This topic is locked

Guide 5 - Access control to table records

11/3/2020 7:56:02 AM
PHPRunner Tips and Tricks
fhumanes author


PHPRunner has many options for access control and even for selecting information from a table, but for some requirements of our applications, they are not enough.


As we can see, we can easily make the user can only access their data.
The question and doubt, is how do we go about accessing my data and the data of the people who depend, directly or indirectly, on me?
In real life, quite a few times, this circumstance occurs, for example:

  • Consult the salary data of my dependent collaborators.
  • Check the job access signings of my dependent collaborators.
  • Consult the orders or sales of my dependent collaborators.


The solution to this type of question is not so simple, since PHPRunner does not have any "wizard" that allows us to access the records of a table.
Objective


Given a hierarchy or dependency structure between people, the consultation of these people will be governed by the following rules:

  • Users of the "administrator" group will be able to consult all persons.
  • Users will be able to consult their data and those of the people who depend on them directly and indirectly.
  • There is no limit to the levels of dependency.


Solution
For the creation of the solution I have used the PHP function of https://gist.github.com/ubermaniac/8834601 that facilitates the analysis of the dependency hierarchy.
DEMO: https://fhumanes.com/hierarchy/
The users that are currently available are those shown in the figure.


The Login and Password have the same data. I remind you that the "admin" login belongs to the "administrator" group and is the only one that can create and delete users.
In the example, the problem has been solved by creating a list of user codes "id_user", which the user can consult and dynamically adding the condition of "id_user IN (1,2,3,...., 7 )". That set of "id_user" are the users you can query.
The most complex thing is to obtain the set of "id_user" and this is done with this code, leaving the list of "id's" in a session variable, for later use.
hierarchy.php



<?php

// Create ARRAY with the data Hierarchy

function convertToHierarchy($results, $idField='user_id', $parentIdField='Boss', $childrenField='') {

$hierarchy = array(); // -- Stores the final data

$itemReferences = array(); // -- temporary array, storing references to all items in a single-dimention

foreach ( $results as $item ) {

$id = $item[$idField];

$parentId = $item[$parentIdField];

if (isset($itemReferences[$parentId])) { // parent exists

$itemReferences[$parentId][$childrenField][$id] = $item; // assign item to parent

$itemReferences[$id] =& $itemReferences[$parentId][$childrenField][$id]; // reference parent's item in single-dimentional array

} elseif (!$parentId || !isset($hierarchy[$parentId])) { // -- parent Id empty or does not exist. Add it to the root

$hierarchy[$id] = $item;

$itemReferences[$id] =& $hierarchy[$id];

}

}

unset($results, $item, $id, $parentId);

// -- Run through the root one more time. If any child got added before it's parent, fix it.

foreach ( $hierarchy as $id => &$item ) {

$parentId = $item[$parentIdField];

if ( isset($itemReferences[$parentId] ) ) { // -- parent DOES exist

$itemReferences[$parentId][$childrenField][$id] = $item; // -- assign it to the parent's list of children

unset($hierarchy[$id]); // -- remove it from the root of the hierarchy

}

}

unset($itemReferences, $id, $item, $parentId);

return $hierarchy;

}

// Search the data of the connected user

function findUser($hierarchy, $id_user) {

foreach ($hierarchy as $v) {

if ($v['id_user'] == $id_user){ // Find the id of the connected user

return $v;

}

if (!empty($v['children'])) { // Recursive find

$w = findUser($v['children'], $id_user);

if (!empty($w)) { // User has already been found

return $w;

}

}

}

return [];

}

$_SESSION['user_dependence'] = '0'; // Initialization

// Create list of dependent users

function listChildrenUser($hierarchy,$list) {

foreach ($hierarchy as $v) {

$list .= $v['id_user'].',';

if (!empty($v['children'])) { // Recursive find

$list = listChildrenUser($v['children'], $list);

}

}

return $list;

}

global $conn;

// Create auxiliary Sorting tables

$results = array();

$sql = "SELECT id_user , ifnull(Boss,'') id_parent, Name FROM hierarchy_users";

if ($resql = db_query($sql,$conn)) {

/* get associative array */

while ($row = db_fetch_array($resql)) {

$results[] = $row;

}

$Hierarchy = convertToHierarchy($results,'id_user','id_parent','children'); // Create hierarchy from data

$user = $_SESSION["id_user"] ; // id User connect

$Hierarchy2 = array();

$list = '';

$Hierarchy2[] = findUser($Hierarchy, $user); // Create List of dependent User id

$list = listChildrenUser($Hierarchy2,$list);

$_SESSION['user_dependence'] = substr($list, 0,strlen($list)-1); // remove last comma

}

?>


As always, you can contact me for any need at [email="fernandohumanes@gmail.com"]fernandohumanes@gmail.com[/email]
Also, as usual, I leave you in my portal all the files you need so that you can install the example on your computers.