所以我想做的是创建一种方法,我可以覆盖已经在角色中设置的权限作为标准,因此即使用户是角色的一部分。我可以去找一个特定的用户告诉他,他不允许使用这个特定的许可,即使他的角色允许他做这个特定的事情,反之亦然!
在我的数据库中,我有以下表格。
users:
- fk_role_id
- ...
permissions:
- perm_id
- perm_name
- perm_key
role_rights:
- fk_role_id
- fk_perm_id
user_rights:
- fk_usr_id
- fk_perm_id
- allow
打破我的代码:
首先,我想创建一个数组,我可以存储我的所有权限。所以我只能使用if(in_array())来允许人们使用某些内容。
$g_permissions = array();
这里我加入了我的role_rights,其中包含哪些角色具有哪些权限,这里我获得了具有特定ID的角色所包含的权限。
$query = "SELECT * FROM role_rights
INNER JOIN permissions ON fk_perm_id = perm_id
WHERE fk_role_id = $roleID";
$roleArray = new DBfetch($query);
$ roleArray创建的数组:
role_rights - DBfetch Object
(
[row] => Array
(
[0] => Array
(
[fk_role_id] => 1
[fk_perm_id] => 1
[perm_id] => 1
[perm_name] => Admin Panel: Panel Access
[perm_key] => panel_access
)
[1] => Array
(
[fk_role_id] => 1
[fk_perm_id] => 2
[perm_id] => 2
[perm_name] => Admin Panel: Create a user
[perm_key] => panel_create_user
)
[2] => Array
(
[fk_role_id] => 1
[fk_perm_id] => 3
[perm_id] => 3
[perm_name] => Admin panel: Edit a user
[perm_key] => panel_edit_user
)
)
[num_rows] => 3
)
这里我加入了包含特殊权限的user_rights,它有一个允许行,可以包含0或1,如果它包含0则意味着它是一个应该删除的权限,如果它包含1,则它是一个应该添加到数组的权限。
$query = "SELECT * FROM user_rights
INNER JOIN permissions ON fk_perm_id = perm_id
WHERE fk_usr_id = $userID";
$userArray = new DBfetch($query);
$ userArray创建的数组:
user_rights - DBfetch Object
(
[row] => Array
(
[0] => Array
(
[fk_usr_id] => 2
[fk_perm_id] => 3
[allow] => 0
[perm_id] => 3
[perm_name] => Admin panel: Edit a user
[perm_key] => panel_edit_user
)
[1] => Array
(
[fk_usr_id] => 2
[fk_perm_id] => 4
[allow] => 1
[perm_id] => 4
[perm_name] => Admin panel: Delete a user
[perm_key] => panel_delete_user
)
)
[num_rows] => 2
)
第一个foreach应该运行$ roleArray已经获取的所有东西,它向我发回一个对象,一个数组我通过这个数组运行,并且与一个数组相同。因此,如果数组找到与另一个表的外键匹配的外键,那么无论何时添加额外权限或从数组中删除它,它都会阻止它。
foreach($roleArray->row as $key=>$value) {
foreach($userArray->row as $key2=>$value2) {
if($value["fk_perm_id"] == $value2["fk_perm_id"]) {
if($value2["allow"] == 1) {
$g_permissions[$value2['perm_id']] = $value2['perm_key'];
}else{
unset($g_permissions[$value2["perm_id"]]);
}
} else {
$g_permissions[$value['perm_id']] = $value['perm_key'];
}
}
}
所以我要求的是一个解决方案。到目前为止,没有问题,但有两个,我无法添加或删除特定用户的权限..
所有代码:
$g_permissions = array();
$query = "SELECT * FROM role_rights
INNER JOIN permissions ON fk_perm_id = perm_id
WHERE fk_role_id = $roleID";
$roleArray = new DBfetch($query);
$query = "SELECT * FROM user_rights
INNER JOIN permissions ON fk_perm_id = perm_id
WHERE fk_usr_id = $userID";
$userArray = new DBfetch($query);
foreach($roleArray->row as $key=>$value) {
foreach($userArray->row as $key2=>$value2) {
if($value["fk_perm_id"] == $value2["fk_perm_id"]) {
if($value2["allow"] == 1) {
$g_permissions[$value2['perm_id']] = $value2['perm_key'];
}else{
unset($g_permissions[$value2["perm_id"]]);
}
} else {
$g_permissions[$value['perm_id']] = $value['perm_key'];
}
}
}
答案 0 :(得分:0)
所以我解决我的问题的方法是创建两个处理信息的函数,然后将get_usr_permissions函数输出添加到我的数组中!
function get_permkeys_with_user_id($userID) {
$g_permissions = array();
$query = "SELECT * FROM users
INNER JOIN role_rights ON users.fk_role_id = role_rights.fk_role_id
INNER JOIN permissions ON permissions.perm_id = role_rights.fk_perm_id
WHERE users.usr_id = $userID";
$stuff = new DBfetch($query);
foreach($stuff->row as $key=>$value) {
$g_permissions[$value['perm_id']] = $value['perm_key'];
}
return $g_permissions;
}
function get_usr_permissions($userID) {
$runQuery = new DBhandler();
$query = "SELECT * FROM user_rights
INNER JOIN permissions ON fk_perm_id = perm_id
WHERE user_rights.fk_usr_id = $userID";
$perm_role = get_permkeys_with_user_id($userID);
$perm_usr = new DBfetch($query);
foreach($perm_usr->row as $index => $permission){
if($permission["allow"]){
$perm_role[$permission["perm_id"]] = $permission["perm_key"];
}else{
unset($perm_role[$permission["perm_id"]]);
}
}
return $perm_role;
}