List:General Discussion« Previous MessageNext Message »
From:Thimble Smith Date:July 26 1999 5:14pm
Subject:Re: Finding privileges
View as plain text  
At 11:41, 19990726, Para-dox wrote:
>(please write back directly to me)
>
>I am writing a program that is going to be used by several different people
>with different permissions...I need to check what privileges the current
>user has to a certain table and its columns, without testing a ton of
>UPDATES or INSERTS...is there a provided method? Thanks

Do you need to "check" what privileges the current user has, or do
you really just want to prevent them from doing anything more than
they're privileged to do?

You can give different MySQL users (has nothing to do with the Unix
user) different accesses - from the database level down to the column
level!  So you can do something like this (Perl):

    my $user = $ENV{'REMOTE_USER'} or die "not authenticated: bye";

    # this probably would be slurped in from a config file
    my $class = {
        'joe'     => 'super',
        'juan'    => 'basic',
        'ezra'    => 'basic',
        'anne'    => 'super',
        'sabrina' => 'basic',
        'wu'      => 'basic',
    }->{$user}
        or die "no class for user $user";

    # this is also a config file candidate
    %pwd = (
        'super'         => 'p4s$w0rd',
        'basic'         => 'kr1pt0',
    );

    my $dbh = DBI->connect("DBI:mysql:$db_name", $class, $pwd{$class});

    # Now all accesses are controlled by the MySQL privs for user 'super'
    # and user 'basic', so give those users appropriate access to your
    # tables and everything will work as planned.  Check the errors you
    # get from ->execute() to see if access is denied, so you can print
    # an appropriate error message.

Tim
Thread
Finding privilegesPara-dox26 Jul
  • Re: Finding privilegesThimble Smith26 Jul
  • Re: Finding privilegesPara-dox26 Jul
    • Re: Finding privilegesPaul DuBois26 Jul
  • Re: Finding privilegesPara-dox26 Jul
    • Re: Finding privilegesThimble Smith26 Jul
  • Re: Finding privilegesPara-dox26 Jul
    • Re: Finding privilegesThimble Smith26 Jul
  • Re: Finding privilegesRicardo T. Saito26 Jul
  • Re: Finding privilegesPara-dox27 Jul
    • Re: Finding privilegesJani Tolonen27 Jul