Skip to content

Commit 7a5bb1a

Browse files
regisocregisoc
authored
Extract permission actions (#9872)
Extracts each individual permission action into a new table, i.e. instead of having `Create/Delete` as a permission action, the `permissions_action` will list all possible actions, and the link with permission will be done in the rel table.
1 parent 12a3826 commit 7a5bb1a

File tree

9 files changed

+576
-191
lines changed

9 files changed

+576
-191
lines changed

SQL/0000-00-02-Permission.sql

Lines changed: 207 additions & 95 deletions
Large diffs are not rendered by default.

SQL/9999-99-99-drop_tables.sql

Lines changed: 2 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -61,6 +61,8 @@ DROP TABLE IF EXISTS `issues_categories`;
6161
DROP TABLE IF EXISTS `testnames_permissions_rel`;
6262
DROP TABLE IF EXISTS `user_perm_rel`;
6363
DROP TABLE IF EXISTS `notification_modules_perm_rel`;
64+
DROP TABLE IF EXISTS `perm_perm_action_rel`;
65+
DROP TABLE IF EXISTS `permissions_action`;
6466
DROP TABLE IF EXISTS `permissions`;
6567
DROP TABLE IF EXISTS `permissions_category`;
6668

SQL/New_patches/2025-06-17-permissions_actions.sql

Lines changed: 38 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,38 @@
1+
-- add new table for actions
2+
CREATE TABLE `permissions_action` (
3+
`ID` int(10) UNSIGNED NOT NULL AUTO_INCREMENT,
4+
`name` varchar(20) NOT NULL UNIQUE,
5+
PRIMARY KEY (`ID`)
6+
) ENGINE=InnoDB DEFAULT CHARSET=utf8;
7+
8+
-- fill out already known actions
9+
INSERT INTO `permissions_action` VALUES
10+
(1, "View"),
11+
(2, "Create"),
12+
(3, "Edit"),
13+
(4, "Delete"),
14+
(5, "Comment"),
15+
(6, "Close"),
16+
(7, "Hide"),
17+
(8, "Download"),
18+
(9, "Upload");
19+
20+
-- relation between "permissions" and "permissions_action"
21+
CREATE TABLE `perm_perm_action_rel` (
22+
`permID` int(10) unsigned NOT NULL default '0',
23+
`actionID` int(10) unsigned NOT NULL default '0',
24+
PRIMARY KEY (`permID`,`actionID`),
25+
KEY `FK_perm_perm_action_rel_2` (`permID`),
26+
CONSTRAINT `FK_perm_perm_action_rel_2`
27+
FOREIGN KEY (`permID`)
28+
REFERENCES `permissions` (`permID`)
29+
ON DELETE CASCADE
30+
ON UPDATE CASCADE,
31+
CONSTRAINT `FK_perm_perm_action_rel_1`
32+
FOREIGN KEY (`actionID`)
33+
REFERENCES `permissions_action` (`ID`)
34+
ON DELETE CASCADE
35+
ON UPDATE CASCADE
36+
) ENGINE=InnoDB DEFAULT CHARSET=utf8;
37+
38+
-- run "tools/single_run/migrate_permission_actions.php" migrate script after that.

php/libraries/UserPermissions.class.inc

Lines changed: 37 additions & 16 deletions
Original file line numberDiff line numberDiff line change
@@ -290,29 +290,50 @@ class UserPermissions
290290
// create DB object
291291
$DB = $loris->getDatabaseConnection();
292292

