[Cs-webapplibs-commits] SF.net SVN: cs-webapplibs:[169] trunk/0.3

SourceForge Headquarters 1320 Columbia Street Suite 310 San Diego, CA 92101 +1 (858) 422-6466

Revision: 169
          http://cs-webapplibs.svn.sourceforge.net/cs-webapplibs/?rev=169&view=rev
Author:   crazedsanity
Date:     2010-06-21 14:29:53 +0000 (Mon, 21 Jun 2010)

Log Message:
-----------
Add generic permissions system, fix an error with upgrade system, documentation.

/docs/README.txt:
	* added some documentation for CS Generic Permissions.
/setup/genericPermissions.pgsql.sql:
	* no permission table anymore
	* group_table has an admin (group_admin) column
	* no more permission_group table
	* added FKey to user_group table
	* added object table with *nix-like permissions.
	* added list of example permissions...
/tests/testOfCSWebAppLibs.php:
	* remove_tables():
		-- added tables for the permissions stuff.
	* renamed "test_genericDataLinker()" to "tst_genericDataLinker()" so it 
		would not run (planning on resurrecting the generic data linker).
	* commented-out the extra "gdlTester" class.
/abstract/cs_genericPermissionGroup.abstract.class.php [DELETED]
/abstract/cs_genericPermission.abstract.class.php [DELETED]
/abstract/cs_genericUserGroup.abstract.class.php [NEW,COPIED]:
	* updated some internal vars & such for new class name.
/abstract/cs_genericGroup.abstract.class.php:
	* extends cs_webapplibsAbstract
/abstract/cs_group.abstract.class.php [NEW,COPIED]:
	* updated some internal vars & such for new class name.
/cs_genericPermission.class.php:
	* MAIN:::
		-- extends cs_genericUserGroup.
		-- rename internal vars to reference the object table.
	* __construct():
		-- call parent constructor
		-- setup keys array for permissions.
	* clean_permission_name() [DELETED]:
		-- handled in another class...
	* _sanityCheck() [NEW]:
		-- checks to make sure internal things are good.
	* parse_permission_string() [NEW]:
		-- parses a string like "rwxrw-r--" into the appropriate column names.
	* build_permission_string() [NEW]:
		-- create a string like "rwxrw-r--" (reverse of parse_permission_string()).
	* create_object() [NEW]:
		-- same as calling create_permission().
	* create_permission():
		-- revamped to use the object table.
	* get_object() [NEW]:
		-- like calling get_permission()
	* get_permission():
		-- updated to use the permission table.
	* get_object_by_id() [NEW]:
		-- just like calling get_permission_by_id().
	* get_permission_by_id():
		-- like the name implies.
/cs_webdbupgrade.class.php:
	* get_database_version():
		-- return data after table loaded (thanks to unit testing).

Modified Paths:
--------------
    trunk/0.3/abstract/cs_genericGroup.abstract.class.php
    trunk/0.3/cs_webdbupgrade.class.php
    trunk/0.3/docs/README.txt
    trunk/0.3/setup/genericPermissions.pgsql.sql
    trunk/0.3/tests/testOfCSWebAppLibs.php

Added Paths:
-----------
    trunk/0.3/abstract/cs_genericUserGroup.abstract.class.php
    trunk/0.3/abstract/cs_group.abstract.class.php
    trunk/0.3/cs_genericPermission.class.php

Removed Paths:
-------------
    trunk/0.3/abstract/cs_genericPermission.abstract.class.php
    trunk/0.3/abstract/cs_genericPermissionGroup.abstract.class.php

Modified: trunk/0.3/abstract/cs_genericGroup.abstract.class.php
===================================================================

--- trunk/0.3/abstract/cs_genericGroup.abstract.class.php	2010-06-15 02:16:11 UTC (rev 168)
+++ trunk/0.3/abstract/cs_genericGroup.abstract.class.php	2010-06-21 14:29:53 UTC (rev 169)
@@ -12,7 +12,7 @@
  * $LastChangedRevision$
  */
 
-abstract class cs_genericGroupAbstract extends cs_genericPermissionAbstract {
+abstract class cs_genericGroupAbstract extends cs_webapplibsAbstract {
 	
 	/** Table name used to store groups. */
 	const groupTable = "cswal_group_table";

