I have been using cakephp for creating web application. In my current project there are two database users one for admin another for site users, how can I configure cakephp so that the admin can login to the site with more database operations power ?
Thank you
I agree. Sometimes, it's better having permissions handled in your application layer than the database layer. However, if you really, really want to have that extra layer of security in your database as well, then you should set up multiple database connections:
var $default = array(
'driver' => 'mysql',
'persistent' => false,
'host' => 'localhost',
'login' => 'normaluser',
'password' => '',
'database' => 'db',
'prefix' => '',
);
var $admin = array(
'driver' => 'mysql',
'persistent' => false,
'host' => 'localhost',
'login' => 'adminuser',
'password' => '',
'database' => 'db',
'prefix' => '',
);
You can then use $this->ModelName->setDataSource('admin') if the user is in the admin section, or whatever condition that you might impose.
I would suggest that you look at the admin_ prefix routing. CakePHP lets you handle admin powers quite easily. Prefix Routing Additionally, you can add a field in your users table to indicate the role of the user, and check that against the current prefix.
the most robust solution will likely be setting up Access Control Lists(ACLs). This will allow you to delegate permissions based on a user role that you designate.
For example admin has a group_id of 1, and users have a group_id of 2. Then you can allow admins to have access to certain operations within your web app.
Here's the cake documentation on this feature.
http://book.cakephp.org/view/1242/Access-Control-Lists
Related
I have two web Applications. I will login in to one Web Application and will navigate to another by links or redirection from the first Application. Lastly after completing some steps in Application two, I will be redirected to Application one. How can I implement this?
Create a new database called sessions.
Configure a connection profile for the session database secondary to your apps primary databases for both apps.
And then they should be syncing up in storing the data for sessions, being able to share them etc...
config/database.php
'app_main_database' => [
'driver' => env('DB_CONNECTION'),
'host' => env('DB_HOST'),
'port' => env('DB_PORT'),
'database' => env('DB_DATABASE'),
'username' => env('DB_USERNAME'),
'password' => env('DB_PASSWORD'),
],
'sessions_database' => [
'driver' => env('DB_CONNECTION_SESSION'),
'host' => env('DB_HOST_SESSION'),
'port' => env('DB_PORT_SESSION'),
'database' => env('DB_DATABASE_SESSION'),
'username' => env('DB_USERNAME_SESSION'),
'password' => env('DB_PASSWORD_SESSION'),
],
Configure session.connection to the name for your session driver
config/session.php
<?php
use Illuminate\Support\Str;
return [
'driver' => env('SESSION_DRIVER', 'database'),
'connection' => env('SESSION_CONNECTION', 'sessions_database'),
Your question starts with "Laravel - How do..." which leads me to believe both of your applications are using Laravel. You said they are both on the same server and same domain so you could simply expand the default PHP Session cookie from the SLD (Second Level Domain) scope of yourdomain.com to be a cross subdomain cookie: *.yourdomain.com and then set the same application key and your applications will magically start using the and sharing the data. Just make sure that you did the right work in sharing the user database because Laravel default Auth will take the User ID column and log the user into the same ID.
Make sure the environment variables in the .env for both installations have the same identical settings:
#APP_KEY is used to encrypt the session data so must be the same
APP_KEY=base64:'YOUR KEY '
#SESSION_COOKIE must be the same, this is normally not set and defaults to APP_NAME+"_session' which is a problem if your apps have different names
SESSION_COOKIE=laravel_session
#The SESSION_DOMAIN defaults to null which causes the CORS scope to limit to the subdomain level, in my testing must start with leading dot.
SESSION_DOMAIN=.rootdomain.com
Using Codeigniter 3.0.6
Until now I have been using the standard setup for Codeigniter. I have a database and all connects just fine. The question that I'm having trouble with is that I want to add a 'global_accounts' database, from which, depending on the user currently logged in will choose the database to load.