293-
$query = "SELECT
293+
$select = "SELECT
294294
p.permID,
295295
p.code,
296296
p.description,
297297
pc.Description as type,
298-
p.action,
298+
GROUP_CONCAT(pa.name SEPARATOR '/') as action,
299299
p.moduleID
300-
FROM permissions p ";
301-
302-
//If not superuser, get the permissions that the user has
300+
FROM permissions p
301+
LEFT JOIN perm_perm_action_rel ppar ON (p.permID = ppar.permID)
302+
LEFT JOIN permissions_action pa ON (ppar.actionID = pa.ID)
303+
LEFT JOIN permissions_category pc ON (pc.ID = p.categoryID)
304+
LEFT JOIN modules m ON (p.moduleID = m.ID)
305+
";
306+
$where = " WHERE m.Active='Y'";
307+
$groupBy = " GROUP BY p.permID, p.code, pc.Description, p.moduleID";
308+
$orderBy = " ORDER BY p.categoryID, m.Name, p.description";
309+
$conditions = [];
310+
311+
// additional elements
312+
$additionalJoin = "";
313+
$additionalWhere = "";
314+
315+
// If not superuser, get the permissions that the user has
303316
if (!$this->hasPermission('superuser')) {
304-
$query .= "JOIN user_perm_rel up ON (p.permID=up.PermID)
305-
LEFT JOIN permissions_category pc ON (pc.ID=p.categoryID)
306-
LEFT JOIN modules m ON p.moduleID=m.ID
307-
WHERE up.userID = :UID and m.Active='Y'
308-
ORDER BY p.categoryID, m.Name, p.description";
309-
$dbrows = $DB->pselect($query, ['UID' => $this->userID]);
310-
} else {
311-
$query .= "LEFT JOIN permissions_category pc ON (pc.ID=p.categoryID)
312-
LEFT JOIN modules m ON p.moduleID=m.ID WHERE m.Active='Y'
313-
ORDER BY p.categoryID, m.Name, p.description";
314-
$dbrows = $DB->pselect($query, []);
317+
$additionalJoin = " JOIN user_perm_rel up ON (p.permID = up.PermID)";
318+
$additionalWhere = " AND up.userID = :UID";
319+
$conditions["UID"] = $this->userID;
315320
}
321+
322+
// compose query
323+
$query = "{$select}
324+
{$additionalJoin}
325+
{$where}
326+
{$additionalWhere}
327+
{$groupBy}
328+
{$orderBy}
329+
";
330+
331+
// execute select
332+
$dbrows = $DB->pselect(
333+
$query,
334+
$conditions
335+
);
336+
316337
$modules = \Module::getActiveModulesIndexed($loris);
317338
// Build new meaningful description from combination of columns
318339
// Module Long Name: action description

