Skip to content

Instantly share code, notes, and snippets.

@cbellgit
Forked from xaprb/all-table-privileges.php
Created March 21, 2016 12:21
Show Gist options
  • Save cbellgit/59645cfe9bc973d55996 to your computer and use it in GitHub Desktop.
Save cbellgit/59645cfe9bc973d55996 to your computer and use it in GitHub Desktop.
<?php
$permissions = array(
"owner_read" => 256,
"owner_write" => 128,
"owner_delete" => 64,
"group_read" => 32,
"group_write" => 16,
"group_delete" => 8,
"other_read" => 4,
"other_write" => 2,
"other_delete" => 1
);
$groups = array(
"root" => 1,
"officer" => 2,
"user" => 4,
"wheel" => 8
);
$tbl = 't_event';
$user_id = 2;
$user_groups = 4;
$query = "
select ac.c_title
from
t_action as ac
-- Privileges that apply to the table and grant the given action
-- Not an inner join because the action may be granted even if there is no
-- privilege granting it. For example, root users can take all actions.
left outer join t_privilege as pr
on pr.c_related_table = '$tbl'
and pr.c_action = ac.c_title
and pr.c_type = 'table'
where
-- The action must apply to tables (NOT apply to objects)
(ac.c_apply_object = 0) and (
-- Members of the 'root' group are always allowed to do everything
($user_groups & $groups[root] <> 0)
-- user privileges
or (pr.c_role = 'user' and pr.c_who = $user_id)
-- group privileges
or (pr.c_role = 'group' and (pr.c_who & $user_groups <> 0)))
";
echo $query;
?>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment