diff --git a/yii/rbac/Assignment.php b/yii/rbac/Assignment.php index b3aa74f..065aaa5 100644 --- a/yii/rbac/Assignment.php +++ b/yii/rbac/Assignment.php @@ -16,97 +16,40 @@ use yii\base\Object; * Do not create a Assignment instance using the 'new' operator. * Instead, call [[Manager::assign()]]. * - * @property mixed $userId User ID (see [[User::id]]). - * @property string $itemName The authorization item name. - * @property string $bizRule The business rule associated with this assignment. - * @property mixed $data Additional data for this assignment. - * * @author Qiang Xue * @author Alexander Kochetov * @since 2.0 */ class Assignment extends Object { - private $_auth; - private $_userId; - private $_itemName; - private $_bizRule; - private $_data; - - /** - * Constructor. - * @param Manager $auth the authorization manager - * @param mixed $userId user ID (see [[User::id]]) - * @param string $itemName authorization item name - * @param string $bizRule the business rule associated with this assignment - * @param mixed $data additional data for this assignment - */ - public function __construct($auth, $userId, $itemName, $bizRule = null, $data = null) - { - $this->_auth = $auth; - $this->_userId = $userId; - $this->_itemName = $itemName; - $this->_bizRule = $bizRule; - $this->_data = $data; - } - /** - * @return mixed user ID (see [[User::id]]) + * @var Manager the auth manager of this item */ - public function getUserId() - { - return $this->_userId; - } - - /** - * @return string the authorization item name - */ - public function getItemName() - { - return $this->_itemName; - } - + public $manager; /** - * @return string the business rule associated with this assignment + * @var string the business rule associated with this assignment */ - public function getBizRule() - { - return $this->_bizRule; - } - + public $bizRule; /** - * @param string $value the business rule associated with this assignment + * @var mixed additional data for this assignment */ - public function setBizRule($value) - { - if ($this->_bizRule !== $value) { - $this->_bizRule = $value; - } - } - + public $data; /** - * @return mixed additional data for this assignment + * @var mixed user ID (see [[User::id]]). Do not modify this property after it is populated. + * To modify the user ID of an assignment, you must remove the assignment and create a new one. */ - public function getData() - { - return $this->_data; - } - + public $userId; /** - * @param mixed $value additional data for this assignment + * @return string the authorization item name. Do not modify this property after it is populated. + * To modify the item name of an assignment, you must remove the assignment and create a new one. */ - public function setData($value) - { - if ($this->_data !== $value) { - $this->_data = $value; - } - } + public $itemName; /** * Saves the changes to an authorization assignment. */ public function save() { - $this->_auth->saveAssignment($this); + $this->manager->saveAssignment($this); } } diff --git a/yii/rbac/DbManager.php b/yii/rbac/DbManager.php index 28b14d9..719ffa8 100644 --- a/yii/rbac/DbManager.php +++ b/yii/rbac/DbManager.php @@ -24,8 +24,6 @@ use yii\base\InvalidParamException; * the three tables used to store the authorization data by setting [[itemTable]], * [[itemChildTable]] and [[assignmentTable]]. * - * @property array $authItems The authorization items of the specific type. - * * @author Qiang Xue * @author Alexander Kochetov * @since 2.0 @@ -106,13 +104,13 @@ class DbManager extends Manager if (!isset($params['userId'])) { $params['userId'] = $userId; } - if ($this->executeBizRule($item->getBizRule(), $params, $item->getData())) { + if ($this->executeBizRule($item->bizRule, $params, $item->data)) { if (in_array($itemName, $this->defaultRoles)) { return true; } if (isset($assignments[$itemName])) { $assignment = $assignments[$itemName]; - if ($this->executeBizRule($assignment->getBizRule(), $params, $assignment->getData())) { + if ($this->executeBizRule($assignment->bizRule, $params, $assignment->data)) { return true; } } @@ -207,7 +205,7 @@ class DbManager extends Manager public function