raisinbread/RB_files/RB_perm_perm_action_rel.sql

Lines changed: 95 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,95 @@
1+
SET FOREIGN_KEY_CHECKS=0;
2+
TRUNCATE TABLE `perm_perm_action_rel`;
3+
LOCK TABLES `perm_perm_action_rel` WRITE;
4+
INSERT INTO `perm_perm_action_rel` (`permID`, `actionID`) VALUES (2,1);
5+
INSERT INTO `perm_perm_action_rel` (`permID`, `actionID`) VALUES (2,2);
6+
INSERT INTO `perm_perm_action_rel` (`permID`, `actionID`) VALUES (2,3);
7+
INSERT INTO `perm_perm_action_rel` (`permID`, `actionID`) VALUES (3,1);
8+
INSERT INTO `perm_perm_action_rel` (`permID`, `actionID`) VALUES (3,2);
9+
INSERT INTO `perm_perm_action_rel` (`permID`, `actionID`) VALUES (3,3);
10+
INSERT INTO `perm_perm_action_rel` (`permID`, `actionID`) VALUES (4,3);
11+
INSERT INTO `perm_perm_action_rel` (`permID`, `actionID`) VALUES (5,2);
12+
INSERT INTO `perm_perm_action_rel` (`permID`, `actionID`) VALUES (5,3);
13+
INSERT INTO `perm_perm_action_rel` (`permID`, `actionID`) VALUES (6,3);
14+
INSERT INTO `perm_perm_action_rel` (`permID`, `actionID`) VALUES (10,1);
15+
INSERT INTO `perm_perm_action_rel` (`permID`, `actionID`) VALUES (11,1);
16+
INSERT INTO `perm_perm_action_rel` (`permID`, `actionID`) VALUES (11,2);
17+
INSERT INTO `perm_perm_action_rel` (`permID`, `actionID`) VALUES (18,1);
18+
INSERT INTO `perm_perm_action_rel` (`permID`, `actionID`) VALUES (19,1);
19+
INSERT INTO `perm_perm_action_rel` (`permID`, `actionID`) VALUES (22,1);
20+
INSERT INTO `perm_perm_action_rel` (`permID`, `actionID`) VALUES (22,3);
21+
INSERT INTO `perm_perm_action_rel` (`permID`, `actionID`) VALUES (23,1);
22+
INSERT INTO `perm_perm_action_rel` (`permID`, `actionID`) VALUES (24,1);
23+
INSERT INTO `perm_perm_action_rel` (`permID`, `actionID`) VALUES (25,1);
24+
INSERT INTO `perm_perm_action_rel` (`permID`, `actionID`) VALUES (28,2);
25+
INSERT INTO `perm_perm_action_rel` (`permID`, `actionID`) VALUES (28,3);
26+
INSERT INTO `perm_perm_action_rel` (`permID`, `actionID`) VALUES (29,3);
27+
INSERT INTO `perm_perm_action_rel` (`permID`, `actionID`) VALUES (31,1);
28+
INSERT INTO `perm_perm_action_rel` (`permID`, `actionID`) VALUES (32,3);
29+
INSERT INTO `perm_perm_action_rel` (`permID`, `actionID`) VALUES (33,1);
30+
INSERT INTO `perm_perm_action_rel` (`permID`, `actionID`) VALUES (34,1);
31+
INSERT INTO `perm_perm_action_rel` (`permID`, `actionID`) VALUES (35,1);
32+
INSERT INTO `perm_perm_action_rel` (`permID`, `actionID`) VALUES (36,4);
33+
INSERT INTO `perm_perm_action_rel` (`permID`, `actionID`) VALUES (37,1);
34+
INSERT INTO `perm_perm_action_rel` (`permID`, `actionID`) VALUES (38,1);
35+
INSERT INTO `perm_perm_action_rel` (`permID`, `actionID`) VALUES (38,9);
36+
INSERT INTO `perm_perm_action_rel` (`permID`, `actionID`) VALUES (39,1);
37+
INSERT INTO `perm_perm_action_rel` (`permID`, `actionID`) VALUES (40,3);
38+
INSERT INTO `perm_perm_action_rel` (`permID`, `actionID`) VALUES (41,1);
39+
INSERT INTO `perm_perm_action_rel` (`permID`, `actionID`) VALUES (41,8);
40+
INSERT INTO `perm_perm_action_rel` (`permID`, `actionID`) VALUES (42,9);
41+
INSERT INTO `perm_perm_action_rel` (`permID`, `actionID`) VALUES (43,3);
42+
INSERT INTO `perm_perm_action_rel` (`permID`, `actionID`) VALUES (43,7);
43+
INSERT INTO `perm_perm_action_rel` (`permID`, `actionID`) VALUES (43,9);
44+
INSERT INTO `perm_perm_action_rel` (`permID`, `actionID`) VALUES (44,1);
45+
INSERT INTO `perm_perm_action_rel` (`permID`, `actionID`) VALUES (44,8);
46+
INSERT INTO `perm_perm_action_rel` (`permID`, `actionID`) VALUES (45,1);
47+
INSERT INTO `perm_perm_action_rel` (`permID`, `actionID`) VALUES (45,3);
48+