Global_Accounts
--------------------------------------------------------
user | coolUser | user2
pass | coolPassword | passy
url | coolestsite.mysite.com | u2.mysite.com
database_name | coolestsite_application_db | u2_application_db
The application data/schema doesn't really matter as far as I'm concerned. What I want (and am going to set up, but outside of the scope for this question) is for when a user registers, they will fill out user, pass and url, and db_name will be automatically created. The script will then create a new database with that name, creating a blank copy of the application db for the user.
So for now, we're hard coding that, so we can assume that it's working perfectly.
What I want is inside Codeigniter's database.php file:
$db['default'] = array(
'dsn' => '',
'hostname' => 'mysite.com',
'username' => 'root',
'password' => 'pass',
'database' => 'coolsite_application_db'
...etc
);
Instead of hard coding this file, I want to be able to do something like this:
$db['global'] = array(
'dsn' => '',
'hostname' => 'mysite.com',
'username' => 'root',
'password' => 'pass',
'database' => 'global_accounts'
...
);
$db['default'] = array(
'dsn' => '',
'hostname' => 'mysite.com',
'username' => 'root',
'password' => 'pass',
'database' => $this->db['global']->get_db_name($loggedInUserId);
...etc
);
Hopefully that makes sense - I need to get the db name based on the logged in user. Obviously I need to build either a Model or just a function to grab it, but the question is where? Do I add a model, connect to the global db, and then load the model in the database config? Is there some other, easier, more productive way to do this, or is that it? Will the codeigniter core files be able to be called from inside the codeigniter config files?
Use 2 database connections. 1 for the global user accounts and 1 for the actual user database. Then create a helper function to grab the user databases. Just an idea.
I am in the process of migrating a cakephp 3.0 database from mysql to postgress. I used this tool for the database migration and it worked beautifully. After that I changed the config file as shown below.
'default' => [
'className' => 'Cake\Database\Connection',
'driver' => 'Cake\Database\Driver\Postgres',
'persistent' => false,
'host' => 'localhost',
'port' => '5432',
'username' => 'postgres',
'password' => 'mypass',
'database' => 'cake_bookmarks',
'encoding' => 'utf8',
'timezone' => 'UTC',
'cacheMetadata' => true,
'log' => false,
'quoteIdentifiers' => false,
//'init' => ['SET GLOBAL innodb_stats_on_metadata = 0'],
],
The root folder in localhost also shows "successfully connected to database". However when i run my application, it shows an error:
Cannot describe mytable. It has 0 columns. Cake\Database\Exception
I can't make sure if this is because of not connecting to the database (which i think is unlikely as the root page shows as connected) or cakephp being unable to use my database.
If so, how can I fix the issue. I am quite new to cakephp too, just confguring and doing basic stuff.
Try the following (test after each step):
Check if the table is present in the database
Check if the expected columns are defined into the table
Clear the Cake cache (if is FileCache is enough to delete files under tmp/cache/persistent tmp/cache/models and tmp/cache/views
Check the permissions of the specific user on the database cake_bookmarks (maybe via phppgadmin)
Hope to help!
The Situation
Currently, there are two separate cakePHP projects(apps) where implementation is done and running smoothly of course with different database.
Now, the requirement is to merge these two separate cakePHP apps into one with same database and to run on different domains.
The Problem
1)There exists two different login functions which should be one after merging.Like this there may be some other huge code should be written common.
So, please provide solution or direct me to right way how can one manage common code for multiple apps with different domain
e.g., https://www.sample-1.com/login
and https://www.sample-2.com/login
which is using same database to validate users.
2) How to distinguish routes?
3) How to manage such projects which will grow later?
For both domian you may call common database file and common app folder.
Then you can switch database depends upon request action
Try this
if (isset($_SERVER) && isset($_SERVER['SERVER_NAME'])) {
if (strpos($_SERVER['SERVER_NAME'], 'localhost') === false) {
$config = ConnectionManager::getDataSource('defaultCompany')->config;
}
}
inside database.php file
var $defaultCompany = array(
'driver' => 'mysql',
'persistent' => false,
'encoding' => 'utf8',
'host' => 'localhost',
'login' => '',
'password' => '',
'database' => '',
'prefix' => '',
'port' => '',
);
Or if you want common file in both domain. Create plugins outside app folder directory and put inside it.
