How to divide multiple users access and permissions? i did it first time by creating different dashboard for 3 type users for example administrators redirected to user/admin/dashboard and moderators to user/moderator/dashboard and and so on. but i want to find an easy way to do this by knowing user roles and manage their access.
my user table is something looks likes :
mysql:
CREATE TABLE IF NOT EXISTS `users` (
`user_id` int(9) NOT NULL AUTO_INCREMENT,
`email_add` varchar(35) COLLATE utf8_bin DEFAULT NULL,
`password` varchar(128) COLLATE utf8_bin NOT NULL,
`last_login` datetime NOT NULL,
`usr_typ_id` int(4) DEFAULT NULL,
`permissions` varchar(50) COLLATE utf8_bin DEFAULT NULL,
PRIMARY KEY (`user_id`),
UNIQUE KEY `email_add` (`email_add`),
KEY `fk_usr_typ_id` (`usr_typ_id`)
) ENGINE=InnoDB DEFAULT CHARSET=utf8 COLLATE=utf8_bin AUTO_INCREMENT=92090005 ;
-
ALTER TABLE `users`
ADD CONSTRAINT `fk_usr_typ_id` FOREIGN KEY (`usr_typ_id`) REFERENCES `user_type` (`type_id`);
Once i used drupal it was perfect, i wish just something look likes that,nothing completely like that.:)
Use the Permission Class.
Watch this video to see this in action.
I usually use a separated table to define user acces. Let's say its name is tbl_acces and it has 2 columns: usr_typ_id & menu_id.
A menu_id is can be a page or a function in the controllers. So if user access a function in controller via URL it will do some checking whether user is authorized to access that page/menu.
Related
I've been tasked with adding in a link/menu dashboard for my work. It needs to have user permissions to view/not view each link record on a per user basis.
Most time this is done with user groups, I need to do it per-user for per-link.
I have started by using a middle database table to join users and links as well as hold the user permission if they are allowed to view each link. I will show the Database design below.
What I need help with is build a table/grid to mass set permissions for each user on each menu link.
I would like to do it similar to this image below...
View full size image
So I need to pull in users from the database and the links from the database as well as the permission records.
Build a grid with users in the vertical column and links in the horizontal.
The permissions setting will then fill in the grid spaces and I think it would be best to have a simple Form Selection field for a yes/no value.
Admin can change permissions for each user and submit the form which will need to then update every Permission record!
Here is what my 3 demo database tables look like...
Links table
CREATE TABLE IF NOT EXISTS `links` (
`id` int(11) NOT NULL,
`parent` int(11) NOT NULL DEFAULT '0',
`sort` int(11) NOT NULL DEFAULT '0',
`text` char(32) COLLATE utf8_bin NOT NULL,
`link` text COLLATE utf8_bin NOT NULL,
`permission` int(11) NOT NULL DEFAULT '0'
) ENGINE=InnoDB AUTO_INCREMENT=6 DEFAULT CHARSET=utf8 COLLATE=utf8_bin;
User table
CREATE TABLE IF NOT EXISTS `user` (
`id` int(11) NOT NULL DEFAULT '0',
`name` varchar(255) COLLATE utf8_bin NOT NULL DEFAULT 'user',
) ENGINE=InnoDB DEFAULT CHARSET=utf8 COLLATE=utf8_bin;
**Permission table: user_link_permissions **
CREATE TABLE IF NOT EXISTS `user_link_permissions` (
`id` int(100) NOT NULL,
`user_id` int(30) NOT NULL,
`link_id` int(30) NOT NULL,
`permission` int(2) NOT NULL DEFAULT '0'
) ENGINE=InnoDB AUTO_INCREMENT=41 DEFAULT CHARSET=latin1;
Where I need some help...
I am not sure how to best generate the Grid of Users, Links, and Permissions.
As well as how submitting all that data could be processed in the backend to save all settings.
I will post more progress as it comes but right now I could use some direction please?
I realize i'll need to query and get all users as well as all links and then all user_link_permissions but I am at a loss as to how to create this grid and make it all correspond with the correct values, etc.
UPDATE:
I just found this link which seems to do something similar which looks like a good reference. It even saves the grid value with AJAX which should simplify things and load I believe. http://runastartup.com/how-to-update-a-mysql-field-in-a-multi-table-matrix/
First of all, i have searched, and I have asked this question once before:
Creating a Like function php mysql ajax
The DB problem in that thread was solved. And i followed the instructions to create a second thred, for the AJAX problem.
I found this jQuery : Changing class of button with AJAX call, and it looks simpel and very nice. And i have also followed this http://pluscss.com/tutorials/ajax-like-script-using-php-mysql-jquery tutorial. But I'm having problems combine them.
