I have a project that I am working on and I've been researching about having User Levels and the recommended & secure ways of doing it.
The project will have some more complex stuff like groups, users, pages, chat and I don't want to make some changes now and be required to re-change the logic when I will add the other features.
I would like some advice or help on this, I would appreciate it very much.
The way I was thinking was either
Have a table named userlevels (for example) with 3 columns ID, Name, Permissions
1, user
2, Administrator, {"admin": 1} with json
OR
Have an additional row with permissions in the normal users table, and have a row for example
is_admin [0,1]
Is it okay to do it like this ? If you have any other ideas for me I would honestly appreciate it very much.
Thanks in Advance!
I'll propose a more normalized solution that should be completely flexible going forward.
A table of users:
UserID (PK)
UserName
A table of permissions
PermissionId (PK)
Permission
A junction table to resolve the many-to-many relationship between users and permissions
UserID (FK to users)
PermissionId (FK to permissions)
Related
I have an existing website, that doesn't use any specific framework. This project is much older and is slowly being evolved, which is somewhat of a nightmare really.
Currently, I am trying to implement a better solution to current users to have 'assistants' to their accounts.
The current data resides like this (users & contacts tables):
**users table**
userId, email, password...
1 test#test.com, pa$$word
2 ass#test.com, pa$$word
**contacts table**
contactId, userId, fName, lName...
1, 1, john, doe
I am trying to figure out how to modify my site to enable userId's (1&2), to be able to access this contact.
Instead of starting over, any direction or samples that I could glean from on how to solve this issue of mine? Any help would be greatly appreciated.
Remove the userId column from the contacts table and create a new table contacts_users with two columns, contactId and userId.This is called a PIVOT TABLE and allows many-to-many relationships like what you are describing.
I'm looking to create a database for users with multi-level user rights and I don't know how to go about doing this. What I mean is that I want a manager of a business to be able to purchase my product; that person would be given Owner rights, but would also be able to grand additional users under that license--those people would be given Manager or User rights. Each level (as well as my level: Admin, and my staff: SuperUser) would obviously have individual rights/privileges).
What I'm asking, more specifically, is how to set up the database. For example, if my business is a corporate calendar/organizer, the Owner would set up departments, each with a Manager and many Users. What's the best and most efficient way to structure the database? Like, would each user (and each calendar entry) have to be associated with an ID that belongs to that specific Owner account? I'm just a little lost as to what the best way to organize the database to keep everything together, as I will have multiple different Owners with their own company structure under them.
I want to use MySQL and PHP.
I tried to make this as logical as possible. I think I'm making it too hard, but I am sure there is a standard that makes it easier....Thanks in advance.
At the very least every product/object whatsoever needs a foreign_key in its table, as for example the user's id. This is necessary and sets the relation from the product/object with the user.
And then it depends on how complex you want your system to become. An easy way would be to just use boolean columns in the user table, like an admin, an editor column and so on, with only true and false as values. In your code you could then use if and case to check if a user is an admin and show him parts of your app or not. Like a delete link for example. But you could also restrict updating and deleting to people whose user has a true value in the sufficient column.
The more complex route would include other id-fields in the tables which set a relation of something to something else. Like say you want the user to be a seller or a buyer, then you would add seller_id and buyer_id columns to the products table and check if the ids correspond with the user_id. But not "the" user_id, but a different user_id which you saved when the user created the product listing for example. This way you could guarantee, that besides your staff the user who created this thing has rights to edit it, too, because of the product's user_id being the same as his user_id (current user) when he is logged in to your system.
You could do even more complex relations but then you'd have to create another table and save other ids in it which relate certain users with say other users. In this table you save let's say a maintainer_id and a maintained_id, both have values of certain user_ids but this way you could make a relation between objects one user could change, though they belong to others. Or if you're talking of customers so the mainter_id would be allowed to write messages to those people with maintained_id, like if someone is a seller and the others are potential buyers.
I'm having a little trouble understanding exactly what you're looking for. From what I've gathered, it seems you want a database that holds permissions, users, and departments. In this very basic example I've created 3 tables. (assuming one user can only belong to one department)
You could set a foreign key in the users table which links to the primary key in the permissions table. The departments table would have the foreign key of the user_id.
You could base all of the logic on what each permission can do with your queries and application side logic.
(I can't embed images due to not having 'enough rep')
I want to design a DB which will be connected to PHP Application. In the app there are two types of users: company and person. Some functionality like adding articles will be done by both so in other tables there are author_id columns. So firstly I decided to create user column.
That's easy: id, username, password, role, active, created where role defines whether user is person or company.
Now I want to add profile table or profile tables depends on what you'd suggest (joined with the previous table by adding profile_id column there).
Both roles have different fields, which are required during registration.
The easiest thing would be to create one table with all required fields for both roles, allow them NULL values and in the PHP app (made in Yii Framework in this case) define requirements for each role in models.
The nicest thing would be to create separate tables for both roles BUT the questions is how to connect these two tables to one table using Foreign Key? Is it even possible. I know I may omit foreign key creation then based on role choose table, and from that table choose profile_id.
Or maybe you have another solution to my problem.
Thanks in advance for replies.
Adrian
You need an intermediary between the page and the database to assign the user to a group that has specific privileges. It's usually accomplished with a user-group-role design.
You can have a table for users system info (username , pass ...), and another for users profile (firstname , birthday ...), and another for groups(superuser , ...).
where user table can have multiple groups: user:one->group:many
user can have one profile user:one->profile:one
I think this is a decent solution.
