选择查询 - 选择父权限

时间:2013-01-16 10:24:55

标签: php mysql

我在撰写查询时需要您的帮助 - 请参阅下面的表格结构

分类

CREATE TABLE IF NOT EXISTS `category` (
  `catid` varchar(170) NOT NULL,
  `name` varchar(170) NOT NULL,
  `parent_catid` varchar(170) NOT NULL,
  `inherit_parent_perms` enum ('Y', 'N') NOT NULL,
  KEY `idx_wss` (`catid`)
);
INSERT INTO `category` VALUES('1', 'Fruits', '0', 'N');
INSERT INTO `category` VALUES('2', 'Apples', '1', 'N');
INSERT INTO `category` VALUES('3', 'Furniture', '0', 'N');
INSERT INTO `category` VALUES('4', 'Toys', '0', 'N');
INSERT INTO `category` VALUES('5', 'Gifts', '4', 'Y');

和权限表

权限

CREATE TABLE IF NOT EXISTS `permissions` (
  `catid` varchar(170) NOT NULL,
  `permission_object` enum ('seller', 'buyer') NOT NULL,
  `permission_object_id` varchar(170) NOT NULL,
  KEY `idx_wss` (`catid`)
);


INSERT INTO `permissions` VALUES('1', 'seller', '100'); -- Here category 1 is accessible to 'seller' object with ID 100
INSERT INTO `permissions` VALUES('1', 'buyer', '300');  -- Here category 1 is accessible to 'buyer' object with ID 300

INSERT INTO `permissions` VALUES('2', 'buyer', '200');  -- Here category 2 is accessible to 'buyer' object with ID 200

INSERT INTO `permissions` VALUES('3', 'buyer', 'all');  -- Here category 3 is accessible to all 'buyer' objects
INSERT INTO `permissions` VALUES('3', 'seller', 'all'); -- Here category 3 is accessible to all 'seller' objects

正如您可以看到权限表中如何引用类别表,并且当对象ID设置为“all”时,可以通过具有id的对象类型或所有对象类型访问类别

这是我到目前为止的查询

SELECT id, name, p. *
FROM `catalogue` c
LEFT JOIN permissions p ON p.cat = c.catid
AND (
        (
            (
                p.permission_object_id = 'all'
                OR p.permission_object_id = '100'
            )
                AND p.permission_object = 'seller'
        )
        OR 
        (
            (
                p.permission_object_id = 'all'
                OR p.permission_object_id = '100'
            )
                AND p.permission_object = 'buyer'
        )
    )
WHERE catid = 3

问题

以上查询类型的作品 - 例如如果买方ID 100可以访问类别3 - 它将显示其下的内容。如果此类别被允许买方ID“全部”,那么任何买家都可以看到此类别。

但问题是我有子类别。因此,如果类别3可以通过“全部”访问,然后我添加两个子类别4和5(在类别3下)并告诉它继承父级4和子类别5的权限,只能通过“卖家”ID 200访问 - 然后我不明白该怎么做。

  • 我是否需要复制所有父权限并在标记为继承父权限时插入新行(显然是新的类别ID)或者......我可以以某种方式使用相同的查询它的一些变化(我不知道如何)。

  • 对上述任何其他更改/建议表示赞赏。

1 个答案:

答案 0 :(得分:0)

这只会处理一个级别的子分类,即如果您将子类别添加到类别4& 5。

如果我理解你的问题,它应该让你开始:

-- Assuming category 5 is a sub-category of category 3 and has inherit_parent_perms='Y'

select *
from
(
-- select permisssions for this category
SELECT c.catid, c.name, p.permission_object,p.permission_object_id
FROM `category` c
LEFT JOIN `permissions` p ON p.catid = c.catid
where c.catid = 5
union
-- select permissions from parent category if it exists
SELECT c.catid, c.name, p.permission_object,p.permission_object_id
FROM `category` c
inner join `category` parent on c.parent_catid = parent.catid and c.inherit_parent_perms='Y'
LEFT JOIN `permissions` p ON p.catid = parent.catid
WHERE c.catid = 5
) all_perms
WHERE (
        (
            (
                all_perms.permission_object_id = 'all'
                OR all_perms.permission_object_id = '100'
            )
                AND all_perms.permission_object = 'seller'
        )
        OR 
        (
            (
                all_perms.permission_object_id = 'all'
                OR all_perms.permission_object_id = '100'
            )
                AND all_perms.permission_object = 'buyer'
        )
    );