1 |
<?php |
2 |
|
3 |
require_once("YakkaMySqlDatabase.php"); |
4 |
require_once("library/YakkaPermission.php"); |
5 |
|
6 |
class YakkaMySqlPermissionAdapter extends YakkaMySqlDatabase { |
7 |
var $permissionTable; |
8 |
var $grantTable; |
9 |
var $revokeTable; |
10 |
|
11 |
function YakkaMySqlPermissionAdapter($parameters = null) { |
12 |
$this->YakkaMySqlDatabase(); |
13 |
|
14 |
if ($parameters) |
15 |
$this->connect($parameters["host"], $parameters["database"], $parameters["user"], $parameters["password"]); |
16 |
|
17 |
if (!$prefix = $parameters["table-prefix"]) { |
18 |
$this->permissionTable = "permissions"; |
19 |
$this->grantTable = "permission_grants"; |
20 |
$this->revokeTable = "permission_revokes"; |
21 |
} else { |
22 |
$this->permissionTable = $prefix."permissions"; |
23 |
$this->grantTable = $prefix."permission_grants"; |
24 |
$this->revokeTable = $prefix."permission_revokes"; |
25 |
} |
26 |
} |
27 |
|
28 |
function hasGrantPrivilege($privilege, $objectTag, $objectType, $accessorTag, $accessorType) { |
29 |
$privilege = $this->escapeString($privilege); |
30 |
$objectTag = $this->escapeString($objectTag); |
31 |
$objectType = $this->escapeString($objectType); |
32 |
$accessorTag = $this->escapeString($accessorTag); |
33 |
$accessorType = $this->escapeString($accessorType); |
34 |
|
35 |
$sql = |
36 |
<<<MYSQL |
37 |
SELECT |
38 |
pgra_id |
39 |
FROM |
40 |
$this->grantTable, |
41 |
$this->permissionTable |
42 |
WHERE |
43 |
perm_object_tag = '$objectTag' |
44 |
AND |
45 |
perm_object_type = '$objectType' |
46 |
AND |
47 |
perm_privilege = '$privilege' |
48 |
AND |
49 |
pgra_perm_id = perm_id |
50 |
AND |
51 |
pgra_accessor_tag = '$accessorTag' |
52 |
AND |
53 |
pgra_accessor_type = '$accessorType' |
54 |
MYSQL; |
55 |
|
56 |
return $this->queryRecord($sql) ? true : false; |
57 |
} |
58 |
|
59 |
function hasRevokePrivilege($privilege, $objectTag, $objectType, $accessorTag, $accessorType) { |
60 |
$privilege = $this->escapeString($privilege); |
61 |
$objectTag = $this->escapeString($objectTag); |
62 |
$objectType = $this->escapeString($objectType); |
63 |
$accessorTag = $this->escapeString($accessorTag); |
64 |
$accessorType = $this->escapeString($accessorType); |
65 |
|
66 |
$sql = |
67 |
<<<MYSQL |
68 |
SELECT |
69 |
prev_id |
70 |
FROM |
71 |
$this->revokeTable, |
72 |
$this->permissionTable |
73 |
WHERE |
74 |
perm_object_tag = '$objectTag' |
75 |
AND |
76 |
perm_object_type = '$objectType' |
77 |
AND |
78 |
perm_privilege = '$privilege' |
79 |
AND |
80 |
prev_perm_id = perm_id |
81 |
AND |
82 |
prev_accessor_tag = '$accessorTag' |
83 |
AND |
84 |
prev_accessor_type = '$accessorType' |
85 |
MYSQL; |
86 |
return $this->queryRecord($sql) ? true : false; |
87 |
} |
88 |
|
89 |
function setGrantPrivilege($privilege, $objectTag, $objectType, $accessorTag, $accessorType) { |
90 |
$privilege = $this->escapeString($privilege); |
91 |
$objectTag = $this->escapeString($objectTag); |
92 |
$objectType = $this->escapeString($objectType); |
93 |
$accessorTag = $this->escapeString($accessorTag); |
94 |
$accessorType = $this->escapeString($accessorType); |
95 |
|
96 |
$sql = |
97 |
<<<MYSQL |
98 |
SELECT |
99 |
perm_id |
100 |
FROM |
101 |
$this->permissionTable |
102 |
WHERE |
103 |
