Gossamer Forum
Home : Products : DBMan : Customization :

Same old DB;different tasks

Quote Reply
Same old DB;different tasks
Hi,

I have my DB setup for a while now and I was considering allowing "admin" adding records for "PREDEFINED" userId's.

What I need to know is if at this stage I can expect those predefined userid's could
  • Only access their records.(sort of individual Inbox)
  • Search their only records
  • List all their only records
  • They will not Add/Delete/Modify their records
  • Use different passwords with the same Predefined userId


and those records will not be accessible to the default users.The registered users can only ADD records.

I've looked and followed a lots of threads re:similar but not the same scenario; my understanding is that I might need to use the relational database with some kind of added permission.Am I correct or is there a possibility that I can still use the same DB with maybe a second html.pl and Format.pl.(Super idea of LoisC) and tweaking a little the .cfg file; anyway just some guessing of mine.

Today again I checked LoisC's extraordinary FAQ;besides the record #170 on her database dealing with "admin adding records" I couldn't find a similar case per se.

I hope someone would adventure some thoughts on these questions;it'll be very much appreciated.

Cheers

macagy
Quote Reply
Re: [macagy] Same old DB;different tasks In reply to
This seems like pretty standard stuff for dbman.

Admin can set up usernames and passwords (use the secure password mod) and can then create the records. He can then notify users of their username and password by email. They can then access the db. If admin signs on as the user when creating the record, that record will then "belong" to the user, and the filters in config will allow him to view his own record.

If the db is set up to only allow the user to view records you should have what you want.

Users can also login and modify the password.
-------------
David Olley
Anglo & Foreign International Limited,
http://www.firehelmets.co.uk

There are 10 types of people in the world: those who understand binary, and those who don't.
Quote Reply
Re: [davidolley] Same old DB;different tasks In reply to
Thank you David for your prompt response;I'll look into the password mod but for:


If the db is set up to only allow the user to view records you should have what you want.


That is my problem in here, so far default user can view all records, registered/logon users can VIEW/ADD.

Can DBman in its actual structure prevent those 2 types of users from seeing the records of the PREDEFINED userID's.

In other words segregate the View All of records of the PREDEFINED userID's from the rest.

I don't know if /how this can be done.

Thanks for any help

macagy
Quote Reply
Re: [macagy] Same old DB;different tasks In reply to
Ah. I see what you are after.

How about setting user ids in a particular format - eg prefix each with a unique identifier string: ( SPEC_john1, SPEC_sally2, SPEC_joe1, etc). Then, using a filter in the html.pl file, print only those records where the username starts with the unique string (SPEC_, in that example).

I am not sure (without testing it, or looking back over the code) whether that will work.

Or maybe you could create a hidden field for the Predefined users (you would have to add this yourself, as admin - say "$rec{'Predef'}" ) then using that as the filter in sub_html_record as:

if ($rec{'Predef'}) {
print qq|

html and fields etc.

|;

Perhaps the brains will tell us Smile.

Does any of that make sense?
-------------
David Olley
Anglo & Foreign International Limited,
http://www.firehelmets.co.uk

There are 10 types of people in the world: those who understand binary, and those who don't.
Quote Reply
Re: [davidolley] Same old DB;different tasks In reply to
Hi David,

Great idea! it looks like this is what I'm looking and hoping for:using If per admin; type of solution. So basically I'd create a field on my .cfg file and apply the "if" statement in my html_record.

But I'm still unsure about the permissions; don't you think I would need to alter a bit the perm section and accommodate the different priviledges? The "if" statement by itself would do the trick?

Thank you so much for what you've tried so far.

Cheers

macagy