getItemChildren($names) { $query = new Query; - $rows = $query->select(array('name', 'type', 'description', 'bizrule', 'data')) + $rows = $query->select(array('name', 'type', 'description', 'biz_rule', 'data')) ->from(array($this->itemTable, $this->itemChildTable)) ->where(array('parent' => $names, 'name' => new Expression('child'))) ->createCommand($this->db) @@ -217,7 +215,14 @@ class DbManager extends Manager if (($data = @unserialize($row['data'])) === false) { $data = null; } - $children[$row['name']] = new Item($this, $row['name'], $row['type'], $row['description'], $row['bizrule'], $data); + $children[$row['name']] = new Item(array( + 'manager' => $this, + 'name' => $row['name'], + 'type' => $row['type'], + 'description' => $row['description'], + 'bizRule' => $row['biz_rule'], + 'data' => $data, + )); } return $children; } @@ -241,10 +246,16 @@ class DbManager extends Manager ->insert($this->assignmentTable, array( 'user_id' => $userId, 'item_name' => $itemName, - 'bizrule' => $bizRule, + 'biz_rule' => $bizRule, 'data' => serialize($data), )); - return new Assignment($this, $userId, $itemName, $bizRule, $data); + return new Assignment(array( + 'manager' => $this, + 'userId' => $userId, + 'itemName' => $itemName, + 'bizRule' => $bizRule, + 'data' => $data, + )); } /** @@ -293,7 +304,13 @@ class DbManager extends Manager if (($data = @unserialize($row['data'])) === false) { $data = null; } - return new Assignment($this, $row['user_id'], $row['item_name'], $row['bizrule'], $data); + return new Assignment(array( + 'manager' => $this, + 'userId' => $row['user_id'], + 'itemName' => $row['item_name'], + 'bizRule' => $row['biz_rule'], + 'data' => $data, + )); } else { return null; } @@ -317,7 +334,13 @@ class DbManager extends Manager if (($data = @unserialize($row['data'])) === false) { $data = null; } - $assignments[$row['item_name']] = new Assignment($this, $row['user_id'], $row['item_name'], $row['bizrule'], $data); + $assignments[$row['item_name']] = new Assignment(array( + 'manager' => $this, + 'userId' => $row['user_id'], + 'itemName' => $row['item_name'], + 'bizRule' => $row['biz_rule'], + 'data' => $data, + )); } return $assignments; } @@ -330,11 +353,11 @@ class DbManager extends Manager { $this->db->createCommand() ->update($this->assignmentTable, array( - 'bizrule' => $assignment->getBizRule(), - 'data' => serialize($assignment->getData()), + 'biz_rule' => $assignment->bizRule, + 'data' => serialize($assignment->data), ), array( - 'user_id' => $assignment->getUserId(), - 'item_name' => $assignment->getItemName(), + 'user_id' => $assignment->userId, + 'item_name' => $assignment->itemName, )); } @@ -357,12 +380,12 @@ class DbManager extends Manager ->where(array('type' => $type)) ->createCommand($this->db); } elseif ($type === null) { - $command = $query->select(array('name', 'type', 'description', 't1.bizrule', 't1.data')) + $command = $query->select(array('name', 'type', 'description', 't1.biz_rule', 't1.data')) ->from(array($this->itemTable . ' t1', $this->assignmentTable . ' t2')) ->where(array('user_id' => $userId, 'name' => new Expression('item_name'))) ->createCommand($this->db); } else { - $command = $query->select('name', 'type', 'description', 't1.bizrule', 't1.data') + $command = $query->select('name', 'type', 'description', 't1.biz_rule', 't1.data') ->from(array($this->itemTable . ' t1', $this->assignmentTable . ' t2')) ->where(array('user_id' => $userId, 'type' => $type, 'name' => new Expression('item_name'))) ->createCommand($this->db); @@ -372,7 +395,14 @@ class DbManager extends Manager if (($data = @unserialize($row['data'])) === false) { $data = null; } - $items[$row['name']] = new Item($this, $row['name'], $row['type'], $row['description'], $row['bizrule'], $data); + $items[$row['name']] = new Item(array( + 'manager' => $this, + 'name' => $row['name'], + 'type' => $row['type'], + 'description' => $row['description'], + 'bizRule' => $row['biz_rule'], + 'data' => $data, + )); } return $items; } @@ -399,10 +429,17 @@ class DbManager extends Manager 'name' => $name, 'type' => $type, 'description' => $description, - 'bizrule' => $bizRule, + 'biz_rule' => $bizRule, 