一些背景知识:
game
属于round
,
round
属于season
,
season
属于competition
competition
是无主的。
我们有八张桌子
name =>专栏
`games` => `id`, `round_id`,
`rounds` => `id`, `season_id`,
`seasons` => `id`, `competition_id`,
`competitions` => `id`,
----
`user_game` => `user_id`, `game_id`,
`user_round` => `user_id`, `round_id`,
`user_season` => `user_id`, `season_id`,
`user_competition` => `user_id`, `competition_id`
因此,前四个表将不同的部分链接在一起,
后四个表将用户链接到相应的部分。
一些虚拟数据,请注意我在第二个ID更改时拆分表格以便于阅读。
前四个表
/--GAMES--------------\ /--ROUNDS-------------\
| id | round_id | | id | season_id |
| 1 | 1 | | 1 | 1 |
| 2 | 1 | | 2 | 1 |
|----|----------------| | 3 | 1 |
| 3 | 2 | |----|----------------|
| 4 | 2 | | 4 | 2 |
|----|----------------| | 5 | 2 |
| 5 | 3 | | 6 | 2 |
| 6 | 3 | |----|----------------|
|----|----------------| | 7 | 3 |
| 7 | 4 | | 8 | 3 |
| 8 | 4 | | 9 | 3 |
|----|----------------| |----|----------------|
| 9 | 5 | | 10 | 4 |
| 10 | 5 | \---------------------/
|----|----------------|
| 11 | 6 | /--SEASONS------------\
| 12 | 6 | | id | competition_id |
|----|----------------| | 1 | 1 |
| 13 | 7 | | 2 | 1 |
| 14 | 7 | |----|----------------|
|----|----------------| | 3 | 2 |
| 15 | 8 | | 4 | 2 |
| 16 | 8 | \---------------------/
|----|----------------|
| 17 | 9 | /--COMPETITIONS-------\
| 18 | 9 | | id |
|----|----------------| | 1 |
| 19 | 10 | | 2 |
| 20 | 10 | \---------------------/
\---------------------/
接下来的四个表格在下面的列表中得到了最好的解释
用户:
user_game (user_id:1, game_id:1)
direct
次访问权parent
次访问parent
次访问parent
次参加比赛1 user_round (user_id:2, round_id:1)
child
次访问权限
direct
次访问parent
次访问parent
次参加比赛1 user_round (user_id:3, round_id:1)
direct
次访问权user_game (user_id:3, game_id:13)
direct
次访问权parent
访问parent
次访问parent
访问竞争2 因此,当获取上述三个用户的访问权限时,我想最终得到这三个数组,
注意到:
parent_access
:用户具有访问子对象的部分访问权限(无论对象是什么)
direct_access
:用户具有直接授予的完全访问权限
child access
:用户具有完全访问权限,作为父对象(无论哪个对象)被授予直接访问权限
用户1
$user1 = array(
'games' => array(
[1] => array(
'id' => 1,
'parent_access' => false,
'direct_access' => true,
'child_access' => false
)
),
'rounds' => array(
[1] => array(
'id' => 1,
'parent_access' => true,
'direct_access' => false,
'child_access' => false
)
),
'seasons' => array(
[1] => array(
'id' => 1,
'parent_access' => true,
'direct_access' => false,
'child_access' => false
),
),
'competitions' => array(
[1] => array(
'id' => 1,
'parent_access' => true,
'direct_access' => false,
'child_access' => false
),
)
);
用户2
$user2 = array(
'games' => array(
[1] => array(
'id' => 1,
'parent_access' => false,
'direct_access' => false,
'child_access' => true
),
[2] => array(
'id' => 2,
'parent_access' => false,
'direct_access' => false,
'child_access' => true
)
),
'rounds' => array(
[1] => array(
'id' => 1,
'parent_access' => false,
'direct_access' => true,
'child_access' => false
)
),
'seasons' => array(
[1] => array(
'id' => 1,
'parent_access' => true,
'direct_access' => false,
'child_access' => false
),
),
'competitions' => array(
[1] => array(
'id' => 1,
'parent_access' => true,
'direct_access' => false,
'child_access' => false
),
)
);
用户3
$user3 = array(
'games' => array(
[1] => array(
'id' => 1,
'parent_access' => false,
'direct_access' => false,
'child_access' => true
),
[2] => array(
'id' => 2,
'parent_access' => false,
'direct_access' => true,
'child_access' => true
),
[13] => array(