Deleted: trunk/0.3/abstract/cs_genericPermission.abstract.class.php
===================================================================
--- trunk/0.3/abstract/cs_genericPermission.abstract.class.php	2010-06-15 02:16:11 UTC (rev 168)
+++ trunk/0.3/abstract/cs_genericPermission.abstract.class.php	2010-06-21 14:29:53 UTC (rev 169)
@@ -1,122 +0,0 @@
-<?php
-/*
- * Created on June 03, 2010
- * 
- * FILE INFORMATION:
- * 
- * $HeadURL$
- * $Id$
- * $LastChangedDate$
- * $LastChangedBy$
- * $LastChangedRevision$
- */
-
-abstract class cs_genericPermissionAbstract extends cs_webapplibsAbstract {
-	
-	/** Database object. */
-	public $db;
-	
-	/** cs_globalFunctions object, for cleaning strings & such. */
-	public $gfObj;
-	
-	/** Table name used to store permissions. */
-	const permTable = "cswal_permission_table";
-	
-	/** Sequence for permissions table. */
-	const permSeq = "cswal_permission_table_permission_id";
-	
-	//============================================================================
-	public abstract function __construct(cs_phpDB $db) {
-		$this->db = $db;
-		$this->gfObj = new cs_globalFunctions;
-	}//end __construct()
-	//============================================================================
-	
-	
-	
-	//============================================================================
-	protected function clean_permission_name($name) {
-		if(!is_null($name) && is_string($name) && strlen($name)) {
-			$name = $this->gfObj->cleanString(strtolower($name), 'email');
-		}
-		else {
-			throw new exception(__METHOD__ .":: invalid string (". $name .")");
-		}
-	}//end clean_permission_name()
-	//============================================================================
-	
-	
-	
-	//============================================================================
-	public function create_permission($name) {
-		try{
-			$name = $this->clean_permission_name($name);
-			$sql = "INSERT INTO ". self::permTable ." (permission_name) VALUES ('". $name ."')";
-			$newId = $this->db->run_insert($sql, self::permSeq);
-		}
-		catch(Exception $e) {
-			throw new exception(__METHOD__ .":: failed to create new record, DETAILS::: ". $e->getMessage());
-		}
-		
-		return($newId);
-	}//end create_permission()
-	//============================================================================
-	
-	
-	
-	//============================================================================
-	public function get_permission($name) {
-		try {
-			$name = $this->clean_permission_name($name);
-			$sql = "SELECT * FROM ". self::permTable ." WHERE permission_name='". $name ."'";
-			$retval = $this->db->run_query($sql);
-		}
-		catch(Exception $e) {
-			throw new exception(__METHOD__ .":: error while locating permission '". $name ."', DETAILS::: ". $e->getMessage());
-		}
-		
-		return($retval);
-	}//end get_permission()
-	//============================================================================
-	
-	
-	
-	//============================================================================
-	public function get_permission_by_id($permId) {
-		try {
-			if(!is_null($permId) && is_numeric($permId)) {
-				$sql = "SELECT * FROM ". self::permTable ." WHERE permission_id='". $permId ."'";
-				$retval = $this->db->run_query($sql);
-			}
-			else {
-				throw new exception(__METHOD__ .":: invalid permission ID (". $permId .")");
-			}
-		}
-		catch(Exception $e) {
-			throw new exception(__METHOD__ .":: error while locating permission '". $permId ."', DETAILS::: ". $e->getMessage());
-		}
-		
-		return($retval);
-	}//end get_permission_by_id()
-	//============================================================================
-	
-	
-	
-	//============================================================================
-	/**
-	 * Build the schema for permissions.
-	 */
-	private function build_schema() {
-		try {
-			$result = $this->db->run_sql_file(dirname(__FILE__) .'/../setup/genericPermissions.pgsql.sql');
-		}
-		catch(Exception $e) {
-			throw new exception(__METHOD__ .":: failed to create schema, DETAILS::: ". $e->getMessage());
-		}
-		if($result !== true) {
-			throw new exception(__METHOD__ .":: failed to create schema (no details)");
-		}
-	}//end build_schema()
-	//============================================================================
-}
-?>

