Given some array with user rights (For example):

$perms = array("group_1_edit","group_2_delete", "group_3*");

On the page, a function is set that checks for access by flag

 function check_perm($req_flag){ global $perms; if(in_array($req_flag, $perms)){ return true; } else { return false; } }

On the page for testing, just if with a function

 <?php if(check_perm(group_3_edit)){?> Доступ разрешен <?php } ?>

How to verify that if a user has a group_x * flag (x is some value), then we provide access to all flags that start with group_x (group_x_ any_continued)?

  • Regular expressions are usually used to search for exact matches. - Edward
  • or regular expressions or something like this: cut the last character (do not forget to trim), if it is an asterisk, then cut off the last character from your value and start comparing it with the same first characters cut off from $ reg_flag. - Finies
  • you have there by the way quotes are not enough when you call, the note is written to the logs. - teran

2 answers 2

here to you for reflections. first check the regular entry. then select those substrings where there is a * . replace the asterisk with .* and use it as a regular pattern.

 function check_perm2($req){ global $perms; if(in_array($req, $perms)) return true; $regs = array_filter(array_map(function($v){ if(mb_strpos($v, '*') === false) { return null; } return str_replace('\*', '.*', preg_quote($v)); }, $perms)); foreach($regs as $r){ if(preg_match("/^{$r}$/", $req)){ return true; } } return false; }

PS: it's weird to see procedural programming when it would be logical to see records like if($user->has('group_1_delete')) or $user->permissions->check('group_3_edit') and so on. Global arrays of rights, etc. in this matter can hardly be called good practices.

  • Thanks for the thought material and solution. Well, in the final version, the function will still be in the class of the user, so I strive to do this in the records. - SlyFox 4:38 pm

How to verify that if a user has a group_x * flag (x is some value), then we provide access to all flags that start with group_x (group_x_ any_continued)?

Rewrite the function in such a way that it takes two parameters - the desired value (flag) , and the actual array of values ​​for the search.

Further, the elements of the $perms array $perms substituted into the regular expression pattern, after replacing the * character with a sequence of characters .* . And the value of the $req_flag variable is used as a string for matching (the updated answer) :

 $perms = ['group_1_edit', 'group_2_delete', 'group_3*']; $req_flag = 'group_3_edit'; if (check_perm($req_flag, $perms)) { echo 'Доступ разрешен'; } function check_perm($flag, $perms) { return array_filter($perms, function($pcre) use($flag) { return preg_match('~'. strtr($pcre, '*', '.*') .'~', $flag); }); }
  • \w includes \d . but I still did not understand the answer. The question seems to be about the fact that the array has permission group_3* and when checking group_3_qwe or group_3_asd should return true . - teran 2:32 pm
  • @teran yes, \w includes numbers, but using the group_\w+ entry will be the same as group_text , and by the condition of the problem, there should be a digit :) - Edward
  • pardonte, stupid - teran
  • @teran and about group_3_qwe and group_3_asd - if he adds them to the array, then it will match. In general, here you can remove in_array () and search the array with a regular schedule, taking a dynamic pcre-pattern. - Edward
  • So in this and the essence that he wants to add group_3* to the array, and not each separately, but to check them. they will coincide with the usual in_array , if so added, there is nothing to do here then. - teran