Cyci60
Je cherche à afficher les liens d'un menu en fonction du rôle de chaque utilistateurs.
class/userManager.php
public function displayMenu($user_role_id) {
try {
$sql = 'SELECT A.name, A.slug
FROM user_action AS A
INNER JOIN user_permission AS P
ON A.actionID = P.action_id
AND min_role_id < :user_role_id';
echo $sql;
$stmnt = $this->db->prepare($sql);
$stmnt->execute(array(
':user_role_id' => $user_role_id
));
while($row = $stmnt->fetch(PDO::FETCH_ASSOC)) {
$menu_data[] = $row;
}
if(isset($menu_data)) {
return $menu_data;
}
else {
return false;
}
}
catch(PDOException $e) {
echo 'Une erreur est survenue lors de la récupération d\'une des données dans la base.';
echo '<br>';
echo 'Message d\'erreur : ' . $e->getMessage();
}
}
public function checkUserPermission($action_slug, $user_role_id) {
try {
$sql = 'SELECT min_role_id, P.action_id
FROM user_permission AS P
INNER JOIN user_action AS A
ON A.slug = :action_slug
AND P.action_id = A.actionID';
$stmnt = $this->db->prepare($sql);
$stmnt->execute(array(
':action_slug' => $action_slug
));
while($row = $stmnt->fetch(PDO::FETCH_ASSOC)) {
$min_role_id = $row['min_role_id'];
if($min_role_id > $user_role_id) {
return false;
}
else {
return true;
}
}
}
catch(PDOException $e) {
echo 'Une erreur est survenue lors de la récupération d\'une des données dans la base.';
echo '<br>';
echo 'Message d\'erreur : ' . $e->getMessage();
}
}process/process-display-menu.php
$min_role_id = isset($_SESSION['min_role_id']) ? $_SESSION['min_role_id'] : TRUE;
$manager = new userManager($db);
$menu_items = $manager->displayMenu($min_role_id);
var_dump($menu_items);
$menu_html = '';
if(!empty($menu_items)) {
foreach($menu_items as $menu_item) {
$name = $menu_item['name'];
$slug = $menu_item['slug'];
$menu_html .= '<li><a href="' . $slug . '.php">' . $name . '</a></li>';
}
}process/process-user-permission.php
$action_slug = substr($filename, 0, 4);
$level = isset($_SESSION['level']) ? $_SESSION['level'] : TRUE;
$manager = new userManager($db);
$userPermission = $manager->checkUserPermission($action_slug, $level);
if($userPermission === false) {
echo 'Erreur. Cette page n\'existe pas.';
exit;
}mysql> SELECT * FROM user_action;
+----------+-----------------------------+----------------+
| actionID | name | slug |
+----------+-----------------------------+----------------+
| 1 | Accueil | index |
| 2 | Insertion d'une image | create-image |
| 3 | Mise à jour d'une image | update-image |
| 4 | Suppression d'une image | delete-image |
| 5 | Créer un compte utilisateur | account-create |
+----------+-----------------------------+----------------+
5 rows in set (0.00 sec)
mysql> SELECT * FROM user_permission;
+--------------+-----------+-------------+
| permissionID | action_id | min_role_id |
+--------------+-----------+-------------+
| 1 | 1 | 0 |
| 2 | 2 | 1 |
| 3 | 3 | 1 |
| 4 | 4 | 1 |
| 5 | 5 | 2 |
+--------------+-----------+-------------+
5 rows in set (0.02 sec)
mysql> SELECT * FROM user_role;
+--------+----------------+-------+
| roleID | name | level |
+--------+----------------+-------+
| 1 | aucun | 0 |
| 2 | Editeur | 1 |
| 3 | Administrateur | 2 |
+--------+----------------+-------+
3 rows in set (0.00 sec)
Merci d'avance & bonne journée.