[Owasp-phprbac] Child permissions/roles

Lane Richardson puterfeller at gmail.com
Tue Nov 24 23:29:53 UTC 2015


Greetings!

I hope to implement phpRBAC on my MySQL database. I have the required RBAC
tables set up, but had to take a step back when looking at permissions and
roles.

I am trying to wrap my head around the 4 tables and their relationships.
They do not seem to be linked, and I suppose that's not absolutely
necessary.

How can permissions and roles have child permissions/roles? How is that
denoted in the database tables?

I do like that permissions can have child permissions. For example, a
parent permission of "create users" should also have "edit users" and
"delete users" as child permissions. This could make applying permissions
much easier. However, with child permissions, there doesn't seem to be a
way to grant a role the permission of "edit users" without also granting
"delete users". I suppose those three could all be individual parent
permissions, too?

More ? to come...

Regards,
Lane Richardson
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.owasp.org/pipermail/owasp-phprbac/attachments/20151124/93bd8523/attachment.html>


More information about the Owasp-phprbac mailing list