 |
 |
 |
 |
|
|
Date: 07/11/00
- Next message: Andy Shreve: "[phplib] Apache module question"
- Previous message: amrith kumar: "[phplib] VISIT AND CONTRIBUTE FOR DEVELOPING PHP"
- Maybe in reply to: Spruce Weber: "[phplib] extending permissions"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
A user can now be given a different set of permissions for each group they
are in. All I had to do to implement this is add a perms field to my
groups_users table and duplicate some of the functionality in have_perm().
The group permissions can be accessed through the following four
functions...
in_group($group)
have_group_perm($group, $p)
check_group($group)
check_group_perm($group, $p)
The schema for the new tables and the functions I've added to my Perm class
are included below. I think I did a good job keeping it consistent with how
user permissions work. Is there any interest in making this a part of the
PHPLIB distribution? It can remain optional but very useful functionality.
Unless anyone has a suggestion, I'll leave it at this. Try it out and let me
know what you think.
function group_invalid($err_msg) {
global $_PHPLIB;
include($_PHPLIB["libdir"] . "groupinvalid.ihtml");
}
function group_perms($group) {
global $auth;
$uid = $auth->auth["uid"];
$db = new $auth->database_class;
$perms="none";
$db->query("select group_id from groups where group_name='$group'");
while($db->next_record())
$gid = $db->f("group_id");
if($gid) {
$db->query("select perms from groups_users where group_id='$gid' and
user_id='$uid'");
while($db->next_record())
$perms = $db->f("perms");
}
return $perms;
}
function in_group($group) {
$perms = $this->group_perms($group);
if($perms == "none")
return false;
else
return true;
}
function have_group_perm($group, $p) {
$pageperm = split(",", $p);
$userperm = split(",", $this->group_perms($group));
list ($ok0, $pagebits) = $this->permsum($pageperm);
list ($ok1, $userbits) = $this->permsum($userperm);
$has_all = (($userbits & $pagebits) == $pagebits);
if (!($has_all && $ok0 && $ok1) )
return false;
else
return true;
}
function check_group($group) {
if(!$this->in_group($group)) {
$this->group_invalid("You are not a member of group \"$group\".");
exit();
}
}
function check_group_perm($group, $p) {
if(!$this->have_group_perm($group, $p)) {
$this->group_invalid("You don't have the necessary group permissions
to access this page.");
exit();
}
}
#
# Table structure for table 'groups'
#
CREATE TABLE groups (
group_id int(10) unsigned NOT NULL auto_increment,
group_name varchar(32) NOT NULL,
PRIMARY KEY (group_id),
UNIQUE group_name (group_name)
);
#
# Table structure for table 'groups_users'
#
CREATE TABLE groups_users (
groups_users_id int(10) unsigned NOT NULL auto_increment,
group_id int(10) unsigned NOT NULL,
user_id varchar(32) NOT NULL,
perms varchar(255),
PRIMARY KEY (groups_users_id)
);
________________________________________________________________________
Get Your Private, Free E-mail from MSN Hotmail at http://www.hotmail.com
---------------------------------------------------------------------
To unsubscribe, e-mail: phplib-unsubscribe <email protected>
For additional commands, e-mail: phplib-help <email protected>
- Next message: Andy Shreve: "[phplib] Apache module question"
- Previous message: amrith kumar: "[phplib] VISIT AND CONTRIBUTE FOR DEVELOPING PHP"
- Maybe in reply to: Spruce Weber: "[phplib] extending permissions"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]