Deleted: trunk/0.3/abstract/cs_genericPermissionGroup.abstract.class.php
===================================================================
--- trunk/0.3/abstract/cs_genericPermissionGroup.abstract.class.php	2010-06-15 02:16:11 UTC (rev 168)
+++ trunk/0.3/abstract/cs_genericPermissionGroup.abstract.class.php	2010-06-21 14:29:53 UTC (rev 169)
@@ -1,96 +0,0 @@
-<?php
-
-/*
- * Created on June 14, 2010
- * 
- * FILE INFORMATION:
- * 
- * $HeadURL$
- * $Id$
- * $LastChangedDate$
- * $LastChangedBy$
- * $LastChangedRevision$
- */
-
-abstract class cs_genericPermissionGroupAbstract extends cs_genericGroupAbstract {
-	
-	/** Table name used to store permission groups. */
-	const permGroupTable = "cswal_permission_group_table";
-	
-	/** Sequence for permission_group table. */
-	const groupSeq = "cswal_permission_group_table_permission_group_id_seq";
-	
-	//============================================================================
-	public abstract function __construct(cs_phpDB $db) {
-		parent::__construct($db);
-	}//end __construct()
-	//============================================================================
-	
-	
-	
-	//============================================================================
-	protected function clean_perm_group_name($permGroupName) {
-		try {
-			$retval = $this->clean_group_name($permGroupName);
-		}
-		catch(Exception $e) {
-			throw new exception(__METHOD__ .":: failed to clean group name (". $groupName .")");
-		}
-		return($retval);
-	}//end clean_perm_group_name()
-	//============================================================================
-	
-	
-	
-	//============================================================================
-	public function create_group($groupName) {
-		try {
-			$groupName = $this->clean_group_name($groupName);
-			$sql = "INSERT INTO ". self::groupTable ." (group_name) VALUES ('". $groupName ."')";
-			$newId = $this->db->run_insert($sql, self::groupSeq);
-		}
-		catch(Exception $e) {
-			throw new exception(__METHOD__ .":: failed to create group (". $groupName ."), DETAILS::: ". $e->getMessage());
-		}
-		return($newId);
-	}//end create_group()
-	//============================================================================
-	
-	
-	
-	//============================================================================
-	public function get_group($groupName) {
-		try {
-			$groupName = $this->clean_group_name($groupName);
-			$sql = "SELECT * FROM ". self::groupTable ." WHERE group_name='". $groupName ."'";
-			$retval = $this->db->run_query($sql);
-		}
-		catch(Exception $e) {
-			throw new exception(__METHOD__ .":: failed to locate group (". $groupName ."), DETAILS::: ". $e->getMessage());
-		}
-		return($retval);
-	}//end get_group()
-	//============================================================================
-	
-	
-	
-	//============================================================================
-	public function get_group_by_id($groupId) {
-		try {
-			if(!is_null($groupId) && is_numeric($groupId)) {
-				$sql = "SELECT * FROM ". self::groupTable ." WHERE group_id='". $groupId ."'";
-				$retval = $this->db->run_query($sql);
-			}
-			else {
-				throw new exception(__METHOD__ .":: invalid group ID (". $groupId .")");
-			}
-		}
-		catch(Exception $e) {
-			throw new exception(__METHOD__ .":: failed to locate group ID (". $groupId ."), DETAILS::: ". $e->getMessage());
-		}
-		return($retval);
-	}//end get_group_by_id()
-	//============================================================================
-	
-}
-?>