I've done quit a bit of programming with php/mysql on small scale personal projects. However I'm working on my first commercial app that is going to allow customers or businesses to log in and perform CRUD operations. I feel like a total noob asking this question but I have never had to do this before and cannot find any relevant information on the net.
Basically, I've created this app and have a role based system set up on my data base. The problem that I'm running into is how to separate and fetch data for the relevant businesses or groups.
I can't, for example, set my queries up like this: get all records from example table where user id = user id, because that will only return data for that user and not all of the other users that are related to that business. I need a way to get all records that where created by users of a particular business.
I'm thinking that maybe the business should have an id and I should form my queries like this: get all records from example where business id = business id. But I'm not even sure if that's a good approach.
Is there a best practice or a convention for this sort data storing/fetching and grouping?
Note:Security is a huge issue here because I'm storing legal data.
Also, I'm using the latest version of laravel 4 if that's any relevance.
I would like to hear peoples thoughts on this that have encountered this sort problem before and how they designed there database and queries to only get and store data related to that particular business.
Edit: I like to read and learn but cannot find any useful information on this topic - maybe I'm not using the correct search terms. So If you know of any good links pertaining to this topic, please post them too.
If I understand correctly, a business is defined within your system as a "group of users", and your whole system references data belonging to users as opposed to data belonging to a business. You are looking to reference data that belongs to all users who belong to a particular business. In this case, the best and most extensible way to do this would be to create two more tables to contain businesses and business-user relations.
For example, consider you have the following tables:
business => Defines a business entity
id (primary)
name
Entry: id=4, name=CompanyCorp
user => Defines each user in the system
id (primary)
name
Entry: id=1, name=Geoff
Entry: id=2, name=Jane
business_user => Links a user to a particular business
user_id (primary)
business_id (primary)
Entry: user_id=1, business_id=4
Entry: user_id=2, business_id=4
Basically, the business_user table defines relationships. For example, Geoff is related to CompanyCorp, so a row exists in the table that matches their id's together. This is called a relational database model, and is an important concept to understand in the world of database development. You can even allow a user to belong to multiple different companies.
To find all the names of users and their company's name, where their company's id = 4...
SELECT `user`.`name` as `username`, `business`.`name` as `businessname` FROM `business_user` LEFT JOIN `user` ON (`user`.`id` = `business_user`.`user_id`) LEFT JOIN `business` ON (`business`.`id` = `business_user`.`business_id`) WHERE `business_user`.`business_id` = 4;
Results would be:
username businessname
-> Geoff CompanyCorp
-> Jane CompanyCorp
I hope this helps!
===============================================================
Addendum regarding "cases" per your response in the comments.
You could create a new table for cases and then reference both business and user ids on separate columns in there, as the case would belong to both a user and a business, if that's all the functionality that you need.
Suppose though, exploring the idea of relational databases further, that you wanted multiple users to be assigned to a case, but you wanted one user to be elected as the "group leader", you could approach the problem as follows:
Create a table "case" to store the cases
Create a table "user_case" to store case-user relationships, just like in the business_user table.
Define the user_case table as follows:
user_case => Defines a user -> case relationship
user_id (primary)
case_id (primary)
role
Entry: user_id=1, case_id=1, role="leader"
Entry: user_id=2, case_id=1, role="subordinate"
You could even go further and define a table with definitions on what roles users can assume. Then, you might even change the user_case table to use a role_id instead which joins data from yet another role table.
It may sound like an ever-deepening schema of very small tables, but note that we've added an extra column to the user_case relational table. The bigger your application grows, the more your tables will grow laterally with more columns. Trust me, you do eventually stop adding new tables just for the sake of defining relations.
To give a brief example of how flexible this can be, with a role table, you could figure out all the roles that a given user (where user_id = 6) has by using a relatively short query like:
SELECT `role`.`name` FROM `role` RIGHT JOIN `user_case` ON (`user_case`.`role_id` = `role`.`id`) WHERE `user_case`.`user_id` = 6;
If you need more examples, please feel free to keep commenting.
I would like to construct a database of the following nature:
There are different types of people, and each person does many jobs, example:
cleaner: clean toilet, clean kitchen
maid: do laundry, cook breakfast, cook lunch
gardener: plant flowers, water flowers
I will also have a MySQL database with all of the cleaners, maids, gardeners, etc. The user will write which job he needs into an HTML form and then the PHP file will determine who does the desired job and then select the most appropriate person for the job.
How do I structure the above database? Do I do it just as I did above?
How does PHP "put them together"? Must I use arrays?
Should I put this database directly into the PHP code or in a separate text file (or other kind of file)?
Thanks everyone!
As indicated in the other post, you need to learn basics before you dive into something complicated. There are ample tutorials on web which are easy to understands and get started with.
You may start with this tutorial to get a grasp of working with MySQL and PHP, and then you can use the following schema for your web-application.
people
people_id (PK)
name
roles
role_id (PK)
role_name
tasks
task_id (PK)
role_id (FK)
task_desc
people_roles
pr_id (PK)
people_id (FK)
role_id (FK)
people -- all the employees/people and their details
roles -- all the available roles
tasks -- tasks that each role is assigned, role and task has one to many relationship (see the FK?)
people_roles -- this is a link table that makes may-to-many relation ship between people and roles, so that a gardener can be act as a cook. If you wish to assign so.
Hope this helps.
You need to learn to walk before you can run.
I would do some basic PHP/MySQL tutorials first to get yourself familiar with the very basics of data manipulation. Then maybe to speed up production use a framework, CakePHP would by my recommendation based on it's powerful auto-magic CRUD (Create, Read, Update, Delete - something else to read up on :) ).