I am trying to build and application using Laravel 5. It is supposed to be a multi tenant database architecture using multiple databases. My employer requires this for security purposes.
I have tried manually managing the main DB migrations and the Tenant migrations but failed. So I decided to take the help of a Laravel specific package which is supposedly what I require.
Tenanti provides a way to have my purpose solved but the problem is that me being a novice developer, am not able to fully understand how to use it in my application.
I have installed it correctly I believe doing:
composer require "orchestra/tenanti=~3.0"
Adding these providers and aliases in the config app file:
'providers' => [
// ...
Orchestra\Tenanti\TenantiServiceProvider::class,
Orchestra\Tenanti\CommandServiceProvider::class,
],
'aliases' => [
'Tenanti' => Orchestra\Support\Facades\Tenanti::class,
],
Finally publishing the config and tweaking it according to the documentation for multiple databases:
php artisan vendor:publish
return [
'drivers' => [
'user' => [
'model' => App\User::class,
'migration' => 'tenant_migrations',
'path' => database_path('tenanti/user'),
],
],
];
At this point I am still blurry what to do next?
My doubts are as follows:
Where will the migration files be generated and stored? I mean there are two kinds of databases in my application obviously. One set of files is for the main DB which will store all the tenant information and the other files will be for the tenant DB. So how and where will these be stored?
I see the word 'driver' a lot in the documentation but I am not sure what driver is exactly.
How will I handle the authentication for the application? I mean whenever a tenant logs in, I will have to make sure the connection to the database changes dynamically. How will I accomplish this?
I tried to go through the repository of the package itself and make sense of the code inside but in vain. I am not very good when it comes to design patters like facades, command bus, service provider and so on, which is why I am not able to understand the flow of the package or make sense of it.
I tried to run some of the artisan commands which come with the package like:
php artisan tenanti:install {driver}
php artisan tenanti:make {driver} {name}
But I am getting an error like so:
[InvalidArgumentException] Database connection
[tenants] is not available.
Where can I find the resources to understand how to proceed with this?
+1 to #morphatic answer, it quiet accurate on most of the stuff.
Migration
One set of files is for the main DB which will store all the tenant information and the other files will be for the tenant DB. So how and where will these be stored?
For your main database you should be able to use the default database/migration and utilize php artisan make:migration and php artisan migrate.
Tenanti however will use the migration path set under the "driver" configuration. e.g:
'path' => database_path('tenanti/user'),
In this case the migration will be created/migrated from database/tenanti/user (you can choose other folder and it will use that folder). Once you set this up you can create new migration file for the user tenant via php artisan tenanti:make user create_blogs_table (as an example) and run migration via php artisan tenanti:migrate user (see the similarity between Laravel migration command and Tenanti?).
Driver
Driver is just the grouping of a tenant, you maybe grouping it by users, companies, or team etc. And there is possibility that you may require more than one type of group per project, otherwise most of the time you only be using single "group" or "driver".
Authentication or Accessing DB
How will I handle the authentication for the application? I mean whenever a tenant logs in, I will have to make sure the connection to the database changes dynamically. How will I accomplish this?
First of all, you need to consider how you're planning to distinguish each tenant. Most of the time I would see people tend to opt for subdomain. So in this case you need to check if the subdomain belongs to any of the user (by querying the main database) using a middleware and then connect to the database that belongs to the user.
Tenanti doesn't manage that part of the process, because everyone has different style on that aspect, but we do provide a code to dynamically connect to your database tenant from a base database configuration.