Copied: trunk/0.3/abstract/cs_genericUserGroup.abstract.class.php (from rev 168, trunk/0.3/abstract/cs_genericGroup.abstract.class.php)
===================================================================
--- trunk/0.3/abstract/cs_genericUserGroup.abstract.class.php	                        (rev 0)
+++ trunk/0.3/abstract/cs_genericUserGroup.abstract.class.php	2010-06-21 14:29:53 UTC (rev 169)
@@ -0,0 +1,71 @@
+<?php
+
+/*
+ * Created on June 18, 2010
+ * 
+ * FILE INFORMATION:
+ * 
+ * $HeadURL$
+ * $Id$
+ * $LastChangedDate$
+ * $LastChangedBy$
+ * $LastChangedRevision$
+ */
+
+abstract class cs_genericUserGroupAbstract extends cs_genericGroupAbstract {
+	
+	/** Table name used to store user_group records. */
+	const ugTable = "cswal_user_group_table";
+	
+	/** Sequence for user_group table. */
+	const ugSeq = "cswal_user_group_table_user_group_id_seq";
+	
+	//============================================================================
+	public abstract function __construct(cs_phpDB $db) {
+		parent::__construct($db);
+	}//end __construct()
+	//============================================================================
+	
+	
+	
+	//============================================================================
+	public function create_user_group($userId, $groupId) {
+		if(is_numeric($userId) && is_numeric($groupId) && $userId >= 0 && $groupId >= 0) {
+			try {
+				$sql = "INSERT INTO ". self::ugTable ." (user_id, group_id) VALUES (". $userId .", ". $groupId .")";
+				$newId = $this->db->run_insert($sql, self::ugSeq);
+			}
+			catch(Exception $e) {
+				throw new exception(__METHOD__ .":: failed to create group (". $groupName ."), DETAILS::: ". $e->getMessage());
+			}
+		}
+		else {
+			throw new exception(__METHOD__ .":: invalid or non-numeric user_id (". $userId .") or group_id (". $groupId .")");
+		}
+		return($newId);
+	}//end create_group()
+	//============================================================================
+	
+	
+	
+	//============================================================================
+	public function get_user_groups($userId) {
+		if(is_numeric($userId) && $userId >= 0) {
+			try {
+				$sql = "SELECT ug.*, g.group_name FROM ". self::ugTable ." AS ug INNER "
+					."JOIN ". parent::groupTable ." as g WHERE user_id=". $userId;
+				$retval = $this->db->run_query($sql);
+			}
+			catch(Exception $e) {
+				throw new exception(__METHOD__ .":: failed to locate group (". $groupName ."), DETAILS::: ". $e->getMessage());
+			}
+		}
+		else {
+			throw new exception(__METHOD__ .":: invalid or non-numeric user_id (". $userId .")");
+		}
+		return($retval);
+	}//end get_group()
+	//============================================================================
+	
+}
+?>

Copied: trunk/0.3/abstract/cs_group.abstract.class.php (from rev 168, trunk/0.3/abstract/cs_genericPermission.abstract.class.php)
===================================================================
--- trunk/0.3/abstract/cs_group.abstract.class.php	                        (rev 0)
+++ trunk/0.3/abstract/cs_group.abstract.class.php	2010-06-21 14:29:53 UTC (rev 169)
@@ -0,0 +1,122 @@
+<?php
+/*
+ * Created on June 18, 2010
+ * 
+ * FILE INFORMATION:
+ * 
+ * $HeadURL$
+ * $Id$
+ * $LastChangedDate$
+ * $LastChangedBy$
+ * $LastChangedRevision$
+ */
+
+class cs_groupAbstract extends cs_webapplibsAbstract {
+	
+	/** Database object. */
+	public $db;
+	
+	/** cs_globalFunctions object, for cleaning strings & such. */
+	public $gfObj;
+	
