/
Database Security
Database Security
- Neill Magill
Owned by Neill Magill
Oct 25, 2022
All authenticated pages in Rogo initially connect to the MySQL under an initial restricted permissions user: $cfg_db_username. This has rights to a minimal set of tables to perform internal authentication and certain other tasks (e.g. password reset, module enrolement, etc). The script auth.inc then includes the function db_change_user() which based on the current role of the user switched the MySQL user. The advantage of this model is that table-level privileges can be tightly controlled around roles. For example, students have SELECT on 'questions' table whereas staff have SELECT, INSERT and UPDATE privileges.
Roles
| User (see config.inc.php) | Use |
| $cfg_db_username | Initial MySQL user which performs initial authentication duties |
| $cfg_db_student_user | User account for Rogo 'student' role |
| $cfg_db_staff_user | User account for Rogo 'staff' role |
| $cfg_db_external_user | User account for Rogo 'external' role (e.g. external examiner) |
| $cfg_db_sysadmin_user | User account for Rogo users set to 'SysAdmin' role |
| $cfg_db_sct_username | User account for externals reviewing Script Concordance Tests (SCT) |
, multiple selections available,
Related content
Database Security
Database Security
More like this
Authentication
Authentication
More like this
Authentication
Authentication
More like this
User Management
User Management
More like this
User Management
User Management
More like this
Apache Login
Apache Login
More like this