Permission to access a PHP + AD + Oracle system

Navigation
0

Good morning,

I'm new to PHP and I'm starting a system for the company I work for, generating reports.

Currently my PHP code authenticates with an Active Directory, and when connecting, it goes to a page with several reports.

These reports make a temporary connection to an Oracle 10g Database and when you finish viewing the code, close that connection.

However, my problem is that all users have access to all reports, which is unfeasible because there are reports that only the Board can access, while some reports only the Fiscal sector, and so on.

I looked for some solutions, but found nothing that I could apply to my environment.

I wonder if anyone can shed a light on my problem:

I want the permissions of each report to be per user or group, preferably that I can give permissions directly to AD.

Is it possible?

Thank you

    
asked by anonymous 19.07.2016 / 15:53

1 answer

0

If you are authenticating an LDAP base, you can obviously query which group these users belong to. In PHP there is a function where you bring these groups, part of the idea where the "Board" group can see such reports and the group "operators" can see only these other reports. In practice in PHP, when making the query of which group the user belongs, can make conditions using the Switch or even an IF itself. Examples: 

Switch "$usuario->grupo"{
Case "Diretoria":
echo "Olá, estes são os relatórios diretoria"
break;
Case "Operador":
echo "Olá, estes são os relatórios operador"
break;
default:
echo "Olá, voce não faz parte de nenhum grupo, contate o administrador"
break;
}

Using IF 

if($usuario->grupo == "Diretoria"){
    echo "Olá, estes são os relatórios diretoria"
}
elseif($usuario->grupo == "Operador"){
echo "Olá, estes são os relatórios operador"
}

Well, I just mentioned a few examples, of course it goes from your programming logic. I hope I have helped.

Note: For LDAP queries using PHP, how to bring the group, read on link

Abs.

    
20.07.2016 / 03:13
Parse error: syntax error, unexpected T_STRING Fill table without refresh?