ion auth how to handle access via groups and permissions

Question

I am looking to use Ion Auth as an authentication library in one of my newer projects but I cant seem to understand how to handle permissions to perform certain actions.

For example, I have deals and items and a group "A" which can update both deals and items, and a group "B" which can only update items. How do I code this to make it work?

doing something like this:

//updating deals and items
if($user->in_group('A') || $user->in_group('B')){
    // ok so hes got permission to do it.
}

seems like a very bad approach since this is something that should be dynamic.

Answer 1

What you are looking for is what is called an ACL (Access Control List), which is not the same as an authentication library & is not included in ion_auth by design

You can google around for a good library you like