perm_object_tag = '$objectTag' |
104 |
AND |
105 |
perm_object_type = '$objectType' |
106 |
AND |
107 |
perm_privilege = '$privilege' |
108 |
MYSQL; |
109 |
if (!$permission = $this->queryRecord($sql)) { |
110 |
$insert = |
111 |
<<<MYSQL |
112 |
INSERT INTO |
113 |
$this->permissionTable |
114 |
SET |
115 |
perm_object_tag = '$objectTag', |
116 |
perm_object_type = '$objectType', |
117 |
perm_privilege = '$privilege', |
118 |
perm_create_user_tag = 'YakkaSystem', |
119 |
perm_modify_user_tag = 'YakkaSystem', |
120 |
perm_create_date = now(), |
121 |
perm_modify_date = now() |
122 |
MYSQL; |
123 |
$this->execute($insert); |
124 |
|
125 |
$sql = |
126 |
<<<MYSQL |
127 |
SELECT |
128 |
perm_id |
129 |
FROM |
130 |
$this->permissionTable |
131 |
WHERE |
132 |
perm_object_tag = '$objectTag' |
133 |
AND |
134 |
perm_object_type = '$objectType' |
135 |
AND |
136 |
perm_privilege = '$privilege' |
137 |
MYSQL; |
138 |
$permission = $this->queryRecord($sql); |
139 |
} |
140 |
$permissionId = $permission["perm_id"]; |
141 |
$sql = |
142 |
<<<MYSQL |
143 |
SELECT |
144 |
pgra_id |
145 |
FROM |
146 |
$this->grantTable |
147 |
WHERE |
148 |
pgra_perm_id = $permissionId |
149 |
AND |
150 |
pgra_accessor_tag = '$accessorTag' |
151 |
AND |
152 |
pgra_accessor_type = '$accessorType' |
153 |
MYSQL; |
154 |
if ($this->queryRecord($sql)) |
155 |
return true; |
156 |
|
157 |
$insert = |
158 |
<<<MYSQL |
159 |
INSERT INTO |
160 |
$this->grantTable |
161 |
SET |
162 |
pgra_perm_id = $permissionId, |
163 |
pgra_accessor_tag = '$accessorTag', |
164 |
pgra_accessor_type = '$accessorType', |
165 |
pgra_create_user_tag = 'YakkaSystem', |
166 |
pgra_modify_user_tag = 'YakkaSystem', |
167 |
pgra_create_date = now(), |
168 |
pgra_modify_date = now() |
169 |
MYSQL; |
170 |
return $this->execute($insert) ? true : false; |
171 |
} |
172 |
|
173 |
function copyGrantPrivileges($sourceTag, $sourceType, $targetTag, $targetType) { |
174 |
$sourceTag = $this->escapeString($sourceTag); |
175 |
$sourceType = $this->escapeString($sourceType); |
176 |
$targetTag = $this->escapeString($targetTag); |
177 |
$targetType = $this->escapeString($targetType); |
178 |
|
179 |
$sql = |
180 |
<<<MYSQL |
181 |
SELECT |
182 |
perm_id, |
183 |
perm_privilege |
184 |
FROM |
185 |
$this->permissionTable |
186 |
WHERE |
187 |
perm_object_tag = '$sourceTag' |
188 |
AND |
189 |
perm_object_type = '$sourceType' |
190 |
MYSQL; |
191 |
if ($privileges = $this->queryRecordset($sql)) { |
192 |
while(list(,$privilege) = each($privileges)) { |
193 |
$privilegeId = $privilege["perm_id"]; |
194 |
$sql = |
195 |
<<<MYSQL |
196 |
SELECT |
197 |
pgra_accessor_tag, |
198 |
pgra_accessor_type |
199 |
FROM |
200 |
$this->grantTable |
201 |
WHERE |
202 |
pgra_perm_id = $privilegeId |
203 |
MYSQL; |
204 |
if ($grants = $this->queryRecordset($sql)) { |
205 |
while(list(,$grant) = each($grants)) { |
206 |
$accessorTag = $this->escapeString($grant["pgra_accessor_tag"]); |
207 |
$accessorType = $this->escapeString($grant["pgra_accessor_type"]); |
208 |
|
209 |
$this->setGrantPrivilege($privilege["perm_privilege"], $targetTag, $targetType, $grant["pgra_accessor_tag"], $grant["pgra_accessor_type"]); |
210 |
} |
211 |
} |
212 |
} |
213 |
} |
214 |
} |
215 |
} |
216 |
|
217 |
?> |