+	/** Table name used to store groups. */
+	const groupTable = "cswal_group_table";
+	
+	/** Sequence for groups table. */
+	const groupSeq = "cswal_group_table_group_id";
+	
+	//============================================================================
+	public abstract function __construct(cs_phpDB $db) {
+		$this->db = $db;
+		$this->gfObj = new cs_globalFunctions;
+	}//end __construct()
+	//============================================================================
+	
+	
+	
+	//============================================================================
+	protected function clean_group_name($name) {
+		if(!is_null($name) && is_string($name) && strlen($name)) {
+			$name = $this->gfObj->cleanString(strtolower($name), 'email');
+		}
+		else {
+			throw new exception(__METHOD__ .":: invalid string (". $name .")");
+		}
+	}//end clean_group_name()
+	//============================================================================
+	
+	
+	
+	//============================================================================
+	public function create_group($name) {
+		try{
+			$name = $this->clean_group_name($name);
+			$sql = "INSERT INTO ". self::groupTable ." (group_name) VALUES ('". $name ."')";
+			$newId = $this->db->run_insert($sql, self::gropuSeq);
+		}
+		catch(Exception $e) {
+			throw new exception(__METHOD__ .":: failed to create new record, DETAILS::: ". $e->getMessage());
+		}
+		
+		return($newId);
+	}//end create_group()
+	//============================================================================
+	
+	
+	
+	//============================================================================
+	public function get_group($name) {
+		try {
+			$name = $this->clean_group_name($name);
+			$sql = "SELECT * FROM ". self::groupTable ." WHERE group_name='". $name ."'";
+			$retval = $this->db->run_query($sql);
+		}
+		catch(Exception $e) {
+			throw new exception(__METHOD__ .":: error while locating group '". $name ."', DETAILS::: ". $e->getMessage());
+		}
+		
+		return($retval);
+	}//end get_group()
+	//============================================================================
+	
+	
+	
+	//============================================================================
+	public function get_group_by_id($groupId) {
+		try {
+			if(!is_null($groupId) && is_numeric($groupId)) {
+				$sql = "SELECT * FROM ". self::groupTable ." WHERE group_id='". $groupId ."'";
+				$retval = $this->db->run_query($sql);
+			}
+			else {
+				throw new exception(__METHOD__ .":: invalid group ID (". $groupId .")");
+			}
+		}
+		catch(Exception $e) {
+			throw new exception(__METHOD__ .":: error while locating group '". $groupId ."', DETAILS::: ". $e->getMessage());
+		}
+		
+		return($retval);
+	}//end get_group_by_id()
+	//============================================================================
+	
+	
+	
+	//============================================================================
+	/**
+	 * Build the schema for the generic permissions system.
+	 */
+	private function build_schema() {
+		try {
+			$result = $this->db->run_sql_file(dirname(__FILE__) .'/../setup/genericPermissions.pgsql.sql');
+		}
+		catch(Exception $e) {
+			throw new exception(__METHOD__ .":: failed to create schema, DETAILS::: ". $e->getMessage());
+		}
+		if($result !== true) {
+			throw new exception(__METHOD__ .":: failed to create schema (no details)");
+		}
+	}//end build_schema()
+	//============================================================================
+}
+?>

