I’m looking for the best way to add an authorization routine to dbman.
Here goes,
(The Specs)
I have a relational database set up with dbman.
1 Users database (Listing all users and access levels)
1 Items_description database (Listing all the items available)
1 Owned_items database (A database linking users and the items they own. )
Key field to Users db: user_id
Key field to Item_descriptions db:item_id
I have a number of registered users with items.
When a new user (UserA) registers and logs in, I need it so that they cannot see another user’s (UserB’s) items until they are authorized to do so by UserB.
When users logs in, the welcome screen will include the authorization requests made to them.
Any User can search the user file and request authorization to see a person’s items in the database.
I guess it’s sort of like the authorization process in ICQ.
I’ve come up with a possible way that this could be handled:
Have an authorization database with user_id and a list of user_ids they have been authorized by.
Therefore when a search happens, a condition is checked whether UserB is listed in the authorization record of UserA. Thereby determining if the record should be displayed.
I don’t know if this is the best way to handle this.
If anyone can help me out, it would be greatly appreciated.
Here goes,
(The Specs)
I have a relational database set up with dbman.
1 Users database (Listing all users and access levels)
1 Items_description database (Listing all the items available)
1 Owned_items database (A database linking users and the items they own. )
Key field to Users db: user_id
Key field to Item_descriptions db:item_id
I have a number of registered users with items.
When a new user (UserA) registers and logs in, I need it so that they cannot see another user’s (UserB’s) items until they are authorized to do so by UserB.
When users logs in, the welcome screen will include the authorization requests made to them.
Any User can search the user file and request authorization to see a person’s items in the database.
I guess it’s sort of like the authorization process in ICQ.
I’ve come up with a possible way that this could be handled:
Have an authorization database with user_id and a list of user_ids they have been authorized by.
Therefore when a search happens, a condition is checked whether UserB is listed in the authorization record of UserA. Thereby determining if the record should be displayed.
I don’t know if this is the best way to handle this.
If anyone can help me out, it would be greatly appreciated.