'data' => serialize($data), )); - return new Item($this, $name, $type, $description, $bizRule, $data); + return new Item(array( + 'manager' => $this, + 'name' => $name, + 'type' => $type, + 'description' => $description, + 'bizRule' => $bizRule, + 'data' => $data, + )); } /** @@ -439,7 +476,14 @@ class DbManager extends Manager if (($data = @unserialize($row['data'])) === false) { $data = null; } - return new Item($this, $row['name'], $row['type'], $row['description'], $row['bizrule'], $data); + return new Item(array( + 'manager' => $this, + 'name' => $row['name'], + 'type' => $row['type'], + 'description' => $row['description'], + 'bizRule' => $row['biz_rule'], + 'data' => $data, + )); } else return null; } @@ -463,10 +507,10 @@ class DbManager extends Manager $this->db->createCommand() ->update($this->itemTable, array( 'name' => $item->getName(), - 'type' => $item->getType(), - 'description' => $item->getDescription(), - 'bizrule' => $item->getBizRule(), - 'data' => serialize($item->getData()), + 'type' => $item->type, + 'description' => $item->description, + 'biz_rule' => $item->bizRule, + 'data' => serialize($item->data), ), array( 'name' => $oldName === null ? $item->getName() : $oldName, )); diff --git a/yii/rbac/Item.php b/yii/rbac/Item.php index 57a7f7e..2504ad5 100644 --- a/yii/rbac/Item.php +++ b/yii/rbac/Item.php @@ -18,14 +18,6 @@ use yii\base\Object; * A user may be assigned one or several authorization items (called [[Assignment]] assignments). * He can perform an operation only when it is among his assigned items. * - * @property Manager $authManager The authorization manager. - * @property integer $type The authorization item type. This could be 0 (operation), 1 (task) or 2 (role). - * @property string $name The item name. - * @property string $description The item description. - * @property string $bizRule The business rule associated with this item. - * @property mixed $data The additional data associated with this item. - * @property array $children All child items of this item. - * * @author Qiang Xue * @author Alexander Kochetov * @since 2.0 @@ -36,32 +28,30 @@ class Item extends Object const TYPE_TASK = 1; const TYPE_ROLE = 2; - private $_auth; - private $_type; + /** + * @var Manager the auth manager of this item + */ + public $manager; + /** + * @var string the item description + */ + public $description; + /** + * @var string the business rule associated with this item + */ + public $bizRule; + /** + * @var mixed the additional data associated with this item + */ + public $data; + /** + * @var integer the authorization item type. This could be 0 (operation), 1 (task) or 2 (role). + */ + public $type; + private $_name; private $_oldName; - private $_description; - private $_bizRule; - private $_data; - /** - * Constructor. - * @param Manager $auth authorization manager - * @param string $name authorization item name - * @param integer $type authorization item type. This can be 0 (operation), 1 (task) or 2 (role). - * @param string $description the description - * @param string $bizRule the business rule associated with this item - * @param mixed $data additional data for this item - */ - public function __construct($auth, $name, $type, $description = '', $bizRule = null, $data = null) - { - $this->_type = (int)$type; - $this->_auth = $auth; - $this->_name = $name; - $this->_description = $description; - $this->_bizRule = $bizRule; - $this->_data = $data; - } /** * Checks to see if the specified item is within the hierarchy starting from this item. @@ -74,11 +64,11 @@ class Item extends Object public function checkAccess($itemName, $params = array()) { Yii::trace('Checking permission: ' . $this->_name, __METHOD__); - if ($this->_auth->executeBizRule($this->_bizRule, $params, $this->_data)) { + if ($this->manager->executeBizRule($this->bizRule, $params, $this->data)) { if ($this->_name == $itemName) { return true; } - foreach ($this->_auth->getItemChildren($this->_name) as $item) { + foreach ($this->manager->getItemChildren($this->_name) as $item) { if ($item->checkAccess($itemName, $params)) { return true; } @@ -88,22 +78,6 @@ class Item extends Object } /** - * @return