[英]Roles and permissions in php
I am making a menu, but I want to limit it to only some users with a specific permission can see it.我正在制作菜单,但我想将其限制为只有具有特定权限的某些用户才能看到它。
the query:查询:
SELECT idpermission,userid FROM user_permissions WHERE userid = "U001"
SELECT idpermission,userid FROM user_permissions WHERE userid = "U001"
Result: User U001 has 3 permissions stored.结果:用户 U001 存储了 3 个权限。
idpermission,userid IDP001,U001 IDP002,U001 IDP003,U001
I have 3 tables (users,permissions and user_permissions) , in user_permissions I store each permission of each user我有 3 个表(用户、权限和 user_permissions) ,在user_permissions我存储每个用户的每个权限
Example:
Table
user | permission | user_permissions
result:
user: u001,carlos,carlos@...
permissions: IDP001 = book | IDP002 = create_book | IDP003 = edit_book | IDP004 = user | IDP005 = edit_user...
user_permissions:
IDP001,U001
IDP002,U001
IDP003,U001
IDP001,U002
IDP003,U002...
when i call the query当我调用查询时
while($sqlRow=$sqlPermissions->fetch(PDO::FETCH_ASSOC)) { if ($sqlRow['idpermission'] == 'IDP001' || $sqlRow['idpermission'] == 'IDP002' || $sqlRow['idpermission'] == 'IDP003') { echo "user menu "; } }
but the result that appears to me is 3:但在我看来的结果是 3:
user menu user menu user menu
用户菜单用户菜单用户菜单
You should only show me one, making only a comparison if you have such permission shows but shows nothing.你应该只给我看一个,如果你有这样的许可,只做一个比较显示但什么都不显示。
What I want to reach is that the user can have many permissions for different items on the menu, such as view, edit, create, delete, each one is a permission, and each item (user menu, books menu) is another permission.我想达到的是,用户可以对菜单上的不同项目有很多权限,比如查看、编辑、创建、删除,每一个都是一个权限,每个项目(用户菜单、书籍菜单)都是另一个权限。
Use a pivot technique to gather all permissions for a single user and form a single row to fetch with pdo.使用枢轴技术收集单个用户的所有权限并形成一行以使用 pdo 获取。
This way all expected columns are declared and you can use simple truthy/falsey conditional checks in your php for any of the permission settings.这样,所有预期的列都会被声明,您可以在 php 中使用简单的真/假条件检查来进行任何权限设置。
So long as the userid exists in the table, you will have a fully populated row to access.只要表中存在 userid,您就可以访问一个完全填充的行。 This will be clean, direct, efficient, and easy to maintain.
这将是干净、直接、高效且易于维护的。
Schema (MySQL v5.7)架构 (MySQL v5.7)
CREATE TABLE user_permissions (
idpermission VARCHAR(20),
userid VARCHAR(20)
);
INSERT INTO user_permissions VALUES
('IDP001', 'U001'),
('IDP002', 'U001'),
('IDP003', 'U001'),
('IDP001', 'U002'),
('IDP003', 'U002');
Query #1查询#1
SELECT MAX(IF(idpermission = 'IDP001', 1, 0)) AS book,
MAX(IF(idpermission = 'IDP002', 1, 0)) AS create_book,
MAX(IF(idpermission = 'IDP003', 1, 0)) AS edit_book,
MAX(IF(idpermission = 'IDP004', 1, 0)) AS user,
MAX(IF(idpermission = 'IDP005', 1, 0)) AS edit_user
FROM user_permissions
WHERE userid = 'U001'
GROUP BY userid;
Result set:结果集:
| book | create_book | edit_book | user | edit_user |
| ---- | ----------- | --------- | ---- | --------- |
| 1 | 1 | 1 | 0 | 0 |
I'm not sure if your question was lacking information, or I may have missed a point.我不确定您的问题是否缺少信息,或者我可能遗漏了一点。
Your example uses U001 as a user id.您的示例使用U001作为用户 ID。 The
while
loop seems to be correct in showing three "user menu" echos as U001 has permission to view IDP001 , IDP002 , and IDP003 . while
循环在显示三个“用户菜单”回声while
似乎是正确的,因为U001有权查看IDP001 、 IDP002和IDP003 。
If however, you try viewing U002 , considering U002 does not have permission to view IDP002 , and IDP003 .但是,如果您尝试查看U002 ,考虑到U002没有查看IDP002和IDP003 的权限。 You won't see three echos.
你不会看到三个回声。
However, I'd approach this a little differently than you did.但是,我的处理方式与您的处理方式略有不同。 Maybe this might make things simpler for you.
也许这可能会让你的事情变得更简单。
$userPermissions = array(
'book' => 1,
'create_book' => 0,
'edit_book' => 0
);
$menuItems = array(
'book' => 'View Booking',
'create_book' => 'Create Booking',
'edit_book' => 'Edit Booking'
);
foreach ($menuItems as $key => $value) {
if ($userPermissions[$key]) {
echo $value;
}
}
In the above scenario, you can store $userPermissions
as serialized in your database.在上述场景中,您可以将
$userPermissions
作为序列化存储在您的数据库中。 Then, once it's needed, get it from the Database and using the foreach loop create a menu by echoing the values of $menuItems
if the user has permission to view it.然后,一旦需要,从数据库中获取它并使用 foreach 循环通过回显
$menuItems
的值来创建一个菜单,如果用户有权查看它。
Your table (from my example) may look something like this:您的表(来自我的示例)可能如下所示:
id | user_id | permissions
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.