This is what I'm trying to do:
count the current amount of likes
check if the user have liked it before
give the user the option to like (or delike if previously liked)
with ajax and like.php as a respons page (or whatever)
Im trying to create a function that will return the current amount of likes (I'm no good at creating functions, sorry bout that)
function like($post_id,$comment_id)
{
$count = $mysqli->query("SELECT COUNT(*) as TOTAL_COMMENT_LIKES FROM `comments_likes`
WHERE comment_id_fk='".$comment_id."'");
if $row_array=$count->fetch_array(MYSQLI_ASSOC); < 0
then echo "be the first to like"
else
check if user already have liked it
give option to delike
if not have liked
then give option to like
return $TOTAL_COMMENT_LIKES or $TOTAL_POST_LIKE
}
I have two tables, one for the liked posts and one for liked comments
CREATE TABLE IF NOT EXISTS `post_likes` (
`like_id` int(11) NOT NULL PRIMARY KEY AUTO_INCREMENT,
`post_id_fk` INT(11),
`uid_fk` int(11) NOT NULL,
`date` datetime NOT NULL DEFAULT '0000-00-00 00:00:00',
`ip` varchar(39) COLLATE utf8_unicode_ci NOT NULL DEFAULT '0.0.0.0',
FOREIGN KEY (post_id_fk) REFERENCES posts(post_id),
FOREIGN KEY (uid_fk) REFERENCES users(user_id)
) ENGINE=InnoDB DEFAULT CHARSET=utf8 COLLATE=utf8_unicode_ci AUTO_INCREMENT=1;
CREATE TABLE IF NOT EXISTS `comment_likes` (
`like_id` int(11) NOT NULL PRIMARY KEY AUTO_INCREMENT,
`comment_id_fk` INT(11),
`uid_fk` int(11) NOT NULL,
`date` datetime NOT NULL DEFAULT '0000-00-00 00:00:00',
`ip` varchar(39) COLLATE utf8_unicode_ci NOT NULL DEFAULT '0.0.0.0',
FOREIGN KEY (comment_id_fk) REFERENCES comments(comment_id),
FOREIGN KEY (uid_fk) REFERENCES users(user_id)
) ENGINE=InnoDB DEFAULT CHARSET=utf8 COLLATE=utf8_unicode_ci AUTO_INCREMENT=1;
And to top it of with AJAX:
function like(_element){
if($(_element).hasClass('unlike')){
$.ajax(); //do unlike
$(_element).removeClass('unlike'); // this goes inside the success:function(){} of the ajax call
}else{
$.ajax(); //do like
$(_element).addClass('unlike'); // this goes inside the success:function(){} of the ajax call
}
}
All help is very much appreciated!
I have a project coming up for doing Admin functions so my question is this. I will try and be clear as possible.
I will have one SUPER-USER who updates all information for other regular-users/people(being our clients).
The clients/regular-users when they log in will only see their info and download files uploaded by SUPER-USER and not see for regular-users.
So if you are Client:#01 you will see the dashboard (welcome page) and your info. Can anyone suggest possible database designs for this.
How to use left/right sql-joins between the user and files table?
UPDATE
I have a users table as well as a company table that the user belongs to. So essentially I want something like this::
$sql = select everything in the users table where the username and pass = to the given form, then left or right join that username to the company that he belong to.
Then they will see their information. if logged in successfully. Because user #01 belongs to company #03 /#01 etc...
USER TABLE looks so
`id` int(11) NOT NULL AUTO_INCREMENT,
`fname` varchar(50) NOT NULL,
'lname` varchar(100) NOT NULL,
`username` varchar(50) ,
`password` varchar(100) ,
`company` varchar(50) // the company name that ther user belongs to
PRIMARY KEY (`id`)
COMPANY table
'id' int(11) not null auto_increment,
'user_id' int(11) //This is to tie the users to this table
'description' varchar(text),
'filename' varchar(25) not null,
'mimetype' varchar (25) not null
PRIMARY KEY ('id')
Well, it depends on how simple or complex you want to go. with something like this I usually will keep it relatively simple and have a main user database (for all users) example:
CREATE TABLE IF NOT EXISTS `user` (
`user_id` int(255) NOT NULL AUTO_INCREMENT,
`user_name` varchar(50) NOT NULL,
`user_pass` varchar(100) NOT NULL,
`user_permissions` tinyint(1) NOT NULL DEFAULT '0',
`active` tinyint(1) NOT NULL DEFAULT '1',
`date` timestamp NOT NULL DEFAULT CURRENT_TIMESTAMP,
PRIMARY KEY (`id`)
) ENGINE=MYISAM;
Then I would have possible a second table of permissions depending on how many permissions I was going to have. If all you are going to have is users and super users then you could probably just assign users a value of 0 and then super user a value of 1.
Then in your PHP script it would treat the users different based on their "user_permissions" value.
Now if you are intending to have lots of different levels of permissions then I would definitely create at least one more table to define permissions example:
CREATE TABLE IF NOT EXISTS `permission` (
`permission_id` int(255) NOT NULL AUTO_INCREMENT,
`permission_name` varchar(100) NOT NULL,
`permission_value` int(10) NOT NULL,
PRIMARY KEY (`id`)
) ENGINE=MYISAM;
Then in the permissions table you could assign all sorts of different permissions... read, write, publish, admin, regular user, super user etc.
This is just a very simple starting point. hope that helps.
