问题描述
[users] (users in the system)
===
user_id
user_username
user_password_enc
user_first_name
user_last_name
[events] (CRUDdable things the users can participate in)
===
event_id
event_name
event_date
event_location
[event_roles] (coarse-grained,event-specific roles that users can be assigned to)
===
event_role_id
event_role_name
event_role_label -- ex: EVENT_ADMIN,EVENT_REP,EVENT_FOLLOWER
[event_permissions] (granular permissions that get assigned to roles)
===
event_permission_id
event_permission_name
event_permission_label -- ex: CAN_VIEW_LOCATION,CAN_CHANGE_DATE,CAN_CHANGE_LOCATION,CAN_CANCEL_EVENT
[event_permissions_x_roles] (crosswalk table mapping permissions to roles)
===
event_permissions_x_role_id
event_permission_id
event_role_id
[event_user_roles] (which users are assigned to which event roles)
===
event_user_role_id
event_id
user_id
event_role_id
user_id = 234
是否拥有 CAN_CHANGE_LOCATION
的 event_id=123
权限?
迄今为止我最好的尝试:
SELECT
event_permission_label
FROM
event_permissions_x_roles
INNER JOIN
event_permissions
ON
event_permissions_x_roles.event_permission_id = event_permissions.event_permission_id
WHERE
event_role_id = (
SELECT
event_role_id
FROM
event_user_roles
WHERE
user_id = 234
AND
event_id = 123
);
然而,这只会给我一个 event_permission_label
为 user_id=234
所拥有的 event_id=123
列表。
这与我想要的接近,但我希望我的查询更进一步并检查该列表以查看 CAN_CHANGE_LOCATION
是否是该列表的一部分。我不知道是否有办法编写它,以便它返回一个布尔值 true/false(是的,用户 确实 对给定的事件具有所需的权限;或者用户没有 等)。任何人都可以发现我的不足之处吗?
解决方法
示意图:
SELECT EXISTS ( SELECT NULL
FROM {joined tables set}
WHERE t1.user_id = 234
AND t2.event_permission_label = 'CAN_CHANGE_LOCATION'
AND t3.event_id = 123 )