Manager the authorization manager - */ - public function getManager() - { - return $this->_auth; - } - - /** - * @return integer the authorization item type. This could be 0 (operation), 1 (task) or 2 (role). - */ - public function getType() - { - return $this->_type; - } - - /** * @return string the item name */ public function getName() @@ -123,60 +97,6 @@ class Item extends Object } /** - * @return string the item description - */ - public function getDescription() - { - return $this->_description; - } - - /** - * @param string $value the item description - */ - public function setDescription($value) - { - if ($this->_description !== $value) { - $this->_description = $value; - } - } - - /** - * @return string the business rule associated with this item - */ - public function getBizRule() - { - return $this->_bizRule; - } - - /** - * @param string $value the business rule associated with this item - */ - public function setBizRule($value) - { - if ($this->_bizRule !== $value) { - $this->_bizRule = $value; - } - } - - /** - * @return mixed the additional data associated with this item - */ - public function getData() - { - return $this->_data; - } - - /** - * @param mixed $value the additional data associated with this item - */ - public function setData($value) - { - if ($this->_data !== $value) { - $this->_data = $value; - } - } - - /** * Adds a child item. * @param string $name the name of the child item * @return boolean whether the item is added successfully @@ -185,7 +105,7 @@ class Item extends Object */ public function addChild($name) { - return $this->_auth->addItemChild($this->_name, $name); + return $this->manager->addItemChild($this->_name, $name); } /** @@ -197,7 +117,7 @@ class Item extends Object */ public function removeChild($name) { - return $this->_auth->removeItemChild($this->_name, $name); + return $this->manager->removeItemChild($this->_name, $name); } /** @@ -208,7 +128,7 @@ class Item extends Object */ public function hasChild($name) { - return $this->_auth->hasItemChild($this->_name, $name); + return $this->manager->hasItemChild($this->_name, $name); } /** @@ -218,7 +138,7 @@ class Item extends Object */ public function getChildren() { - return $this->_auth->getItemChildren($this->_name); + return $this->manager->getItemChildren($this->_name); } /** @@ -233,7 +153,7 @@ class Item extends Object */ public function assign($userId, $bizRule = null, $data = null) { - return $this->_auth->assign($userId, $this->_name, $bizRule, $data); + return $this->manager->assign($userId, $this->_name, $bizRule, $data); } /** @@ -244,7 +164,7 @@ class Item extends Object */ public function revoke($userId) { - return $this->_auth->revoke($userId, $this->_name); + return $this->manager->revoke($userId, $this->_name); } /** @@ -255,7 +175,7 @@ class Item extends Object */ public function isAssigned($userId) { - return $this->_auth->isAssigned($userId, $this->_name); + return $this->manager->isAssigned($userId, $this->_name); } /** @@ -267,7 +187,7 @@ class Item extends Object */ public function getAssignment($userId) { - return $this->_auth->getAssignment($userId, $this->_name); + return $this->manager->getAssignment($userId, $this->_name); } /** @@ -275,7 +195,7 @@ class Item extends Object */ public function save() { - $this->_auth->saveItem($this, $this->_oldName); + $this->manager->saveItem($this, $this->_oldName); unset($this->_oldName); } } diff --git a/yii/rbac/Manager.php b/yii/rbac/Manager.php index adc9013..23ac1a8 100644 --- a/yii/rbac/Manager.php +++ b/yii/rbac/Manager.php @@ -161,7 +161,7 @@ abstract class Manager extends Component { static $types = array('operation', 'task', 'role'); if ($parentType < $childType) { - throw new InvalidParamException("Cannot add an item of type '$types[$childType]' to an item of type '$types[$parentType]'."); + throw new InvalidParamException("Cannot add an item of type '{$types[$childType]}' to an item of type '{$types[$parentType]}'."); } } diff --git a/yii/rbac/PhpManager.php b/yii/rbac/PhpManager.php index 8a4dbec..7a476e0 100644 --- a/yii/rbac/PhpManager.php +++ b/yii/rbac/PhpManager.php @@ -80,14 +80,14 @@ class PhpManager