Go to main content

Textpattern CMS support forum

You are not logged in. Register | Login | Help

#1 2010-04-26 15:12:48

Siguo
Member
From: Beijing, China
Registered: 2008-05-22
Posts: 44

2. Topics about User & Permissions: table design

According to the 1. Topics about User & Permissions: the three level

we will create three or four tables, list below

1. usergroup table

usergroupid | usergrouptitle | usergroupdescription | genericpermissions | permissiongroup1 | permissiongroup2 |…

for example:

1 | publisher | publisher usergroup | 1 << 2 + 1 << 3 + …(generic)| 1 << 0 + 1 << 3 …(group1) |…
……

2. permissions table

permissionid | permissiongroup | permissionname | permissiontitle | permissionmask

for example:

1 | admin | edit | Can edit author? | 1 << 0
2 | admin | list | Can view author list? | 1 << 1
……
8 | article | publish | Can publish article | 1 << 0
9 | article | delete | Can delete article | 1 << 1

3. section(event) permissions table

permissionid | permissiontype | sectionid(or sectionname, and eventname) | usergroupid | permissionmask

for example

1 | section | sectionid1 | usergroup2 | 1 << 2 + 1 << 5 + 1 << 7……
……

4. user permissions table(optional, we can put this in a user table field)

permissionid | userid | sectionid(or sectionname, and eventname) | permissionmask

for example:

1 | userid3 | sectionid5 | 1 << 4 + 1 << 5 + …
……

All masks are 1 << 0, 1 << 1, 1 << 2…and there &s , |s.

Last edited by Siguo (2010-04-26 15:29:58)

Offline

#2 2010-04-26 19:14:56

Bloke
Developer
From: Leeds, UK
Registered: 2006-01-29
Posts: 12,024
Website GitHub

Re: 2. Topics about User & Permissions: table design

Well I’m confused! :-s Although I fully admit that bitwise operators are not my strong point.

One thing to note about your table design though: I’d avoid the use of descriptions and titles and stuff because that should be the domain of the lang files, for i18n reasons.


The smd plugin menagerie — for when you need one more gribble of power from Textpattern. Bleeding-edge code available on GitHub.

Txp Builders – finely-crafted code, design and Txp

Offline

#3 2010-04-26 23:33:26

Siguo
Member
From: Beijing, China
Registered: 2008-05-22
Posts: 44

Re: 2. Topics about User & Permissions: table design

Well I’m confused!
——————————

:) where are you confused? I can give you an example. with the bitwise operation. lets see an example:

in permissions table, we can set admin group in admin_config.php like this:

1 | admin | admin | can_access_admin | 1 (1 << 0 = bitwise: 0001)
2 | admin | edit | can_edit_author | 2 (1 << 1 = bitwise: 0010)
3 | admin | list | can_list_author | 4 (1 << 2 = bitwise: 0100)

in usergroup table, say we have an admin permission group, for the publisher, we can set:

1 | publisher | publisher_usergroup | 7(1 << 0 + 1 << 1 + 1 << 2 = bitwise: 0111)

if you want to check an user’s admin edit permission, you just:
1. get the user’s usergroup, then you have the adminpermissionmask value, say 7(that’s bitwise 0111)
2. get the admin edit permissionmmask value, then you have 2(that’s bitwise 0010)

then, we can simplely use bitwise & to check the user’s edit author permission:

if( 7 & 2 (that’s TRUE))
{ has publisher permission;
}else{ deny;
}

and the bitwise operation is much more faster than we use in function has_privs(), which use in_array() and explode(). this can make txp more faster than slower, as you’ve worried.

2. yes, I agree we should use the lang files for i18n.

Last edited by Siguo (2010-04-27 23:19:13)

Offline

Board footer

Powered by FluxBB