'id' => 13,
'parent_access' => false,
'direct_access' => true,
'child_access' => false
)
),
'rounds' => array(
[1] => array(
'id' => 1,
'parent_access' => false,
'direct_access' => true,
'child_access' => false
),
[7] => array(
'id' => 7,
'parent_access' => true,
'direct_access' => false,
'child_access' => false
)
),
'seasons' => array(
[1] => array(
'id' => 1,
'parent_access' => true,
'direct_access' => false,
'child_access' => false
),
[3] => array(
'id' => 3,
'parent_access' => true,
'direct_access' => false,
'child_access' => false
)
),
'competitions' => array(
[1] => array(
'id' => 1,
'parent_access' => true,
'direct_access' => false,
'child_access' => false
),
[2] => array(
'id' => 2,
'parent_access' => true,
'direct_access' => false,
'child_access' => false
)
)
);
答案 0 :(得分:0)
结果略有不同,但这张贴在这里是为了显示我当前的工作,它仍然可以作为答案,尽管我不满意。
所以,这是我目前的代码:
像$competitions = $this->competitions->disabled(true)->getAll();
这样的行在竞争表上运行查询并返回一个自定义对象,所以事情有点不同,但是你应该能够通过代码解决它的作用。
你不喜欢这里的是我们有 18个foreach循环!许多嵌套,以便 18重新运行foreach循环!任何人都可以看到一种方式减少这个?
public function access($user_id, $action = 'none')
{
$access = array(
'competitions' => array()
);
/* COMPETITIONS */
$competitions = $this->competitions->disabled(true)->getAll();
foreach ($competitions as $competition) {
$access['competitions'][$competition->data('id')] = array(
//'item' => $competition,
'type' => 'competition',
'id' => $competition->data('id'),
'child_access' => false,
'direct_access' => false,
'parent_access' => false,
'seasons' => array()
);
/* SEASONS */
$seasons = $competition->seasons(true);
foreach ($seasons as $season) {
$access['competitions'][$competition->data('id')]['seasons'][$season->data('id')] = array(
//'item' => $season,
'type' => 'season',
'id' => $season->data('id'),
'child_access' => false,
'direct_access' => false,
'parent_access' => false,
'rounds' => array()
);
/* ROUNDS */
$rounds = $season->rounds(true);
foreach ($rounds as $round) {
$access['competitions'][$competition->data('id')]['seasons'][$season->data('id')]['rounds'][$round->data('id')] = array(
//'item' => $round,
'type' => 'round',
'id' => $round->data('id'),
'child_access' => false,
'direct_access' => false,
'parent_access' => false,
'games' => array()
);
/* GAMES */
$games = $round->games(true);
foreach ($games as $game) {
//dump('$access["competitions"]['.$competition->data('id').']["seasons"]['.$season->data('id').']["rounds"]['.$round->data('id').']["games"]['.$game->data('id').']');
$access['competitions'][$competition->data('id')]['seasons'][$season->data('id')]['rounds'][$round->data('id')]['games'][$game->data('id')] = array(
//'item' => $game,
'type' => 'game',
'id' => $game->data('id'),
'child_access' => false,
'direct_access' => false,
'parent_access' => false
);
}
}
}
}
/* CHECK COMPETITIONS */
$competitions = $this->db->select('competition_id')->from('user_competition')->where('user_id', $user_id)->get();
foreach ($competitions->result() as $id) {
$id = $id->competition_id;
$access['competitions'][$id]['direct_access'] = true;
/* SEASONS */
foreach ($access['competitions'][$id]['seasons'] as &$season) {
$season['child_access'] = true;
/* ROUNDS */
foreach ($season['rounds'] as &$round) {
$round['child_access'] = true;
/* GAMES */
foreach ($round['games'] as &$game) {
$game['child_access'] = true;
