Db based authentication system.

Had to change to an DB based authentication system as CPHPAuthmanager saves for each user a row in the file which does not scale very well.
tiltfactor · Sep 12, 2011 · 1d3fddb · 1d3fddb
1 parent 5355063
commit 1d3fddb
Show file tree

Hide file tree

Showing 5 changed files with 82 additions and 92 deletions.
diff --git a/documentation/mg_database_schema_v0.6.mwb b/documentation/mg_database_schema_v0.6.mwb
diff --git a/www/protected/config/development.php b/www/protected/config/development.php
@@ -53,8 +53,7 @@
 			'loginUrl' => array('/user/login'),
 		),
 		'authManager'=>array(
-            'class'=>'CPhpAuthManager',
-            // 'authFile' => 'path'                  // only if necessary
+      'class'=>'CDbAuthManager', 
     ),
 		// uncomment the following to enable URLs in path-format
 		'urlManager'=>array(

diff --git a/www/protected/config/main.php b/www/protected/config/main.php
@@ -55,8 +55,7 @@
 			'loginUrl' => array('/user/login'),
 		),
 		'authManager'=>array(
-            'class'=>'CPhpAuthManager',
-            // 'authFile' => 'path'                  // only if necessary
+      'class'=>'CDbAuthManager',
     ),
 		// uncomment the following to enable URLs in path-format
 		'urlManager'=>array(

diff --git a/www/protected/data/auth.php b/www/protected/data/auth.php
diff --git a/www/protected/data/mg.mysql.sql b/www/protected/data/mg.mysql.sql
@@ -675,6 +675,62 @@ CREATE INDEX `fk_game_partner_session1` ON `game_partner` (`session_id` ASC) ;
 CREATE INDEX `fk_game_partner_game1` ON `game_partner` (`game_id` ASC) ;
 
 
+-- -----------------------------------------------------
+-- Table `AuthItem`
+-- -----------------------------------------------------
+DROP TABLE IF EXISTS `AuthItem` ;
+
+CREATE  TABLE IF NOT EXISTS `AuthItem` (
+  `name` VARCHAR(64) NOT NULL ,
+  `type` INT NOT NULL ,
+  `description` TEXT NULL DEFAULT NULL ,
+  `bizrule` TEXT NULL DEFAULT NULL ,
+  `data` TEXT NULL DEFAULT NULL ,
+  PRIMARY KEY (`name`) )
+ENGINE = InnoDB;
+
+
+-- -----------------------------------------------------
+-- Table `AuthItemChild`
+-- -----------------------------------------------------
+DROP TABLE IF EXISTS `AuthItemChild` ;
+
+CREATE  TABLE IF NOT EXISTS `AuthItemChild` (
+  `parent` VARCHAR(64) NOT NULL ,
+  `child` VARCHAR(64) NOT NULL ,
+  PRIMARY KEY (`parent`, `child`) ,
+  CONSTRAINT `fk_{D3C449C2-B9CC-46EA-80A5-1FBCB86CD3A2}`
+    FOREIGN KEY (`parent` )
+    REFERENCES `AuthItem` (`name` )
+    ON DELETE cascade
+    ON UPDATE cascade,
+  CONSTRAINT `fk_{818C790C-3BBE-4C8D-A383-37DED516A298}`
+    FOREIGN KEY (`child` )
+    REFERENCES `AuthItem` (`name` )
+    ON DELETE cascade
+    ON UPDATE cascade)
+ENGINE = InnoDB;
+
+CREATE INDEX `fk_{818C790C-3BBE-4C8D-A383-37DED516A298}` ON `AuthItemChild` (`child` ASC) ;
+
+
+-- -----------------------------------------------------
+-- Table `AuthAssignment`
+-- -----------------------------------------------------
+DROP TABLE IF EXISTS `AuthAssignment` ;
+
+CREATE  TABLE IF NOT EXISTS `AuthAssignment` (
+  `itemname` VARCHAR(64) NOT NULL ,
+  `userid` VARCHAR(64) NOT NULL ,
+  `bizrule` TEXT NULL DEFAULT NULL ,
+  `data` TEXT NULL DEFAULT NULL ,
+  PRIMARY KEY (`itemname`, `userid`) ,
+  CONSTRAINT `fk_{4D666442-7B7E-4C6F-84DC-566EB7E44203}`
+    FOREIGN KEY (`itemname` )
+    REFERENCES `AuthItem` (`name` )
+    ON DELETE cascade
+    ON UPDATE cascade)
+ENGINE = InnoDB;
 
 SET SQL_MODE=@OLD_SQL_MODE;
 SET FOREIGN_KEY_CHECKS=@OLD_FOREIGN_KEY_CHECKS;
@@ -736,3 +792,27 @@ INSERT INTO `profile` (`user_id`) VALUES (3);
 INSERT INTO `profile` (`user_id`) VALUES (4);
 
 COMMIT;
+
+-- -----------------------------------------------------
+-- Data for table `AuthItem`
+-- -----------------------------------------------------
+START TRANSACTION;
+INSERT INTO `AuthItem` (`name`, `type`, `description`, `bizrule`, `data`) VALUES ('player', 2, 'Authenticated user. Can play games, change their profile and see their recorded game results', NULL, NULL);
+INSERT INTO `AuthItem` (`name`, `type`, `description`, `bizrule`, `data`) VALUES ('editor', 2, 'Access to the following admin tools: Image Administration, Tag Administration, Dictionary Administration', NULL, NULL);
+INSERT INTO `AuthItem` (`name`, `type`, `description`, `bizrule`, `data`) VALUES ('dbmanager', 2, 'Access to nearly all tools.', NULL, NULL);
+INSERT INTO `AuthItem` (`name`, `type`, `description`, `bizrule`, `data`) VALUES ('admin', 2, 'Access to all tools', NULL, NULL);
+
+COMMIT;
+
+-- -----------------------------------------------------
+-- Data for table `AuthItemChild`
+-- -----------------------------------------------------
+START TRANSACTION;
+INSERT INTO `AuthItemChild` (`parent`, `child`) VALUES ('editor', 'player');
+INSERT INTO `AuthItemChild` (`parent`, `child`) VALUES ('dbmanager', 'player');
+INSERT INTO `AuthItemChild` (`parent`, `child`) VALUES ('dbmanager', 'editor');
+INSERT INTO `AuthItemChild` (`parent`, `child`) VALUES ('admin', 'player');
+INSERT INTO `AuthItemChild` (`parent`, `child`) VALUES ('admin', 'editor');
+INSERT INTO `AuthItemChild` (`parent`, `child`) VALUES ('admin', 'dbmanager');
+
+COMMIT;