PHP文件上传的文件夹权限 - 私人/公共/共享视图? [英] Folder permissions for PHP file uploads - private/public/shared views?
问题描述
所以这就是我要做的:
- 普通文件上传区域,完全像匹配器
- 某些限制某些用户的方法查看文件夹和/或文件,具体取决于它们属于哪个组。我需要这样做,因为这是我工作的一个组织,在这个组织中,某些用户只能看到他们应该看到的文档。
最初我决定制作一个mysql解决方案,每个文件夹都有一个ID,当你创建一个文件夹时,你可以指定允许查看该文件夹的组,但是这看起来并不是最优雅的解决方案。
任何人都可以提出一个理论方法来做到这一点?我很高兴用PHP编写所有的代码,但是我不知道怎么做才是最好的方法。
有没有办法以特定的方式命名文件夹),该文件夹和文件具有我可以利用在这里的属性?
由于你有严格的权限要求,您可以实现类似于UNIX的粒度方法的文件权限结构。每个文件或文件夹应该有一个所有者,一个组和一个类似'755'的权限字符串。
权限字符串的第一个位置与该文件或目录。数字4代表读取权限,2代表写入权限,1代表执行权限。权限是累积的,所以第一列(4 + 2 + 1)中的权限为7意味着所有者具有读,写和执行权限。
第二栏属于该组。在这种情况下,小组成员可以阅读(4)并执行(1)(4 + 1 = 5)。第三栏适用于不是所有者或小组的成员。这个位置被称为世界或其他。在这个例子中,其他用户也已经读过(4)和执行(1)的权限。
After为每个文件/目录创建所有者,组和许可列,您将需要创建一个组表和一个表来将用户映射到组(user_groups)。然后将每个用户分配给一个或多个组,然后将所有者,组和其他权限分配给每个文件夹(如果需要,还可以指定文件)。
有关Unix文件系统,请参阅本教程。
I'm writing a php file upload script for a project - I have seen all the great opensource ones out there, but I've decided to do my own as I have a level of user access rights that I can't seem to find anywhere.
So this is what I'm trying to do:
- Normal file uploads area, exactly like elFinder
- Some way to restrict certain users to view the folders and/or files, depending on what group they belong to. I need to do this as this is for an organisation I work in where certain users can only see the docs they are supposed to
Originally I decided to make a mysql solution where each and every folder has an ID, and when you create a folder you specify the groups that are allowed to view that folder - but this doesn't seem like the most elegant solution.
Can anyone suggest a theoretical way to do this? I'm happy to code it all in PHP, but I just can't get my head around the best way to do this.
Is there some way (short of naming folders in specific ways), that folders and files have properties I can exploit here?
Since you have exacting permission requirements, you can implement a structure similar to UNIX's granular approach to file permissions. Each file or folder should have an owner, a group, and a permissions string which looks like '755'.
The first position of the permission string pertains to the owner of the file or directory. The number 4 stand for read privileges, 2 stands for write privileges, and 1 stands for execute privileges. The permission is cumulative, so a permission of 7 in the first column (4+2+1) means the owner has read, write, and execute permission.
The second column pertains to the group. In this case, group members can read (4) and execute (1) (4+1=5).
The third column pertains to everyone who is not the owner or member of the group. This position is known as 'world' or 'other.' In this example, 'other' users also have read (4) and execute (1) permissions.
After creating owner, group, and permission columns for each file/directory, you will need to create a 'groups' table, and a table to map users to groups ('user_groups'). Then assign each user to one or more groups, and assign owner, group, and 'other' permissions to each folder (and file if needed).
For more information on Unix file systems, see this tutorial.
这篇关于PHP文件上传的文件夹权限 - 私人/公共/共享视图?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
