Radicore Forum
Fast Uncompromising Discussions. FUDforum will get your users talking.

Home » RADICORE development » Menu and Security » Control visibility of records
Control visibility of records [message #559] Tue, 23 January 2007 15:43 Go to next message
stephenboey is currently offline  stephenboey
Messages: 54
Registered: January 2007
Member
Hi Tony,

The examples presented thus far are security for task (ie. screens, menu)

Is it possible to control visibility of records based on say company hierachy or user hierachy or a mixture of both?


Re: Control visibility of records [message #560 is a reply to message #559] Tue, 23 January 2007 19:55 Go to previous messageGo to next message
AJM is currently offline  AJM
Messages: 2368
Registered: April 2006
Location: Surrey, UK
Senior Member
No. You will need to modify each database table to include a field which identifies who can access that record, then have some mechanism to compare this field with the user_id (or user group or whatever) to find out if a particular user can access a particular record. Or if a user can view a record but not update or delete it.

Each case is quite unique, with different requirements, so it would be quite difficult to have something built into the framework to do it automatically. There are just too many possible variations.


Re: Control visibility of records [message #583 is a reply to message #560] Thu, 01 February 2007 19:27 Go to previous messageGo to next message
stephenboey is currently offline  stephenboey
Messages: 54
Registered: January 2007
Member
I've looked through your code to try and see how I can "compare this field with the user_id"

I am thinking of storing the logon details in a global.

Correct me if I am wrong..? seems like I have to code most of the filter conditions in those transaction pattern files that ends with .inc in the "include" directory. Shocked

In order to minimize changes, is it possible if I prefix the "where" conditions for that user id in dml.mysql.class.inc..... in which function?

I am just afraid that I might break something in the process if I make too many changes ya. Shall appreciate any helpful suggestions.
Re: Control visibility of records [message #584 is a reply to message #583] Fri, 02 February 2007 04:24 Go to previous messageGo to next message
AJM is currently offline  AJM
Messages: 2368
Registered: April 2006
Location: Surrey, UK
Senior Member
The identity of the current user is already stored in a global variable - take a look at http://www.tonymarston.net/php-mysql/functions-and-variables .html#session.logon_user_id

I would advise against modifying any of the standard files in the framework as they are used by every component within the application, and you could introduce no end of problems. This would make debugging more difficult, and cause you problems whenever a new version of the framework is released

This is custom code, and the correct place for custom code is inside a custom method within the relevant database table class. If you wish to modify the WHERE clause before a SELECT, such as by adding "user_id='$GLOBALS['logon_user_id']'", then you can do so in the _cm_preGetData() method (take a look at http://www.tonymarston.net/php-mysql/functions-and-variables .html#notes._cm_pre_getdata)


Re: Control visibility of records [message #1936 is a reply to message #584] Thu, 15 January 2009 11:20 Go to previous message
AJM is currently offline  AJM
Messages: 2368
Registered: April 2006
Location: Surrey, UK
Senior Member
It is possible to implement virtual private databases where each user is assigned to an account and each record on a table is also assigned to an account. In this way a user can only see that data which belongs to his/her account.

Previous Topic: Setting up a limited user
Next Topic: Jump Control
Goto Forum:
  


Current Time: Sun Nov 24 05:14:16 EST 2024

Total time taken to generate the page: 0.03243 seconds