php permission system

Solutions on MaxInterview for php permission system by the best coders in the world

showing results for - "php permission system"
Paula
13 Mar 2016
1// check if a user has a specific role
2public function hasRole($role_name) {
3    return isset($this->roles[$role_name]);
4}
5
6// insert a new role permission association
7public static function insertPerm($role_id, $perm_id) {
8    $sql = "INSERT INTO role_perm (role_id, perm_id) VALUES (:role_id, :perm_id)";
9    $sth = $GLOBALS["DB"]->prepare($sql);
10    return $sth->execute(array(":role_id" => $role_id, ":perm_id" => $perm_id));
11}
12
13// delete ALL role permissions
14public static function deletePerms() {
15    $sql = "TRUNCATE role_perm";
16    $sth = $GLOBALS["DB"]->prepare($sql);
17    return $sth->execute();
18}
Elizabeth
11 Sep 2018
1<?php
2class PrivilegedUser extends User
3{
4    private $roles;
5
6    public function __construct() {
7        parent::__construct();
8    }
9
10    // override User method
11    public static function getByUsername($username) {
12        $sql = "SELECT * FROM users WHERE username = :username";
13        $sth = $GLOBALS["DB"]->prepare($sql);
14        $sth->execute(array(":username" => $username));
15        $result = $sth->fetchAll();
16
17        if (!empty($result)) {
18            $privUser = new PrivilegedUser();
19            $privUser->user_id = $result[0]["user_id"];
20            $privUser->username = $username;
21            $privUser->password = $result[0]["password"];
22            $privUser->email_addr = $result[0]["email_addr"];
23            $privUser->initRoles();
24            return $privUser;
25        } else {
26            return false;
27        }
28    }
29
30    // populate roles with their associated permissions
31    protected function initRoles() {
32        $this->roles = array();
33        $sql = "SELECT t1.role_id, t2.role_name FROM user_role as t1
34                JOIN roles as t2 ON t1.role_id = t2.role_id
35                WHERE t1.user_id = :user_id";
36        $sth = $GLOBALS["DB"]->prepare($sql);
37        $sth->execute(array(":user_id" => $this->user_id));
38
39        while($row = $sth->fetch(PDO::FETCH_ASSOC)) {
40            $this->roles[$row["role_name"]] = Role::getRolePerms($row["role_id"]);
41        }
42    }
43
44    // check if user has a specific privilege
45    public function hasPrivilege($perm) {
46        foreach ($this->roles as $role) {
47            if ($role->hasPerm($perm)) {
48                return true;
49            }
50        }
51        return false;
52    }
53}
Jessica
05 May 2019
1// insert a new role
2public static function insertRole($role_name) {
3    $sql = "INSERT INTO roles (role_name) VALUES (:role_name)";
4    $sth = $GLOBALS["DB"]->prepare($sql);
5    return $sth->execute(array(":role_name" => $role_name));
6}
7
8// insert array of roles for specified user id
9public static function insertUserRoles($user_id, $roles) {
10    $sql = "INSERT INTO user_role (user_id, role_id) VALUES (:user_id, :role_id)";
11    $sth = $GLOBALS["DB"]->prepare($sql);
12    $sth->bindParam(":user_id", $user_id, PDO::PARAM_STR);
13    $sth->bindParam(":role_id", $role_id, PDO::PARAM_INT);
14    foreach ($roles as $role_id) {
15        $sth->execute();
16    }
17    return true;
18}
19
20// delete array of roles, and all associations
21public static function deleteRoles($roles) {
22    $sql = "DELETE t1, t2, t3 FROM roles as t1
23            JOIN user_role as t2 on t1.role_id = t2.role_id
24            JOIN role_perm as t3 on t1.role_id = t3.role_id
25            WHERE t1.role_id = :role_id";
26    $sth = $GLOBALS["DB"]->prepare($sql);
27    $sth->bindParam(":role_id", $role_id, PDO::PARAM_INT);
28    foreach ($roles as $role_id) {
29        $sth->execute();
30    }
31    return true;
32}
33
34// delete ALL roles for specified user id
35public static function deleteUserRoles($user_id) {
36    $sql = "DELETE FROM user_role WHERE user_id = :user_id";
37    $sth = $GLOBALS["DB"]->prepare($sql);
38    return $sth->execute(array(":user_id" => $user_id));
39}
Emmanuelle
09 Jun 2016
1CREATE TABLE roles (
2  role_id INTEGER UNSIGNED NOT NULL AUTO_INCREMENT,
3  role_name VARCHAR(50) NOT NULL,
4
5  PRIMARY KEY (role_id)
6);
7
8CREATE TABLE permissions (
9  perm_id INTEGER UNSIGNED NOT NULL AUTO_INCREMENT,
10  perm_desc VARCHAR(50) NOT NULL,
11
12  PRIMARY KEY (perm_id)
13);
14
15CREATE TABLE role_perm (
16  role_id INTEGER UNSIGNED NOT NULL,
17  perm_id INTEGER UNSIGNED NOT NULL,
18
19  FOREIGN KEY (role_id) REFERENCES roles(role_id),
20  FOREIGN KEY (perm_id) REFERENCES permissions(perm_id)
21);
22
23CREATE TABLE user_role (
24  user_id INTEGER UNSIGNED NOT NULL,
25  role_id INTEGER UNSIGNED NOT NULL,
26
27  FOREIGN KEY (user_id) REFERENCES users(user_id),
28  FOREIGN KEY (role_id) REFERENCES roles(role_id)
29);
Kendrick
14 Jul 2019
1<?php
2require_once "Role.php";
3require_once "PrivilegedUser.php";
4
5// connect to database...
6// ...
7
8session_start();
9
10if (isset($_SESSION["loggedin"])) {
11    $u = PrivilegedUser::getByUsername($_SESSION["loggedin"]);
12}
13
14if ($u->hasPrivilege("thisPermission")) {
15    // do something
16}
Eduardo
07 Oct 2018
1<?php
2class Role
3{
4    protected $permissions;
5
6    protected function __construct() {
7        $this->permissions = array();
8    }
9
10    // return a role object with associated permissions
11    public static function getRolePerms($role_id) {
12        $role = new Role();
13        $sql = "SELECT t2.perm_desc FROM role_perm as t1
14                JOIN permissions as t2 ON t1.perm_id = t2.perm_id
15                WHERE t1.role_id = :role_id";
16        $sth = $GLOBALS["DB"]->prepare($sql);
17        $sth->execute(array(":role_id" => $role_id));
18
19        while($row = $sth->fetch(PDO::FETCH_ASSOC)) {
20            $role->permissions[$row["perm_desc"]] = true;
21        }
22        return $role;
23    }
24
25    // check if a permission is set
26    public function hasPerm($permission) {
27        return isset($this->permissions[$permission]);
28    }
29}
Jayne
22 Feb 2016
1object(PrivilegedUser)#3 (2) {
2  ["roles":"PrivilegedUser":private]=>
3  array(1) {
4    ["Admin"]=>
5    object(Role)#5 (1) {
6      ["permissions":protected]=>
7      array(4) {
8        ["addUser"]=>bool(true)
9        ["editUser"]=>bool(true)
10        ["deleteUser"]=>bool(true)
11        ["editRoles"]=>bool(true)
12      }
13    }
14  }
15  ["fields":"User":private]=>
16  array(4) {
17    ["user_id"]=>string(1) "2"
18    ["username"]=>string(7) "mpsinas"
19    ["password"]=>bool(false)
20    ["email_addr"]=>string(0) ""
21  }
22}