Should checks on reads / writes to records in a database by users be performed before reading / writing the actual data? Or could one just apply it all in the same query?
ie.
assertUserCanViewClassRoom($classroomId, $userId, $userRole);
assertUserCanRemoveStudent($classroomId, $userId, $userRole);
Or Should the check be completed in the sql of the action?
viewClassRoom($classroomId, $userId, $userRole);
removeStudent($classroomId, $userId, $userRole);
Me Being Way too Verbose (aka Wordy)
Now I was going to modify all the queries, just to ensure that users doing the actions are permitted to do so, where users have access to Read / Update records in Table B that they might of created or their roles allow them to overlook records belonging to lesser users (aka administrators, teachers, students)
Currently the process allows any user to modify the records (horrible practice). Teacher A can view Teacher B info, and modify it by adding / removing students from the classroom. A simple check of teacher's id would ideally prevent this action from even occurring.
Should I place a check prior to accessing that record to verify does Teacher X does have permission to record id=Y in Table B. This sounds great, but is it really? Am I doing double the work to check first than read / write the data?
I thought it would be a simple query statement change which joins the tables based upon the user id or user role permissions to the record that is being modified.
I'm being advised to do a pre-check which sounds great, but now I am making potentially extra traffic to the database to complete what I would consider to be a simple transaction of read or write. I sort of look at this like an assert or check via sql to verify that user can perform the task than perform it.
Is this standard practice for assertions / permission checks? Check first than have a simple function for Update, Insert or Delete? (mind you Delete is never really used) If this is not the case what would be a better suggestion?
Additional Info System is set up so user's currently can read thier own data, but with some simple modifications users can actually read anyone's data.
Project is PHP with MySQL backend all Object Oriented
Always check first if you're wary, especially if you're not very confident in your sanitization checks.
So, you'd do a simple
SELECT is_admin FROM users WHERE user = '{$userid}';
etc. If is_admin is true, then carry on with your select/update/insert script. If not, deny access.