PHP version: 5.2.17
CakePHP version: 1.3.11
MySQL version: 5.5.9
I'm working on a very simple internal message board website for a client. Since it's for internal use only, the client requested that rather than having usernames and passwords, there is just a password. No usernames. There is one password for the administrator and another password for everybody else.
Here is the database structure:
CREATE TABLE `messages` (
`id` bigint(20) NOT NULL AUTO_INCREMENT,
`date` date DEFAULT NULL,
`time` time DEFAULT NULL,
`from` varchar(255) DEFAULT NULL,
`to` varchar(255) DEFAULT NULL,
`subject` varchar(255) DEFAULT NULL,
`regards` varchar(255) DEFAULT NULL,
`memo` text,
`deleted` varchar(255) DEFAULT NULL,
PRIMARY KEY (`id`),
KEY `date` (`date`)
) ENGINE=InnoDB DEFAULT CHARSET=latin1 AUTO_INCREMENT=28 ;
CREATE TABLE `passwords` (
`id` tinyint(1) unsigned NOT NULL AUTO_INCREMENT,
`password` varchar(40) NOT NULL,
`is_admin_password` char(1) DEFAULT 'N',
PRIMARY KEY (`id`)
) ENGINE=InnoDB DEFAULT CHARSET=latin1 AUTO_INCREMENT=3 ;
This is my "User" model:
class User extends AppModel {
var $name = 'User';
var $useTable = 'passwords';
}
I'm working on the "Change Password" portion of the website now, which is only accessible to the administrator. The form has a dropdown menu where they choose which password they're changing and then they have to type in the current password, new password, and confirm the new password.
Once the administrator submits the "Change Password" form, the controller checks which password they are changing and then looks up that password in the database to verify that they typed in the correct current password. This is the code that looks up the password:
$this->User->findById($this->data['User']['id'])
For some reason, this is the SQL generated by CakePHP no matter what the $this->data['User']['id'] variable is set to (as long as it's a string):
SELECT `User`.`id`, `User`.`password`, `User`.`is_admin_password` FROM `passwords` AS `User` WHERE `User`.`id` = 1 LIMIT 1
Why is it always looking up ID 1 even when I tell it to look up ID 2? I've also tried changing the "findById" to a regular "find" and that didn't change anything. It seems to only be when I use the "id" field as the condition. Why is this happening?
Your passwords table has its id field defined as tinyint(1) i.e. it can only ever be 0 or 1. CakePHP is doing the right thing.
A bit off topic, but what would happen if one day your client asks you to have a third type of role, meaning not administrator and not what you call today 'everyone else' ? With your database structure it would be difficult to do that.
Personaly I would start with a standard users datatable (i.e. with a username), and well, ok, if you are asked to never display it, well, never display it in the view, but this would be really much more evolutive because the database would be ready for more functionnalities.
And by the way, the fact that you called the model for the 'passwords' datatable 'User' makes me think that your are not far from thinking the same ;-)
Just my two cents...
In my application, I have a "user" table that has the following structure.
CREATE TABLE IF NOT EXISTS `users` (
`userId` int(10) unsigned NOT NULL auto_increment,
`username` varchar(128) NOT NULL default '',
`password` varchar(32) NOT NULL default '',
`email` text NOT NULL,
`newsletter` tinyint(1) NOT NULL default '0',
`banned` enum('yes','no') NOT NULL default 'no',
`admin` enum('yes','no') NOT NULL default 'no',
`signup_ip` varchar(20) NOT NULL default '',
`activation_key` varchar(60) NOT NULL default '',
`resetpassword_key` varchar(60) NOT NULL default '',
`createdon` datetime NOT NULL default '0000-00-00 00:00:00',
PRIMARY KEY (`userId`)
) ENGINE=MyISAM DEFAULT CHARSET=latin1 AUTO_INCREMENT=27 ;
I want to implement social login via Facebook, Twitter, and OpenID in my application, just like Stack Overflow did.
I would suggest that you introduce the concept of an AuthenticationProvider:
CREATE TABLE IF NOT EXISTS `AuthenticationProvider` (
`ProviderKey` varchar(128) NOT NULL,
`userId` int(10) unsigned NOT NULL,
`ProviderType` enum('facebook','twitter', 'google') NOT NULL,
PRIMARY KEY (`ProviderKey`) )
ENGINE=MyISAM DEFAULT CHARSET=latin1;
Each login provider provides a unique key for the user. This is stored in ProviderKey. The ProviderType contains information about which login provider this ProviderKey belongs to, and finally, the userId column couples the information with the users table. So when you receive a succesful login from one of the login providers you find the corresponding ProviderKey in the table and use set the authentication cookie for the user in question.
I'm not sure that you want the ProviderType to be an enum. It would probably be more correct to make another table that could hold these.
When a user first registers with your site, and logs in via Facebook, for example, you will have to create a row in the users table. However, there will be no password, activation_key and resetpassword_key involved. So you may want to move those fields to a separate table, such that your users table only contains the core user data, and no data that is only relevant for a single login mechanism (username/password).
I hope this makes sense and that it points you in the right direction.
/Klaus