I know we can create groups in ion auth. But I need sub group inside members and staff groups.The following user roles are required for my project.
Admin
Members
plan A members
plan B members
plan C members
Staff
technical staff
management staff
general staff
Based on plan selected by member, the 'views' and functionalities will change.
I was thinking of adding a new column to users table to specify the plan used.
Another option is to create 3 plan groups without parent member group.
Is there any other way to add sub groups using ion auth?
#Arunu - your idea to make them each groups, not subgroups, is the best way to go.
There is no real reason to have a hierarchy of permissions (I think you may be mixing authentication with ACL a bit, a very easy thing to do).
Ion_auth is set up so that a user can have multiple groups - so, for example, all your users could have a Members record, and then a separate record for each sub group.
Each controller entry point simply says what groups are allowed in or not - it treats them all the same.
also, you can dynamically display data based on what groups the user belongs to
Related
I'm looking to create a database for users with multi-level user rights and I don't know how to go about doing this. What I mean is that I want a manager of a business to be able to purchase my product; that person would be given Owner rights, but would also be able to grand additional users under that license--those people would be given Manager or User rights. Each level (as well as my level: Admin, and my staff: SuperUser) would obviously have individual rights/privileges).
What I'm asking, more specifically, is how to set up the database. For example, if my business is a corporate calendar/organizer, the Owner would set up departments, each with a Manager and many Users. What's the best and most efficient way to structure the database? Like, would each user (and each calendar entry) have to be associated with an ID that belongs to that specific Owner account? I'm just a little lost as to what the best way to organize the database to keep everything together, as I will have multiple different Owners with their own company structure under them.
I want to use MySQL and PHP.
I tried to make this as logical as possible. I think I'm making it too hard, but I am sure there is a standard that makes it easier....Thanks in advance.
At the very least every product/object whatsoever needs a foreign_key in its table, as for example the user's id. This is necessary and sets the relation from the product/object with the user.
And then it depends on how complex you want your system to become. An easy way would be to just use boolean columns in the user table, like an admin, an editor column and so on, with only true and false as values. In your code you could then use if and case to check if a user is an admin and show him parts of your app or not. Like a delete link for example. But you could also restrict updating and deleting to people whose user has a true value in the sufficient column.
The more complex route would include other id-fields in the tables which set a relation of something to something else. Like say you want the user to be a seller or a buyer, then you would add seller_id and buyer_id columns to the products table and check if the ids correspond with the user_id. But not "the" user_id, but a different user_id which you saved when the user created the product listing for example. This way you could guarantee, that besides your staff the user who created this thing has rights to edit it, too, because of the product's user_id being the same as his user_id (current user) when he is logged in to your system.
You could do even more complex relations but then you'd have to create another table and save other ids in it which relate certain users with say other users. In this table you save let's say a maintainer_id and a maintained_id, both have values of certain user_ids but this way you could make a relation between objects one user could change, though they belong to others. Or if you're talking of customers so the mainter_id would be allowed to write messages to those people with maintained_id, like if someone is a seller and the others are potential buyers.
I'm having a little trouble understanding exactly what you're looking for. From what I've gathered, it seems you want a database that holds permissions, users, and departments. In this very basic example I've created 3 tables. (assuming one user can only belong to one department)
You could set a foreign key in the users table which links to the primary key in the permissions table. The departments table would have the foreign key of the user_id.
You could base all of the logic on what each permission can do with your queries and application side logic.
(I can't embed images due to not having 'enough rep')
I am using Ion Auth for user authentication. The system i am trying to build needs two different users tables for client and admin. As in the application/config/ion_auth.php i can change only one table name, how i can make sure two controllers uses two different users table?
Why not create groups instead? You can use the create_group method
then just check if the user belongs to that group.
Just create a Client group and an Admin group. You can also add more like Moderator group, etc.
This way is more convenient that having more than 1 users table
Make new tables with needed fields and relate it to group_id in users_groups.
Each table in a database should represent an entity. Since you need an entity User for authentication purposes you should have one table for all users. After that you can create tables for Admin and Client and create relationships between those and the Users table.
I want to design a DB which will be connected to PHP Application. In the app there are two types of users: company and person. Some functionality like adding articles will be done by both so in other tables there are author_id columns. So firstly I decided to create user column.
That's easy: id, username, password, role, active, created where role defines whether user is person or company.
Now I want to add profile table or profile tables depends on what you'd suggest (joined with the previous table by adding profile_id column there).
Both roles have different fields, which are required during registration.
The easiest thing would be to create one table with all required fields for both roles, allow them NULL values and in the PHP app (made in Yii Framework in this case) define requirements for each role in models.
The nicest thing would be to create separate tables for both roles BUT the questions is how to connect these two tables to one table using Foreign Key? Is it even possible. I know I may omit foreign key creation then based on role choose table, and from that table choose profile_id.
Or maybe you have another solution to my problem.
Thanks in advance for replies.
Adrian
You need an intermediary between the page and the database to assign the user to a group that has specific privileges. It's usually accomplished with a user-group-role design.
You can have a table for users system info (username , pass ...), and another for users profile (firstname , birthday ...), and another for groups(superuser , ...).
where user table can have multiple groups: user:one->group:many
user can have one profile user:one->profile:one
I think this is a decent solution.
I have the hierarchy where there are different categories of users like
Staff Admins
Teachers
Parents
Students
I was thinking to put them all in one database table called usertable
But then all categories will their different attributes and then students will also have their parents. SO there will be many to many relationships with own usertable.
But if i make different tables then the login process will be different for different people.
HOw should i go
Since the users will all share common details, like username, password, etc., you only need one user table for them. You should actually use the FOSUserBundle for this. If different types of users have different sets of unique details, I suggest creating additional tables per user type, and use a foreign key to link users from the user table to the new table (perhaps named something like parent_profile, student_profile, etc.)
In regards to the hierarchy of users, you should be using roles. The Symfony2 docs have all the info you'll need on this subject.
If you need to link users to each other, read up on Doctrine 2's support for one-to-one self referencing and one-to-many self referencing associations. If you use separate entity classes for user user type, you can use the regular one-to-one and one-to-many association techniques.
Hope this helps.
I'm using Codeigniter with Ion Auth for user management. I'd like to create two different user roles - one for volunteers and one for organizations. I know that I can use Ion Auth's groups for things like access control, but what would be a good way to add fields to the different user types (for instance - the volunteer user will have a 'languages spoken' field while the organization will have a 'mission' field)? Should I extend the Ion Auth class for each new user type and handle CRUD seperately for each type, or use the 'groups' field and the user id to reference the fields in another table? Any insight as to an approach to this common problem?
I would recommend just adding all the fields you need into the meta table and only updating the ones you need per user group. If you need multiple groups per user check out Ion Auth v2.
I had the same problem before, what I ended up doing was building relation tables to handle different groups with different fields. Then I modified the profile() code a bit, to join the additional relation table according to the user's group settings.
I would start off building a relational database.
example:
**volunteers table**
id
user_id
languages
**organizations table**
id
user_id
mission
Then depending on user group, join the table in profile() function.
Hope this helps!