Let say you have the following config:
<?php
return [
'fetch' => PDO::FETCH_CLASS,
'default' => 'primary',
'connections' => [
'primary' => [
//
],
'tenants' => [
'driver' => 'mysql',
'host' => 'dbhost', // for user with id=1
'username' => 'dbusername', // for user with id=1
'password' => 'dbpassword', // for user with id=1
'charset' => 'utf8',
'collation' => 'utf8_unicode_ci',
'prefix' => '',
'strict' => false,
],
],
],
'migrations' => 'migrations',
'redis' => [ ... ],
];
You can follow the step available in https://github.com/orchestral/tenanti#multi-database-connection-setup and add the following code.
<?php namespace App\Providers;
use Orchestra\Support\Facades\Tenanti;
class AppServiceProvider extends ServiceProvider
{
public function boot()
{
Tenanti::setupMultiDatabase('tenants', function (User $entity, array $template) {
$template['database'] = "tenant_{$entity->getKey()}";
return $template;
});
}
}
This would ensure that you be using tenant_1 database for user=1, tenant_2 database for user=2 and so on.
So how does Tenanti detect which user if active?
This is where you need to add logic in your middleware.
$user = App\User::whereSubdomain($request->route()->parameter('tenant'))->first();
Tenanti::driver('user')->asDefaultDatabase($user, 'tenants_{id}');
I've never used this package, but using the code you submitted above here's what I think is probably close to the right solution. You will probably still need to play with some of these values to get them correct:
Migration Paths
Since you're using the multi-database configuration, I believe you should be able to keep your migrations in the normal location, i.e. database/migrations. Tenanti will then create an exact replica of the database for each tenant in a different database. However, when you run php artisan tenanti:install user it might actually create a folder under database/ that indicates where you should put your migrations.
What is a "driver"?
The driver describes whether Tenanti will use a single or multiple databases, what models to use for determining different tenants, and where to store migrations. It is what you identified in the Tenanti config file you used above.
Database Connection Selection
You need to update config/database.php as follows. In a normal Laravel app, you would have the DB connection setup as follows:
<?php
return [
'fetch' => PDO::FETCH_CLASS,
'default' => env('DB_CONNECTION', 'mysql'),
'connections' => [
'sqlite' => [ ...DB connection info... ],
'mysql' => [ ...DB connection info... ],
'pgsql' => [ ...DB connection info... ],
'sqlsrv' => [ ...DB connection info... ],
],
'migrations' => 'migrations',
'redis' => [ ... ],
];
However, in the case of Tenanti multi-database setup, you need to add in different connection info for each tenant's database. To do this you would add a new level to your database.php config file (this example assumes you're using mysql, but you could use any DB, or even different database engines for different tenants):
<?php
return [
'fetch' => PDO::FETCH_CLASS,
'default' => env('DB_CONNECTION', 'mysql'),
'connections' => [
'tenants' => [
'user_1' => [
'driver' => 'mysql',
'host' => 'dbhost', // for user with id=1
'database' => 'dbname', // for user with id=1
'username' => 'dbusername', // for user with id=1
'password' => 'dbpassword', // for user with id=1
'charset' => 'utf8',
'collation' => 'utf8_unicode_ci',
'prefix' => '',
'strict' => false,
],
'user_2' => [
'driver' => 'mysql',
'host' => 'dbhost', // for user with id=2
'database' => 'dbname', // for user with id=2
'username' => 'dbusername', // for user with id=2
'password' => 'dbpassword', // for user with id=2
'charset' => 'utf8',
'collation' => 'utf8_unicode_ci',
'prefix' => '',
'strict' => false,
],
],
],
'migrations' => 'migrations',
'redis' => [ ... ],
];
As you can see, each tenant has its own database instance that can be located on a different host and have a different username/password. Tenanti needs to be told how to figure out which database to use. This is what the documentation on Database Connection Resolver describes. In their example, they've named their tenant databases using acme_{$user->id} whereas in my example above I used user_{$user->id}.
Like I said, I've never actually set this up myself, but these are my best guesses based on the docs, and having used other packages by this same developer. Hope this helps!