extends Manager if (!isset($params['userId'])) { $params['userId'] = $userId; } - if ($this->executeBizRule($item->getBizRule(), $params, $item->getData())) { + if ($this->executeBizRule($item->bizRule, $params, $item->data)) { if (in_array($itemName, $this->defaultRoles)) { return true; } if (isset($this->_assignments[$userId][$itemName])) { /** @var $assignment Assignment */ $assignment = $this->_assignments[$userId][$itemName]; - if ($this->executeBizRule($assignment->getBizRule(), $params, $assignment->getData())) { + if ($this->executeBizRule($assignment->bizRule, $params, $assignment->data)) { return true; } } @@ -117,7 +117,7 @@ class PhpManager extends Manager $child = $this->_items[$childName]; /** @var $item Item */ $item = $this->_items[$itemName]; - $this->checkItemChildType($item->getType(), $child->getType()); + $this->checkItemChildType($item->type, $child->type); if ($this->detectLoop($itemName, $childName)) { throw new InvalidCallException("Cannot add '$childName' as a child of '$itemName'. A loop has been detected."); } @@ -194,7 +194,13 @@ class PhpManager extends Manager } elseif (isset($this->_assignments[$userId][$itemName])) { throw new InvalidParamException("Authorization item '$itemName' has already been assigned to user '$userId'."); } else { - return $this->_assignments[$userId][$itemName] = new Assignment($this, $userId, $itemName, $bizRule, $data); + return $this->_assignments[$userId][$itemName] = new Assignment(array( + 'manager' => $this, + 'userId' => $userId, + 'itemName' => $itemName, + 'bizRule' => $bizRule, + 'data' => $data, + )); } } @@ -265,15 +271,15 @@ class PhpManager extends Manager if ($userId === null) { foreach ($this->_items as $name => $item) { /** @var $item Item */ - if ($item->getType() == $type) { + if ($item->type == $type) { $items[$name] = $item; } } } elseif (isset($this->_assignments[$userId])) { foreach ($this->_assignments[$userId] as $assignment) { /** @var $assignment Assignment */ - $name = $assignment->getItemName(); - if (isset($this->_items[$name]) && ($type === null || $this->_items[$name]->getType() == $type)) { + $name = $assignment->itemName; + if (isset($this->_items[$name]) && ($type === null || $this->_items[$name]->type == $type)) { $items[$name] = $this->_items[$name]; } } @@ -301,7 +307,14 @@ class PhpManager extends Manager if (isset($this->_items[$name])) { throw new Exception('Unable to add an item whose name is the same as an existing item.'); } - return $this->_items[$name] = new Item($this, $name, $type, $description, $bizRule, $data); + return $this->_items[$name] = new Item(array( + 'manager' => $this, + 'name' => $name, + 'type' => $type, + 'description' => $description, + 'bizRule' => $bizRule, + 'data' => $data, + )); } /** @@ -390,10 +403,10 @@ class PhpManager extends Manager foreach ($this->_items as $name => $item) { /** @var $item Item */ $items[$name] = array( - 'type' => $item->getType(), - 'description' => $item->getDescription(), - 'bizRule' => $item->getBizRule(), - 'data' => $item->getData(), + 'type' => $item->type, + 'description' => $item->description, + 'bizRule' => $item->bizRule, + 'data' => $item->data, ); if (isset($this->_children[$name])) { foreach ($this->_children[$name] as $child) { @@ -408,8 +421,8 @@ class PhpManager extends Manager /** @var $assignment Assignment */ if (isset($items[$name])) { $items[$name]['assignments'][$userId] = array( - 'bizRule' => $assignment->getBizRule(), - 'data' => $assignment->getData(), + 'bizRule' => $assignment->bizRule, + 'data' => $assignment->data, ); } } @@ -428,7 +441,14 @@ class PhpManager extends Manager $items = $this->loadFromFile($this->authFile); foreach ($items as $name => $item) { - $this->_items[$name] = new Item($this, $name, $item['type'], $item['description'], $item['bizRule'], $item['data']); + $this->_items[$name] = new Item(array( + 'manager' => $this, + 'name' => $name, + 'type' => $item['type'], + 'description' => $item['description'], + 'bizRule' => $item['bizRule'], + 'data' => $item['data'], + )); } foreach ($items as $name => $item) { @@ -441,8 +461,14 @@ class PhpManager extends Manager } if (isset($item['assignments'])) { foreach ($item['assignments'] as $userId => $assignment) { - $this->_assignments[$userId][$name] = new Assignment($this, $name, $userId, $assignment['bizRule'], $assignment['data']); - } + $this->_assignments[$userId][$name] = new Assignment(array( + 'manager' => $this, + 'userId' => $userId, + 'itemName' => $name, + 'bizRule' => $assignment['bizRule'], + 'data' => $assignment['data'], + )); + } } } } diff --git a/yii/rbac/schema-mssql.sql b/yii/rbac/schema-mssql.sql index a1170b1..923417a 100644 --- a/yii/rbac/schema-mssql.sql +++ b/yii/rbac/schema-mssql.sql @@ -18,9 +18,10 @@ create table [tbl_auth_item] [name] varchar(64) not null, [type] integer not null, [description] text, - [bizrule] text, + [biz_rule] text, [data] text, - primary key ([name]) + primary key ([name]), + key [type] ([type]) ); create table [tbl_auth_item_child] @@ -36,7 +37,7 @@ create table [tbl_auth_assignment] ( [item_name] varchar(64) not null, [user_id] varchar(64) not null, - [bizrule] text, + [biz_rule] text, [data] text, primary key ([item_name],[user_id]), foreign key ([item_name]) references [tbl_auth_item] ([name]) on delete cascade on update cascade diff --git a/yii/rbac/schema-mysql.sql b/yii/rbac/schema-mysql.sql index aa8015b..1530409 100644 --- a/yii/rbac/schema-mysql.sql +++ b/yii/rbac/schema-mysql.sql @@ -18,9 +18,10 @@ create table `tbl_auth_item` `name` varchar(64) not null, `type` integer not null, `description` text, - `bizrule` text, + `biz_rule` text, `data` text, - primary key (`name`) + primary key (`name`), + key `type` (`type`) ) engine InnoDB; create table `tbl_auth_item_child` @@ -36,7 +37,7 @@ create table `tbl_auth_assignment` ( `item_name` varchar(64) not null, `user_id` varchar(64) not null, - `bizrule` text, + `biz_rule` text, `data` text, primary key (`item_name`,`user_id`), foreign key (`item_name`) references `tbl_auth_item` (`name`) on delete cascade on update cascade diff --git a/yii/rbac/schema-oci.sql b/yii/rbac/schema-oci.sql index 16b7964..78dbb3d 100644 --- a/yii/rbac/schema-oci.sql +++ b/yii/rbac/schema-oci.sql @@ -18,9 +18,10 @@ create table "tbl_auth_item" "name" varchar(64) not null, "type" integer not null, "description" text, - "bizrule" text, + "biz_rule" text, "data" text, - primary key ("name") + primary key ("name"), + key "type" ("type") ); create table "tbl_auth_item_child" @@ -36,7 +37,7 @@ create table "tbl_auth_assignment" ( "item_name" varchar(64) not null, "user_id" varchar(64) not null, - "bizrule" text, + "biz_rule" text, "data" text, primary key ("item_name","user_id"), foreign key ("item_name") references "tbl_auth_item" ("name") on delete cascade on update cascade diff --git a/yii/rbac/schema-pgsql.sql b/yii/rbac/schema-pgsql.sql index 16b7964..78dbb3d 100644 --- a/yii/rbac/schema-pgsql.sql +++ b/yii/rbac/schema-pgsql.sql @@ -18,9 +18,10 @@ create table "tbl_auth_item" "name" varchar(64) not null, "type" integer not null, "description" text, - "bizrule" text, + "biz_rule" text, "data" text, - primary key ("name") + primary key ("name"), + key "type" ("type") ); create table "tbl_auth_item_child" @@ -36,7 +37,7 @@ create table "tbl_auth_assignment" ( "item_name" varchar(64) not null, "user_id" varchar(64) not null, - "bizrule" text, + "biz_rule" text, "data" text, primary key ("item_name","user_id"), foreign key ("item_name") references "tbl_auth_item" ("name") on delete cascade on update cascade diff --git a/yii/rbac/schema-sqlite.sql b/yii/rbac/schema-sqlite.sql index 668196e..2b79bbf 100644 --- a/yii/rbac/schema-sqlite.sql +++ b/yii/rbac/schema-sqlite.sql @@ -18,9 +18,10 @@ create table 'tbl_auth_item' "name" varchar(64) not null, "type" integer not null, "description" text, - "bizrule" text, + "biz_rule" text, "data" text, - primary key ("name") + primary key ("name"), + key "type" ("type") ); create table 'tbl_auth_item_child' @@ -36,7 +37,7 @@ create table 'tbl_auth_assignment' ( "item_name" varchar(64) not null, "user_id" varchar(64) not null, - "bizrule" text, + "biz_rule" text, "data" text, primary key ("item_name","user_id"), foreign key ("item_name") references 'tbl_auth_item' ("name") on delete cascade on update cascade