我编写了一个大型mysql查询来检索给定用户的所有权限,最近发现由于只有“完全”组“按”模式,因此在较新版本的mysql中无法使用。
检索给定用户的所有授予权限的查询是:
SELECT
`name`,
`display_name`,
`description`
FROM(
SELECT * FROM (
SELECT
`p`.`id`,
`p`.`name`,
`p`.`display_name`,
`p`.`description`,
MAX(`r`.`priority`),
IFNULL(`up`.`is_granted`, `rp`.`is_granted`) AS `is_granted`
FROM `permissions` AS `p`
LEFT JOIN `user_permissions` AS `up`
ON `up`.`permission` = `p`.`id`
AND `up`.`user` = 1
LEFT JOIN `role_permissions` `rp`
ON `rp`.`permission` = `p`.`id`
AND `rp`.`role` IN(
SELECT
`ur`.`role`
FROM `user_roles` AS `ur`
WHERE `ur`.`user` = 1
)
LEFT JOIN `roles` AS `r`
ON `r`.`id` = `rp`.`role`
GROUP BY `r`.`priority` DESC, `rp`.`permission`, `up`.`permission`
) AS `res`
GROUP BY `res`.`id` ASC
) AS `res`
WHERE `res`.`is_granted` = 1
这会在新的mysql安装上产生以下错误,标记为only\u full\u group\u by enabled(默认情况下已启用): SQL Error (1055): Expression #5 of SELECT list is not in GROUP BY clause and contains nonaggregated column 'res.MAX(r.priority)' which is not functionally dependent on columns in GROUP BY clause; this is incompatible with sql_mode=only_full_group_by
.
我试图完全重新编写查询以提高效率,并在启用标志的情况下工作,但是它并没有达到与第一个查询相同的目标。
SELECT
u.id AS user_id,
u.email AS user_email,
up.permission AS user_permission_id,
up.is_granted AS user_permission_is_granted,
upp.name AS user_permission_name,
upp.display_name AS user_permission_display_name,
upp.description AS user_permission_description,
ur.role AS role_id,
urr.name AS role_name,
urr.display_name AS role_display_name,
urr.priority AS role_priority,
urp.permission AS role_permission_id,
urp.is_granted AS role_permission_is_granted,
urpp.name AS role_permission_name,
urpp.display_name AS role_permission_display_name,
urpp.description AS role_permission_description
FROM users u
LEFT JOIN user_permissions up
ON up.user = u.id
LEFT JOIN permissions upp
ON upp.id = up.permission
LEFT JOIN user_roles ur
ON ur.user = u.id
LEFT JOIN roles urr
ON urr.id = ur.role
LEFT JOIN role_permissions urp
ON urp.role = ur.role
LEFT JOIN permissions urpp
ON urpp.id = urp.permission
WHERE u.id = 1
我该怎么做?我已经尝试了几次,但是没有办法在不禁用only\u full\u group\u by模式的情况下只返回具有最高优先级的行。
我应该仅仅使用较新的查询并在应用程序代码中而不是在sql查询中应用角色优先级吗?
这里是一个数据库结构和查询的dbfiddle。
给定上述dbfiddle中的数据,我希望结果集如下所示:
| user_id | user_email | permission_id | permission_name | permission_display_name | permission_description | is_granted |
| ------- | ----------------- | ------------- | --------------- | ----------------------- | -------------------------------------------------- | ---------- |
| 1 | user1@example.com | 1 | test1 | Test permission 1 | Role permission, should ONLY be granted to user 1 | 1 |
| 1 | user1@example.com | 2 | test2 | Test permission 2 | Role permission, should ONLY be granted to user 1 | 1 |
| 1 | user1@example.com | 3 | test3 | Test permission 3 | Role permission, should ONLY be granted to user 2 | 0 |
| 2 | user2@example.com | 3 | test3 | Test permission 3 | Role permission, should ONLY be granted to user 2 | 1 |
| 1 | user1@example.com | 4 | test4 | Test permission 4 | Role permission, should be granted to user 1 and 2 | 1 |
| 2 | user2@example.com | 4 | test4 | Test permission 4 | Role permission, should be granted to user 1 and 2 | 1 |
| 1 | user1@example.com | 5 | test5 | Test permission 5 | User permission, granted to user 1 | 1 |
| 2 | user2@example.com | 6 | test6 | Test permission 6 | User permission, granted to user 2 | 1 |
我希望权限id 3返回的原因 is_granted = 0
不是没有出现在结果集中,而是因为用户最初被授予了权限,但后来没有从具有更高优先级的角色id 2授予权限。
这个问题并不是sql select only行在列上的最大值的重复,因为它特别涉及如何修改查询以解决问题 ONLY_FULL_GROUP_BY
模式。
1条答案
按热度按时间vdzxcuhz1#
通过仔细观察重复的问题并理解该问题的答案是如何工作的来解决这个问题。
我必须创建一个视图来连接
role_permissions
带有priority
从roles
table。然后我必须为每个用户获得所有最高优先级的角色权限。最后,我必须获得所有用户权限,这些权限不会覆盖用户的任何角色权限,并使用UNION
.以下是我的解决方案:
下面是一个更新的dbfiddle,它演示了解决方案正在工作。