I need a little help getting started with a fairly complex user management system. Attached is the database schema I came up with.
User-Group-Permissions include:
View: Can view airstrips from "Group"
+ Download: Can download PDF files from "Group" airstrips
Create: View + Can create airstrips for "Group"
Can only update airstrips "User" creates
Edit: Create + Can update all airstrips from "Group"
+ Approval: Can approve airstrips for "Group"
Group Admin: Edit + Approval + Can CRUD "Users" to "Group", can change "User" permissions, can manage airstrip permissions
Airstrip-Group-Permissions include:
View: "Group" can view airstrip
Edit: "Group" can edit/update airstrip information
An example of how this works is this:
User A:
[indent]public (group) - view (permission)[/indent]
User B:
[indent]public - edit
Group 2 - admin[/indent]
User C:
[indent]public - view
Group 1 - Edit
Group 2 - view[/indent]
Airstrip ABC:
[indent]public - edit[/indent]
Airstrip WXY:
[indent]Group 1 - view
Group 2 - edit[/indent]
Airstrip XYZ:
[indent]Group 1 - edit[/indent]
User A can only view Airstrip ABC and can not view (or even list) Airstrips WXY or XYZ.
User B can edit Airstrip ABC, has admin authority over Airstrip WXY, but can not view (or list) XYZ.
User C can view Airstrips ABC, WXY, & XYZ. But can only edit XYZ.
I have looked at Yii User Management Module, grbac Extension, and srbac Extension. But, I don’t quite understand how to integrate them into what I am trying to do. (It could be that I’m trying to do this the extremely hard way.)
Is there an easier way to be able to have this type of control over content? I’m open to any suggestions (well, any reasonable suggestions).
BTW: The rest of this project is done thanks to all the great information here in this forum and in the documentation. I just have to implement the user-group-permissions before I can go live!