I have three tables in the db. One is authmanager has rolename and user_id. The second is user which has the usual id, username and password. The third table is employee, which has 'id', 'user_id' and the rest of the fields. The problem is that in the index page of employee i want to show the employees in tabs and according to the roles in the 'authmanager' table. How can the relations of yii be used?
I am using rights for managing rights and authasignments. I want to get all the users belonging specific rolename. So far i get existing roles with the help of Rights::getAssignedRoles(). I am new to rights so please give me a direction to work.
Related
does anyone know how to show multiple roles that are under a user? I have setup my permissions so a user can be under multiple roles, which is set easily enough using the following
$user->assignRole(['Root', 'IT', 'HR']); // assigning roles
I am however having trouble showing all roles a user relongs to in the same way?
Has anyone done this and knows how to? I simply want to show on a page which role a user belongs to.
Refer to this link
https://spatie.be/docs/laravel-permission/v4/basic-usage/basic-usage
Get the names of the user's roles
$roles = $user->getRoleNames();
Returns a collection
if there are two tables (roles and user_roles) than you can check through inner join ('inner join' to check role must exist in 'roles' table that is assigned to a user) by passing user_id (user_id to get specific roles assigned by a user).
You can get a collection of roles assigned to the user via $user->roles
I'm looking to create a database for users with multi-level user rights and I don't know how to go about doing this. What I mean is that I want a manager of a business to be able to purchase my product; that person would be given Owner rights, but would also be able to grand additional users under that license--those people would be given Manager or User rights. Each level (as well as my level: Admin, and my staff: SuperUser) would obviously have individual rights/privileges).
What I'm asking, more specifically, is how to set up the database. For example, if my business is a corporate calendar/organizer, the Owner would set up departments, each with a Manager and many Users. What's the best and most efficient way to structure the database? Like, would each user (and each calendar entry) have to be associated with an ID that belongs to that specific Owner account? I'm just a little lost as to what the best way to organize the database to keep everything together, as I will have multiple different Owners with their own company structure under them.
I want to use MySQL and PHP.
I tried to make this as logical as possible. I think I'm making it too hard, but I am sure there is a standard that makes it easier....Thanks in advance.
At the very least every product/object whatsoever needs a foreign_key in its table, as for example the user's id. This is necessary and sets the relation from the product/object with the user.
And then it depends on how complex you want your system to become. An easy way would be to just use boolean columns in the user table, like an admin, an editor column and so on, with only true and false as values. In your code you could then use if and case to check if a user is an admin and show him parts of your app or not. Like a delete link for example. But you could also restrict updating and deleting to people whose user has a true value in the sufficient column.
The more complex route would include other id-fields in the tables which set a relation of something to something else. Like say you want the user to be a seller or a buyer, then you would add seller_id and buyer_id columns to the products table and check if the ids correspond with the user_id. But not "the" user_id, but a different user_id which you saved when the user created the product listing for example. This way you could guarantee, that besides your staff the user who created this thing has rights to edit it, too, because of the product's user_id being the same as his user_id (current user) when he is logged in to your system.
You could do even more complex relations but then you'd have to create another table and save other ids in it which relate certain users with say other users. In this table you save let's say a maintainer_id and a maintained_id, both have values of certain user_ids but this way you could make a relation between objects one user could change, though they belong to others. Or if you're talking of customers so the mainter_id would be allowed to write messages to those people with maintained_id, like if someone is a seller and the others are potential buyers.
I'm having a little trouble understanding exactly what you're looking for. From what I've gathered, it seems you want a database that holds permissions, users, and departments. In this very basic example I've created 3 tables. (assuming one user can only belong to one department)
You could set a foreign key in the users table which links to the primary key in the permissions table. The departments table would have the foreign key of the user_id.
You could base all of the logic on what each permission can do with your queries and application side logic.
(I can't embed images due to not having 'enough rep')
Here i do the Login Validation
$LoginData = Input::except(array('_token')) ;
if(Auth::attempt($LoginData))
{
return 'success';
}
My Table is different so, here i change the table name in auth.php
'table' => 'administrators'
But I have the dropdown to choose for the usertype.
