JimmyCrackedCorn
Posts: 583
|
| Posted: 05/19/2010, 1:14 AM |
|
I have a new CCS site and I need some advice on how to set up the admin. The site has two types of admins, regular and super. So I set up two security groups and then set each page to allow/disallow based on the type of admin. So far, so good.
But I need to take this a bit further and restrict the regular admins from viewing/adding/editing/deleting records belonging to a certain group.
Let's see if I can state this in terms of a common situation.
Let's say I'm selling two types of cars, hybrid and sport. I have three sales people. One can sell everything (super admin) but the second can only sell hybrid cars (regular admin) and the third person can only sell sports cars (regular admin).
I need a way to allow #2 and #3 to access the cars page but when they do I need to hide certain cars and disallow any updating of those depending on whether #2 or #3 is accessing the page.
And actually it gets much more complex because the super admin can add/remove types of cars at any time and now there could be 50 different types of cars and I need to be able to assign #2 and #3 a variety of cars they can sell. Sometimes they will both be allowed to sell the same cars and sometimes not.
I came up with a way to do this but it is pretty messy involving saving a profile string and intercepting pretty much all CCS actions on the page. Is there an easier way?
_________________
Walter Kempees...you are dearly missed. |
 |
 |
jjrjr1
Posts: 942
|
| Posted: 05/19/2010, 6:21 AM |
|
Have you decided if the restiction is set at the car table or the saleman table??
I sounds like the selection is not necessarily based on the car type.
Have you considered multi list check boxes for the autorization on the cars.
IE: have a multi list box or check box whose table would be your users table. The text colomn be the users name the bound colomn be the userID.
Then your SQL for selecting records would be simply IN $Delimiter.CCGetSession("UserID","").$Delimiter;
_________________
John Real - More CodeCharge Studio Support at - http://CCSElite.com |
|
|
|
JimmyCrackedCorn
Posts: 583
|
| Posted: 05/19/2010, 4:51 PM |
|
the restriction is always set for the salesman.
so if I add a new type of car I can add permission to manage this type to each salesman individually.
_________________
Walter Kempees...you are dearly missed. |
|
|
|
Vasiliy
Posts: 378
|
| Posted: 05/20/2010, 4:06 AM |
|
I use a role-based security. The concept I brought from my windows applications. CCS does not have it, you have to build it yourself, but when you build it, it's pretty simple, flexible and powerful.
Create as many Access Rights as you need in your app (table in DB).
Create Roles (Groups of Access Rights)
Create UserRoles (Groups of Access Rights assigned to Users)
Assign Access Rights to different parts of your application.
For example if you want to set permission on form update, just control form hide/show on based on user's permission to this access right (check if active user has role that encapsulates required AccessRight).
Sounds complex, but the idea is very simple.
_________________
Vasiliy |
|
|
|
datadoit
|
| Posted: 05/20/2010, 6:25 AM |
|
Agreed. Download and install SugarCRM - a great sample base to work from.
|
|
|
|
