meditate on to your comments and I will try an alternative.
Many thanks
Luigi from Italy
www.L3W.it
Post Reply