Copied: trunk/0.3/cs_genericPermission.class.php (from rev 168, trunk/0.3/abstract/cs_genericPermission.abstract.class.php)
===================================================================
--- trunk/0.3/cs_genericPermission.class.php	                        (rev 0)
+++ trunk/0.3/cs_genericPermission.class.php	2010-06-21 14:29:53 UTC (rev 169)
@@ -0,0 +1,204 @@
+<?php
+/*
+ * Created on June 03, 2010
+ * 
+ * FILE INFORMATION:
+ * 
+ * $HeadURL$
+ * $Id$
+ * $LastChangedDate$
+ * $LastChangedBy$
+ * $LastChangedRevision$
+ */
+
+class cs_genericPermission extends cs_genericUserGroupAbstract {
+	
+	/** Database object. */
+	public $db;
+	
+	/** cs_globalFunctions object, for cleaning strings & such. */
+	public $gfObj;
+	
+	/** Table name used to store permissions. */
+	const objTable = "cswal_object_table";
+	
+	/** Sequence for permissions table. */
+	const objSeq = "cswal_object_table_object_id";
+	
+	/** List of valid keys... */
+	protected $keys = array();
+	
+	//============================================================================
+	public abstract function __construct(cs_phpDB $db) {
+		$this->db = $db;
+		parent::__construct($db);
+		$this->gfObj = new cs_globalFunctions;
+		$this->keys = array(
+			0	=> 'u_r',
+			1	=> 'u_w',
+			2	=> 'u_x',
+			3	=> 'g_r',
+			4	=> 'g_w',
+			5	=> 'g_x',
+			6	=> 'o_r',
+			7	=> 'o_w',
+			8	=> 'o_x'
+		);
+	}//end __construct()
+	//============================================================================
+	
+	
+	
+	//============================================================================
+	/**
+	 * Checks internals to make sure all is okay; throws an exception on fail.
+	 */
+	private function _sanityCheck() {
+		if(!is_array($this->keys) || count($this->keys) != 9) {
+			throw new exception(__METHOD__ .":: internal error, no keys");
+		}
+	}//end _sanityCheck()
+	//============================================================================
+	
+	
+	
+	//============================================================================
+	protected function parse_permission_string($string) {
+		$this->_sanityCheck();
+		if(is_string($string) && strlen($string) == 9) {
+			$retval = array();
+			//handle it like an array.
+			for($x=0;$x<strlen($string);$x++) {
+				$myVal = false;
+				if($string[$x] !== '-') 
+					$myVal = true;
+				}
+				$key = $this->keys[$x];
+				$retval[$key] = $myVal;
+			}
+		}
+		else {
+			throw new exception(__METHOD__ .":: invalid permission string (". $string ."), non-string or not 9 characters long (example: 'rwxrw-rw-')");
+		}
+		return($retval);
+	}//end parse_permission_string()
+	//============================================================================
+	
+	
+	
+	//============================================================================
+	protected function build_permission_string(array $perms) {
+		$this->_sanityCheck();
+		if(is_array($perms) && count($perms) == count($this->keys)) {
+			$retval = "";
+			foreach($this->keys as $dbColName) {
+				if(isset($perms[$dbColName])) {
+					//get the last character of the column name.
+					$permChar = substring($dbColName, -1);
+					if($perms[$dbColName] === false) {
+						$permChar = '-';
+					}
+					$retval .= $permChar;
+				}
+				else {
+					throw new exception(__METHOD__ .":: missing permission index (". $dbColName .")");
+				}
+			}
+		}
+		else {
+			throw new exception(__METHOD__ .":: invalid permission set.");
+		}
+		return($retval);
+	}//end build_permission_string();
+	//============================================================================
+	
+	
+	
+	//============================================================================
+	public function create_object($name, $userId, $groupId, $permString) {
+		return($this->create_permission($name, $userId, $groupId, $permString));
+	}//end create_object()
+	//============================================================================
+	
+	
+	
+	//============================================================================
+	public function create_permission($name, $userId, $groupId, $permString) {
+		if(is_string($name) && strlen($name) && is_numeric($userId) && $userId >= 0 && is_numeric($groupId) && $groupId >= 0) {
+			try{
+				$insertArr = $this->parse_permission_string($permString);
+				$insertArr['object_name'] = $this->gfObj->cleanString($name, 'sql', 0);
+				$insertArr['user_id'] = $userId;
+				$insertArr['group_id'] = $groupId;
+				
+				$insertSql = $this->gfObj->string_from_array($insertArr, 'insert');
+				$sql = "INSERT INTO ". self::objTable ." ". $insertSql;
+				$newId = $this->db->run_insert($sql, self::objSeq);
+			}
+			catch(Exception $e) {
+				throw new exception(__METHOD__ .":: failed to create new record, DETAILS::: ". $e->getMessage());
+			}
+		}
+		else {
+			throw new exception(__METHOD__ .":: invalid argument(s)");
+		}
+		
+		return($newId);
+	}//end create_permission()
+	//============================================================================
+	
+	
+	
+	//============================================================================
+	public function get_object($name) {
+		return($this->get_permission($name));
+	}//end get_object()
+	//============================================================================
+	
+	
+	
+	//============================================================================
+	public function get_permission($name) {
+		try {
+			$name = $this->clean_permission_name($name);
+			$sql = "SELECT * FROM ". self::objTable ." WHERE permission_name='". $name ."'";
+			$retval = $this->db->run_query($sql);
+		}
+		catch(Exception $e) {
+			throw new exception(__METHOD__ .":: error while locating permission '". $name ."', DETAILS::: ". $e->getMessage());
+		}
+		
+		return($retval);
+	}//end get_permission()
+	//============================================================================
+	
+	
+	
+	//============================================================================
+	public function get_object_by_id($objectId) {
+		return($this->get_permission_by_id($objectId);
+	}//end get_object_by_id()
+	//============================================================================
+	
+	
+	
+	//============================================================================
+	public function get_permission_by_id($permId) {
+		try {
+			if(!is_null($permId) && is_numeric($permId)) {
+				$sql = "SELECT * FROM ". self::objTable ." WHERE object_id='". $permId ."'";
+				$retval = $this->db->run_query($sql);
+			}
+			else {
+				throw new exception(__METHOD__ .":: invalid permission ID (". $permId .")");
+			}
+		}
+		catch(Exception $e) {
+			throw new exception(__METHOD__ .":: error while locating permission '". $permId ."', DETAILS::: ". $e->getMessage());
+		}
+		
+		return($retval);
+	}//end get_permission_by_id()
+	//============================================================================
+}
+?>

