Collections functions
General functions
Render functions
Theme permission functions
Resource functions

Overview

Access control enforces policy such that users cannot act outside of their intended permissions. Failures typically lead to unauthorized information disclosure, modification or destruction of all data, or performing a business function outside of the limits of the user.

How to enforce

Authentication (AuthN)

The authentication process is handled by including the /include/authenticate.php file on every page that needs to be available to authenticated users (including anonymous).

Authorization (AuthZ)

ResourceSpace provides access control using a group membership mechanism where a user can belong to only one user group at a particular point in time. Each user group has permissions to different parts/functions of the system (e.g edit/view fields, download resources).

The low level function used to verify if a user has a particular permission is checkperm($perm).