unset($game);
}
unset($round);
}
unset($season);
}
}
/* CHECK SEASONS */
$seasons = $this->db->select('season_id')->from('user_season')->where('user_id', $user_id)->get();
foreach ($seasons->result() as $id) {
$id = $id->season_id;
$competition_id = $this->seasons->disabled(true)->get($id)->data('competition id');
$competition = $access['competitions'][$competition_id];
$competition['parent_access'] = true;
$season = $competition['seasons'][$id];
$season['direct_access'] = true;
/* ROUNDS */
foreach ($season['rounds'] as &$round) {
$round['child_access'] = true;
/* GAMES */
foreach ($round['games'] as &$game) {
$game['child_access'] = true;
unset($game);
}
unset($round);
}
}
/* CHECK ROUNDS */
$rounds = $this->db->select('round_id')->from('user_round')->where('user_id', $user_id)->get();
foreach ($rounds->result() as $id) {
$id = $id->round_id;
$round_obj = $this->rounds->disabled(true)->get($id);
$season_obj = $round_obj->season();
$competition_id = $season_obj->data('competition id');
$access['competitions'][$competition_id]['parent_access'] = true;
$access['competitions'][$competition_id]['seasons'][$season_obj->data('id')]['parent_access'] = true;
$access['competitions'][$competition_id]['seasons'][$season_obj->data('id')]['rounds'][$id]['direct_access'] = true;
/* GAMES */
foreach ($access['competitions'][$competition_id]['seasons'][$season_obj->data('id')]['rounds'][$id]['games'] as &$game) {
$game['child_access'] = true;
unset($game);
}
}
/* CHECK GAMES */
$games = $this->db->select('game_id')->from('user_game')->where('user_id', $user_id)->get();
foreach ($games->result() as $id) {
$id = $id->game_id;
$game_obj = $this->games->disabled(true)->get($id);
$round_obj = $game_obj->round();
$season_obj = $round_obj->season();
$competition_id = $season_obj->data('competition id');
$access['competitions'][$competition_id]['parent_access'] = true;
$access['competitions'][$competition_id]['seasons'][$season_obj->data('id')]['parent_access'] = true;
$access['competitions'][$competition_id]['seasons'][$season_obj->data('id')]['rounds'][$round_obj->data('id')]['parent_access'] = true;
$access['competitions'][$competition_id]['seasons'][$season_obj->data('id')]['rounds'][$round_obj->data('id')]['games'][$id]['direct_access'] = true;
}
if ($action == 'trim') {
foreach ($access['competitions'] as $k => &$competition) {
if ($competition['child_access'] === false &&
$competition['direct_access'] === false &&
$competition['parent_access'] === false
) {
unset($access['competitions'][$k]);
continue;
}
foreach ($competition['seasons'] as $k1 => &$season) {
if ($season['child_access'] === false &&
$season['direct_access'] === false &&
$season['parent_access'] === false
) {
unset($competition['seasons'][$k1]);
continue;
}
foreach ($season['rounds'] as $k2 => &$round) {
if ($round['child_access'] === false &&
$round['direct_access'] === false &&
$round['parent_access'] === false
) {
unset($season['rounds'][$k2]);
continue;
}
foreach ($round['games'] as $k3 => $game) {
if ($game['child_access'] === false &&
$game['direct_access'] === false &&
$game['parent_access'] === false
) {
unset($round['games'][$k3]);
continue;
}
}
}
}
}
}
dump($access);
}
答案 1 :(得分:0)
您需要使用授权语言(如XACML)来表达谁可以访问哪些特定数据。然后,您已经成为“属性”的一个来源。
使用XACML,您可以表达以下规则: