Table of Contents
In Recite CMS it is possible to restrict which actions each user is allowed to perform. Permissions are defined on a per-role basis. That is, each user belongs to a certain role, and each role has certain things they are and aren't allowed to do.
Users and roles can be managed either from within the Control Panel or from within the Recite administration section. This chapter does not deal with how to manage users and roles, but rather, shows you to create and check permissions.
When you perform a (failed) permissions check in your PHP code, an
Application_User_Permissions_Exception exception is
thrown. Recite will automatically catch this exception and send an appropriate message
to the Control Panel so the user knows a permissions error occurred. As a developer all
you need to do is ensure the exception is thrown when you want permissions enforced.
Sometimes you simply want to check if a user has permission to do something (rather than telling them they don't have permission to do something). The Recite permissions API allows you to easily do this. This is covered later in this chapter.