So how can i choose the tables for Authentication according to the usertypeinput.
i.e., Table may be administrators or parents or employees
I don't know whether Laravel supports the change of auth table name on fly or not. I can suggest you a quick solution.
According to generalization theory of database design, you should store same type of information to one entity set. And according to specialization theory, if entity set can have various types of information for each entity, break them down into sub entity sets.
Suggestion:
Create user_types table with column id & name (store user type names here)
Create table users with 4 columns id, email/username, password & user_type_id (user_type_id is foreign key references id of user_types)
Create 3 separate tables named administrators, parents or employees. All 3 tables should have one column user_id which is a foreign key references users table.
Create relationship in model
After a user login, you can determine which type of user he/she is from the user<->user_type relation
You can get rid of the usertype dropdown from login page view now (You were disclosing some important information (3 user types) about your application to the whole planet, isn't it harmful for your application?)
More info about generalization & specialization:
Generalization, Specialization and Aggregation
I want to design a DB which will be connected to PHP Application. In the app there are two types of users: company and person. Some functionality like adding articles will be done by both so in other tables there are author_id columns. So firstly I decided to create user column.
That's easy: id, username, password, role, active, created where role defines whether user is person or company.
Now I want to add profile table or profile tables depends on what you'd suggest (joined with the previous table by adding profile_id column there).
Both roles have different fields, which are required during registration.
The easiest thing would be to create one table with all required fields for both roles, allow them NULL values and in the PHP app (made in Yii Framework in this case) define requirements for each role in models.
The nicest thing would be to create separate tables for both roles BUT the questions is how to connect these two tables to one table using Foreign Key? Is it even possible. I know I may omit foreign key creation then based on role choose table, and from that table choose profile_id.
Or maybe you have another solution to my problem.
Thanks in advance for replies.
Adrian
You need an intermediary between the page and the database to assign the user to a group that has specific privileges. It's usually accomplished with a user-group-role design.
You can have a table for users system info (username , pass ...), and another for users profile (firstname , birthday ...), and another for groups(superuser , ...).
where user table can have multiple groups: user:one->group:many
user can have one profile user:one->profile:one
I think this is a decent solution.
I already have a simple registration system in place using php and mysql. It operates well enough. However, when people visit my site and register, I would like for them to register as part of a particular group. So, I was thinking that registration would happen like this:
Visitor lands on index.php, clicks on "Group Registration" link.
Visitor supplies group name and group password. [A new table is created for that group where all user data will be stored for that particular group]
Visitor then is prompted for typical registration data--name, email, etc.--and that data is stored in the newly created group table.
Any subsequent visitors associated with that group would click on "User Reg"
The visitor would be prompted for group name and password
If correct, then he would be prompted for typical reg data, to be stored in his group's table.
What I don't know how to do is implement the group authentication prior to allowing user registration. Can someone help me with that?
If the visitor is entering a group name and password, then you can authenticate the same way you are doing the users. You just need to first ask yourself if the group name needs to be unique or the group/password combination.
As for your idea to add a new table for each group, that is a bad idea. Imagine if you have 100 groups. Then you will have 100 tables just for groups. If you get up to 1000 groups, then you will have 1000 tables. Try managing that. It will get really frustrating really fast. Instead, what you should do is to first create a "Group" table with all the associated data (group name, password, etc). Then add a field to your User table that will hold the associated id from the Group table. That way, whenever you look up the user, you can easily check what group the user is in simply by joining the two tables rather than trying to figure out what table to look at as in your original plan.
What you want to end up with is a table for your users and another (single) table for your group information. The user table will have a foreign key field to link it to a group. When a user joins a group, you will enter a value in that field. Users not in groups will have a null value in that field. If users can create groups, they will simply be adding a new row to the groups table.
If your users can be in multiple groups, set up your tables like this.
USER
- id
- username
- password
- etc...
GROUP
- id
- name
- password (?)
- etc...
USER_GROUP_CR
- fk_user
- fk_group
The USER_GROUP_CR table is a "cross reference" or "link" table that will allow you to create a many to many relationship. This way you can have users in multiple groups without creating extra tables. When a user joins a group, add a row to the USER_GROUP_CR table with the id of the user and the id of the group. You can query this table to find out which groups a user belongs to, or to find out which users are in a group.
You should not create a new table for every group.