Modified: trunk/0.3/cs_webdbupgrade.class.php
===================================================================
--- trunk/0.3/cs_webdbupgrade.class.php	2010-06-15 02:16:11 UTC (rev 168)
+++ trunk/0.3/cs_webdbupgrade.class.php	2010-06-21 14:29:53 UTC (rev 169)
@@ -542,6 +542,11 @@
 					//now try the SQL...
 					$numrows = $this->db->exec($sql);
 					$dberror = $this->db->errorMsg();
+					
+					//retrieve the data...
+					$data = $this->db->farray_fieldnames();
+					$this->databaseVersion = $data['version_string'];
+					$retval = $this->parse_version_string($data['version_string']);
 				}
 				else {
 					$this->error_handler(__METHOD__ .": no table in database, failed to create one... ORIGINAL " .

Modified: trunk/0.3/docs/README.txt
===================================================================
--- trunk/0.3/docs/README.txt	2010-06-15 02:16:11 UTC (rev 168)
+++ trunk/0.3/docs/README.txt	2010-06-21 14:29:53 UTC (rev 169)
@@ -90,4 +90,32 @@
 	 				NO:::
 	 					--> stop upgrade process.
 	 					--> HALT
- --> (continues as before)
\ No newline at end of file
+ --> (continues as before)
+
+
+=== CS Generic Permissions === 
+
+This permissions system is built to be flexible enough to be used in virtually any application for any purpose.  The "permissions" are stored in a way that basically mimics *nix filesystem permissions.  The code must know what the object is for which the user is asking permission.  That object has the following traits:
+	* Object Name: the name of the item that is being assigned permissions.
+		-- Examples:
+			++ A URL (i.e. "/authenticated" would only be accessible to the owner + group members)
+			++ A Blog (i.e. "/blog/harryjohnson" would be readable to everyone, but only writeable by user "harryjohnson")
+			++ A File (i.e. "/{WEBROOT}/files/hiddenData.sqlite" might only be allowed access by a certain user)
+			++ Executing a special script: (i.e. "/bin/importFiles.pl", run script using a web interface)
+	* User ID: indicates what user owns this object.
+	* Group ID: indicates a group that users must be part of (if not owner) to be assigned these permissions
+	* Permission Bits:
+		-- Each permission is a true/false value.  The name is in the form "{x}_{y}"
+			++ "{x}":  u/g/o (User/Group/Owner)
+			++ "{y}":  r/w/x (Read/Write/eXecute)
+		-- Full Explanation:
+			++ "u_r":  User's read permission; indicates if the owner can "read" (view) it.
+			++ "u_w":  User's write permission; indicates if the owner can write (create/update) the object.
+			++ "u_x":  User's execute permission; this rarely applies, and usage would vary greatly depending upon the object & associated code.
+			++ "g_r":  Group read permission; users assigned to the associated group can/cannot "read" (view) it.
+			++ "g_w":  Group write permission; users assigned to the associated group can/cannot write (create/update) the object.
+			++ "g_x":  Group execute permission; users assigned to the associated group are bound by this value (usage depends on code).
+			++ "o_r":  Other read permission; users that are not owners or members of the group can/cannot "read" (view) it
+			++ "o_w":  Other write permission; users that are not owners or members of the group can/cannot write (create/update) the object.
+			++ "o_x":  Other execute permission; users that are... you get the idea.
+

Modified: trunk/0.3/setup/genericPermissions.pgsql.sql
===================================================================
--- trunk/0.3/setup/genericPermissions.pgsql.sql	2010-06-15 02:16:11 UTC (rev 168)
+++ trunk/0.3/setup/genericPermissions.pgsql.sql	2010-06-21 14:29:53 UTC (rev 169)
@@ -1,58 +1,60 @@
+BEGIN;
 
 --
--- Permission table
--- Specific permissions: these are words used by the code to determine if the user has the appropriate permission.
---
-CREATE TABLE cswal_permission_table (
-	permission_id serial NOT NULL PRIMARY KEY,
-	permission_name text NOT NULL UNIQUE
-);
-
-
---
 -- Group table
 -- Enumerates a list of permissions for a specific group: i.e. for "blog", this could list "create", "edit", and "delete" (among others).
 --
 CREATE TABLE cswal_group_table (
 	group_id serial NOT NULL PRIMARY KEY,
-	group_name text NOT NULL UNIQUE
+	group_name text NOT NULL UNIQUE,
+	group_admin integer NOT NULL REFERENCES cs_authtentication_table(uid)
 );
 
 --
--- Permission + Group table
--- Enumerates permissions for a given group: any permissions not specifically entered are denied.
---
-CREATE TABLE cswal_permission_group_table (
-	permission_group_id serial NOT NULL PRIMARY KEY,
-	permission_id integer NOT NULL REFERENCES cswal_permission_table(permission_id),
-	group_id integer NOT NULL REFERENCES cswal_group_table(group_id),
-	allowed boolean NOT NULL DEFAULT false,
-	description text
-);
-
---
 -- User + Group table
 -- Assigns a user to one or more groups.
--- NOTE::: the "user_id" column should be (manually) foreign-keyed to an existing user table.
+-- NOTE::: the "user_id" table should be updated to match your database schema.
 --
 CREATE TABLE cswal_user_group_table (
 	user_group_id serial NOT NULL PRIMARY KEY,
-	user_id integer NOT NULL,
+	user_id integer NOT NULL REFERENCES cs_authentication_table(uid),
 	group_id integer NOT NULL REFERENCES cswal_group_table(group_id)
 );
 
