What is Seditio Auth System?
Everything you have wanted to know about the built in auth features.

In short, Seditio Auth is the system in which Groups are granted or denied access to certain features of the Core system, and or Plugins.
Auth just stands for Authentication.

The Basics

Seditio itself uses only 3 levels of acess.

Read, Write, and Admin

Here is what typically Each level gives.

Read - This is required to view a section or plugin(s), in hooks, this allows the hook to be ran for that group.

Write - This is required to do things for example such as Post a topic or reply in a forum, or Submit a page to a section. For plugins, it will vary for what the plugin (if at all it uses auth) has be designed it for. The creator should have given information on what gives what.

Admin - This gives administrative access to areas of the website, such as being allowed to edit pages in a section, edit users profiles, or edit/delete/bump/sticky/etc in forums. For plugins, it will vary for what the plugin (if at all it uses auth) has be designed it for. The creator should have given information on what gives what.

Thats basiclly, all there is to know about Seditio Auth for general use.

Advanced for Plugin Development

What good will this do in my plugin?
It will allow you to set specific access to certain areas or certain features for only people given that access. Once you learn how to use this this feature of Seditio. You will find out how simple, and wonderful it really is.

Why not just use level to allow access?
Well, the Level feature of Seditio is really outdated and obsolete. The reason why group level is not a good method is because, different people who use your plugin may have different levels set or extra groups, and do not allow for precisely giving acess without either requiring the user to hardcode the levels of which group should have access to what, or by making them configure it. And using something like if level is greaterthan or lessthan whatever is bad, because that may include people they don't want.

The Basics
Really its the same as stated before. As far as how the levels work and to set them. Read access is still required to view(run) the plugin or hook. As for the others, they will be determined by you what they do.

How gather the auth information for a user.
The first thing to know is that sed_auth function returns TRUE(1), FALSE(0), or an array(read below).

The Syntax of the function is like this.

'plug' - leave this alone it tells it what your looking for is a plugin.

'code' - the "code" name you are using for your plugin

'auth level' - the auth level(s) you want to check for (ex. 'R', 'W', 'A', 'RWA', or 12345 etc) - A note on this, If you put more than 1 level to check, the returned value will be an array starting with [0] for the first level you wanted to check, and increasing by 1 each time, for each level you chose to check.


There are 2 ways of checking a users auth.
First you can do it like the following (3 examples for this method)

Using it like this you would likely use it directly in a IF statment, or something of that sort. This would only work correctly if your only checking one level.

You can read down below further to see how to use these methods

Now the second way is how its typically used in Seditio, but there is a warning with using it with this method.
If you use this method in a hook. You need to reset the values (run the line again, but with what the core checks before you changed it). Or you need to change the variable names that they are stored in.
The reason this could be dangerous or a problem is because. If you do not reset the auth to the default, users could gain unwanted access to areas or things you didn't want them to have. (if you didn't rename the variables) (ex. A hook in forums checking auth with this method, could cause a user with admin access but without admin access to the forums, to see Links for admin features, or in a worse case the possibility to use them)

Now for the code

The syntax is the same as above, with the following addition

'plug' - leave this alone it tells it what your looking for is a plugin.

'code' - the "code" name you are using for your plugin

'auth level' - There is a slight difference with using it like this, by default if you put nothing it will load RWA into the variables, if you need more (ex. RW12345A) Then you can just add ", 'auth levels'" after 'code' (don't use the double quote ").

$usr['auth_read'] - This stores the Read access check for the user - RECOMMENDED if using this in a hook change it to something like (ex. $auth_read)

$usr['auth_write'] - This stores the Write access check for the user - RECOMMENDED if using this in a hook change it to something like (ex. $auth_write)

$usr['isadmin'] - This stores the Admin access check for the user - RECOMMENDED if using this in a hook change it to something like (ex. $isadmin)

A note also The order you put the list is the same order you are checking for auth levels (ex. levels 'RW1A', your variables would be like this, $auth_read, $auth_write, $auth_1, $isadmin, etc just keep the 2 matched up in the same order).

After using this, you will beable to call those variables to check for access, They will return TRUE(1) or FALSE(0).

How to block a user without correct access.
This is by far the simplest thing out of it all.

This will redirect users if they do not have the appropriate access to "message.php?msg=930" which is the "You are not allowed to do this" message.

You may also do a quick check to block guest, really this is basicly usless, because if you do not want guests to have access, then all you have to do is remove Read access from guests, but it will be shown here just incase.

This will redirect users if they do not have the appropriate access to "message.php?msg=930" which is the "You are not allowed to do this" message.

Now to use either of those, you would want your auth gathering, and sed_block* to come at the very top of your code to stop them from accessing the page at all.

You could also provide your own messages, or redirects or whatever you would like, without using block by doign something like the following.

This should cover just about everything having to do with Seditio Auth. If you have any more suggestions, questions, comments or feedback feel free to post here in the appropriate section(if you not sure, post and it can be moved if needed).
http://seditiocms.com/forums.php