Posted by MaXX on 11/19/81 11:45

Jiri Fogl wrote:
> You should have more detailed authorization - not only auth'd
> non-auth'd, but every user must have its access information, so system
> can recognize who is that man who wants to delete.
The problem in my particular case, is that the system can't know who will
delete as there is no explicit ownership. The table in question is a log
and the creator is a script.

Your suggestion can be very usefull for another area of my project...

Another idea is to only allow the php script to set a deleted flag wich only
hide the record and wipe or undelete them by other means ...

> Then you should specify (for example) owner of a record - add a column
> to your table, which contains identifier of user, who is allowed to
> delete it (or do any other operation with it).
> If you need even more details, you may consider definition of usergroups
> (need one extra simple table).
The database (postgresql) is already aware of this, the rights are set by
groups (creators INSERT, R-O users SELECT, Admins UPDATE[mark as
read]/DELETE). Some major events have a "protected" boolean to avoid
deletion by the php script. When I want to get rid of those I use PgAdmin
or psql as superuser to delete them.

Time to rethink the system...

Thanks,
--
MaXX

[Back to original message]