 
 --
--- User + Permission table
--- Give users specific permissions, overriding default and/or assigned group permissions.
+-- Object table
+-- Contains unique list of objects along with the owner, default group, & user/group/other permissions (like *nix filesystem permissions)
+-- The permissions for user/group/other could be converted to octal (i.e. "rwxrwxrwx" == "777"), but it isn't as straightforward to read.
+-- NOTE::: the "user_id" table should be updated to match your database schema.
 --
-CREATE TABLE cswal_user_permission_table (
-	user_permission_id serial NOT NULL PRIMARY KEY,
-	user_id integer NOT NULL,
+CREATE TABLE cswal_object_table (
+	object_id serial NOT NULL PRIMARY KEY,
+	object_name text NOT NULL UNIQUE,
+	user_id integer NOT NULL REFERENCES cs_authentication_table(uid),
 	group_id integer NOT NULL REFERENCES cswal_group_table(group_id),
-	permission_id integer NOT NULL REFERENCES cswal_permission_table(permission_id),
-	allowed boolean NOT NULL DEFAULT false
+	u_r boolean NOT NULL DEFAULT TRUE,
+	u_w boolean NOT NULL DEFAULT TRUE,
+	u_x boolean NOT NULL DEFAULT FALSE,
+	g_r boolean NOT NULL DEFAULT TRUE,
+	g_w boolean NOT NULL DEFAULT FALSE,
+	g_x boolean NOT NULL DEFAULT FALSE,
+	o_r boolean NOT NULL DEFAULT TRUE,
+	o_w boolean NOT NULL DEFAULT FALSE,
+	o_x boolean NOT NULL DEFAULT FALSE
 );
 
 
+INSERT INTO cswal_group_table (group_name) VALUES ('www');
+INSERT INTO cswal_group_table (group_name) VALUES ('blogs');
+INSERT INTO cswal_group_table (group_name) VALUES ('admin');
 
+INSERT INTO cswal_object_table 
+	(object_name,user_id, group_id)
+	VALUES
+	('/',        101,     1);
+
+INSERT INTO cswal_object_table
+	(object_name, user_id, group_id, g_r,  g_w)
+	VALUES 
+	('/member', 101,       2,        true, true);

Modified: trunk/0.3/tests/testOfCSWebAppLibs.php
===================================================================
--- trunk/0.3/tests/testOfCSWebAppLibs.php	2010-06-15 02:16:11 UTC (rev 168)
+++ trunk/0.3/tests/testOfCSWebAppLibs.php	2010-06-21 14:29:53 UTC (rev 169)
@@ -48,7 +48,8 @@
 			'cswal_auth_token_table', 'cswal_version_table', 'cswal_attribute_table', 
 			'cswal_category_table', 'cswal_class_table', 'cswal_event_table', 
 			'cswal_log_attribute_table', 'cswal_log_table', 'cswal_session_store_table',
-			'cswal_gdl_object_table', 'cswal_gdl_attribute_table', 'cswal_gdl_path_table'
+			'cswal_gdl_object_table', 'cswal_gdl_attribute_table', 'cswal_gdl_path_table',
+			'cswal_object_table', 'cswal_user_group_table', 'cswal_group_table'
 		);
 		
 		$db = $this->create_dbconn();
@@ -202,7 +203,7 @@
 	
 	
 	//--------------------------------------------------------------------------
-	function test_genericDataLinker() {
+	function tst_genericDataLinker() {
 		
 		$x = new gdlTester($this->create_dbconn());
 		
@@ -458,6 +459,13 @@
 	
 	
 	//--------------------------------------------------------------------------
+	public function test_genericPermissions() {
+	}//end test_genericPermissions()
+	//--------------------------------------------------------------------------
+	
+	
+	
+	//--------------------------------------------------------------------------
 	private function do_tokenTest(array $tokenData, $uid, $checksum) {
 		
 		if($this->assertTrue(is_array($tokenData)) && $this->assertTrue(is_numeric($uid)) && $this->assertTrue(strlen($checksum))) {
@@ -487,6 +495,7 @@
 	}
 }
 
+/*
 class gdlTester extends cs_genericDataLinker {
 	public $isTest = true;
 	
@@ -498,5 +507,6 @@
 		return($this->create_path_objects($path));
 	}
 }
+//*/
 
 ?>


This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.