INSERT INTO `perm_perm_action_rel` (`permID`, `actionID`) VALUES (45,5);
49+
INSERT INTO `perm_perm_action_rel` (`permID`, `actionID`) VALUES (45,6);
50+
INSERT INTO `perm_perm_action_rel` (`permID`, `actionID`) VALUES (46,1);
51+
INSERT INTO `perm_perm_action_rel` (`permID`, `actionID`) VALUES (46,3);
52+
INSERT INTO `perm_perm_action_rel` (`permID`, `actionID`) VALUES (46,5);
53+
INSERT INTO `perm_perm_action_rel` (`permID`, `actionID`) VALUES (47,1);
54+
INSERT INTO `perm_perm_action_rel` (`permID`, `actionID`) VALUES (48,1);
55+
INSERT INTO `perm_perm_action_rel` (`permID`, `actionID`) VALUES (49,1);
56+
INSERT INTO `perm_perm_action_rel` (`permID`, `actionID`) VALUES (51,9);
57+
INSERT INTO `perm_perm_action_rel` (`permID`, `actionID`) VALUES (53,1);
58+
INSERT INTO `perm_perm_action_rel` (`permID`, `actionID`) VALUES (56,1);
59+
INSERT INTO `perm_perm_action_rel` (`permID`, `actionID`) VALUES (57,3);
60+
INSERT INTO `perm_perm_action_rel` (`permID`, `actionID`) VALUES (60,1);
61+
INSERT INTO `perm_perm_action_rel` (`permID`, `actionID`) VALUES (61,1);
62+
INSERT INTO `perm_perm_action_rel` (`permID`, `actionID`) VALUES (58,1);
63+
INSERT INTO `perm_perm_action_rel` (`permID`, `actionID`) VALUES (59,2);
64+
INSERT INTO `perm_perm_action_rel` (`permID`, `actionID`) VALUES (59,3);
65+
INSERT INTO `perm_perm_action_rel` (`permID`, `actionID`) VALUES (62,1);
66+
INSERT INTO `perm_perm_action_rel` (`permID`, `actionID`) VALUES (63,3);
67+
INSERT INTO `perm_perm_action_rel` (`permID`, `actionID`) VALUES (64,3);
68+
INSERT INTO `perm_perm_action_rel` (`permID`, `actionID`) VALUES (65,1);
69+
INSERT INTO `perm_perm_action_rel` (`permID`, `actionID`) VALUES (66,3);
70+
INSERT INTO `perm_perm_action_rel` (`permID`, `actionID`) VALUES (66,9);
71+
INSERT INTO `perm_perm_action_rel` (`permID`, `actionID`) VALUES (67,1);
72+
INSERT INTO `perm_perm_action_rel` (`permID`, `actionID`) VALUES (68,1);
73+
INSERT INTO `perm_perm_action_rel` (`permID`, `actionID`) VALUES (69,1);
74+
INSERT INTO `perm_perm_action_rel` (`permID`, `actionID`) VALUES (70,1);
75+
INSERT INTO `perm_perm_action_rel` (`permID`, `actionID`) VALUES (71,2);
76+
INSERT INTO `perm_perm_action_rel` (`permID`, `actionID`) VALUES (71,3);
77+
INSERT INTO `perm_perm_action_rel` (`permID`, `actionID`) VALUES (73,1);
78+
INSERT INTO `perm_perm_action_rel` (`permID`, `actionID`) VALUES (73,2);
79+
INSERT INTO `perm_perm_action_rel` (`permID`, `actionID`) VALUES (73,3);
80+
INSERT INTO `perm_perm_action_rel` (`permID`, `actionID`) VALUES (74,3);
81+
INSERT INTO `perm_perm_action_rel` (`permID`, `actionID`) VALUES (74,4);
82+
INSERT INTO `perm_perm_action_rel` (`permID`, `actionID`) VALUES (74,9);
83+
INSERT INTO `perm_perm_action_rel` (`permID`, `actionID`) VALUES (75,1);
84+
INSERT INTO `perm_perm_action_rel` (`permID`, `actionID`) VALUES (77,1);
85+
INSERT INTO `perm_perm_action_rel` (`permID`, `actionID`) VALUES (77,3);
86+
INSERT INTO `perm_perm_action_rel` (`permID`, `actionID`) VALUES (77,5);
87+
INSERT INTO `perm_perm_action_rel` (`permID`, `actionID`) VALUES (78,6);
88+
INSERT INTO `perm_perm_action_rel` (`permID`, `actionID`) VALUES (79,6);
89+
INSERT INTO `perm_perm_action_rel` (`permID`, `actionID`) VALUES (81,1);
90+
INSERT INTO `perm_perm_action_rel` (`permID`, `actionID`) VALUES (82,1);
91+
INSERT INTO `perm_perm_action_rel` (`permID`, `actionID`) VALUES (83,1);
92+
INSERT INTO `perm_perm_action_rel` (`permID`, `actionID`) VALUES (84,1);
93+
INSERT INTO `perm_perm_action_rel` (`permID`, `actionID`) VALUES (85,1);
94+
UNLOCK TABLES;
95+
SET FOREIGN_KEY_CHECKS=1;

0 commit comments

Comments
 (0)