How to filter sql by User login.
i use yii-user (http://www.yiiframework.com/extension/yii-user/) for Authen.
i want to filter user for query data.
Admin can see All data.
user can see owner data.
guest can see data row it allow by admin.
sorry the eng language of me is bad.
thank you.(ขอบคุณครับ)
When building your query, you will have to consider which user is accessing. In my app, I store the role of the user along with the user itself at login time, so it’s always accessible (I don’t use the default roles ‘Guest’, ‘Admin’, ‘Authenticate’). The code will depend on the API you use to build your query.
For example:
(...)
$sessionUser = Yii::app()->user;
$where = '';
if( $sessionUser->role == 'Guest' )
$where = 'field = filter1';
else if( $sessionUser->role == 'Whatever' )
$where = 'field = filter2';
// For the sake of security
else if( $sessionUser != 'Admin' )
throw new Exception( 'Access forbidden' );
// Now you apply the where clause
where do you add this code? is it possible to do it globally?
I don’t see where this solution filter user data.
I have several "companies" in my webapp, and I need to filter userA to company1 and company2, userB to company1 and company3 and so on.
I’d like to understand the proper way to do so. In a previous solution I used to filter EACH query, which is as you can imagine pretty time consuming and fail prone.
So if at login time I could filter some tables of my database with only the rows the user can see would be the best. Something like creating temporary tables or temporary views.
Use defaultScope() in a model, or create a behavior to attach to a model that will do the same thing.
Search my recent posts for more information.
that’s really what I needed! thanks!