-
-
Save cbellgit/3fdd57320c42c5338b6b to your computer and use it in GitHub Desktop.
PHP example file for http://www.xaprb.com/blog/2006/08/18/role-based-access-control-in-sql-part-2
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <?php | |
| $permissions = array( | |
| "owner_read" => 256, | |
| "owner_write" => 128, | |
| "owner_delete" => 64, | |
| "group_read" => 32, | |
| "group_write" => 16, | |
| "group_delete" => 8, | |
| "other_read" => 4, | |
| "other_write" => 2, | |
| "other_delete" => 1 | |
| ); | |
| $groups = array( | |
| "root" => 1, | |
| "officer" => 2, | |
| "user" => 4, | |
| "wheel" => 8 | |
| ); | |
| $obj_id = 2; | |
| $tbl = 't_user'; | |
| $user_id = 2; | |
| $user_groups = 4; | |
| $query = " | |
| select | |
| pr.c_role, | |
| pr.c_who, | |
| case | |
| when (pr.c_role = 'user') then coalesce(us.c_username, '--DNE--') | |
| when (pr.c_role = 'group') then '' | |
| when (pr.c_role = 'owner_group') then '' | |
| else 'none' | |
| end as c_name, | |
| pr.c_action, | |
| pr.c_type, | |
| pr.c_related_table as c_table, | |
| pr.c_related_uid, | |
| ia.c_status | |
| from t_privilege as pr | |
| inner join t_action as ac on ac.c_title = pr.c_action | |
| inner join $tbl as ob on ob.c_uid = $obj_id | |
| inner join t_implemented_action as ia on ia.c_table = '$tbl' | |
| and ia.c_action = ac.c_title | |
| left outer join t_user as us | |
| on pr.c_role = 'user' | |
| and pr.c_who = us.c_uid | |
| where ( | |
| (pr.c_type = 'object' and pr.c_related_uid = $obj_id) | |
| or (pr.c_type in ('table', 'global')) | |
| or (pr.c_role = 'self' and pr.c_related_table = 't_user')) | |
| and pr.c_related_table = '$tbl' | |
| "; | |
| echo $query; | |
| ?> |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment