I need a help. I have three tables (admin, teacher, student) and I want to log in them from one login form. And I need also distinguish them as roles that for example student can't go to some page as teacher.
I created three radio buttons for every table in login form.
Like * admin * teacher * student.
With using this:
<?= $form->field($model, 'role')->inline()->radioList(array(1 => 'admin',2 => 'teacher',3 =>'student'))->label('You are: '); ?>
How can I make to find and log in the user when the user put there username and pass word and click on one from the radio buttons who he is? I generated three models for each table with using gii. So what and where I must write to make it work? Thank you for help!
If you have table/model per each role and you want to login from the same form, then on your login form except of usual username and password fields, you'll also need a role field (some radio button where user will have to specify what role they are). Otherwise, you won't know which table to query for username/password. Of course you can query all of them step by step, but what if there are teacher or student with the same username? Username has to be something unique, if you have one login form and it is not possible to achieve in case you have 3 tables for every type of user.
Another option would be to use one User table/model for all roles by simply adding extra column role. I think there's role column inside user table out of the box if you use Yii2 Advanced Template. Probably this is where you can start from.
As for permission to access specific pages per role. What you need is ACL (Access Control filter in Yii2).
I found few existing articles on how to achieve what you need.
http://yii2-user.dmeroff.ru/docs/custom-access-control - this is
simple example
http://code.tutsplus.com/tutorials/how-to-program-with-yii2-user-access-controls--cms-23173 - this is a bit more advanced
Hope that helps.
Related
Is it possible to create a user and set roles in sequelize like the code bellow or somehow without creating the user first and then setting the roles?
User.create({name: ’test’, password:’test’, roles:[1,2] })
Given the role ids 1,2
You can only create roles along with a user using one call. To assign existing roles to a user you need two calls:
to create a user
assign roles to the created user (calling a special method of the created user).
Anyway even if such a possibility exists technically it turns into two SQL queries. Don't forget to indicate the same transaction in both calls (1 and 2).
Is it possible to restrict access to records that are owned by a user by filtering out recors with a certain criteria?
For example, I have Contacts set to private and I want to hide certain contact records that have a specific field value (criteria based sharing rule). This works fine for other sales users that don't own the record, but I need to remove visibility to these records from the actual owner of the record. Is that possible or a way to accomplish that?
Thanks for any help.
You could change the owner of the Contact record to a placeholder user. Then the same mechanism the prevents other users from seeing the Contact will hide the record as well.
If required, you could also create a lookup field to track the relationship to the user who can no longer access the record.
Separately, there is a dedicated salesforce.stackexchange.com site for asking Salesforce related questions.
I have Owner, admin and user roles.
There's only one owner and that's me.
How can I deny admins from editing or deleting me?
Owner has id 1 so if I'm going to check in isAuthorized() if the admin is not the owner I do this: $user['id'] != 1.
Now how I'm going to check if the user being edited or deleted is the owner. I know how to get the user id with this: $this->request->params['pass'][0] but not the user role.
I don't think I'd have "owner" as a Role. It's much easier to allow someone to be a normal Role-type, then keep an owner_id field in the items table.
That way, you can leave Roles deal with the higher-level authorization, and in the individual items action/method, you can check for ownership (often done with a custom isOwner() function to keep your code DRY).
In your PostsController->edit($id) function as an example, you can do a find() on the Post, then compare it's owner_id against $this->Auth->user('id') to make sure they can only edit if they're the owner.
If you want to retrieve Role and keep it available, you can do so in the AppController's beforeFilter with a normal find on the roles table based on the role_id field of the Auth->user.
I want to create a multi-select Contact Lookup.
What i want :
When user clicks on a lookup then he should be able to select multiple contacts from that.
What i have done:
I have created an object and a field inside that object using both
"Lookup" and
"MasterDetail Relationship" and
"Junction Object"
When i try to use this Field for any input text/Field then it always provides an option to select only one value from lookup but i want to have an option to select multiple.
Even in the Junction object i have created 2 master-detail relationships still lookup allows only one value to be selected.Moreover it makes the field mandatory which i don't want.
Links that i followed:
http://success.salesforce.com/questionDetail?qId=a1X30000000Hl5dEAC
https://ap1.salesforce.com/help/doc/user_ed.jsp?loc=help§ion=help&hash=topic-title&target=relationships_manytomany.htm
Can anybody suggest me how to do this.
Its same as we use Email CC/BCC under Send Email option for any Lead.
Even you use a junction object a lookup is just that, it references (looks up to) one other record: when you create a record on the junction object you still have to set each lookup individually and you're still creating only one record.
Master Detail relationships are essentially lookups on steroids, one object becomes the child of the other and will be deleted if the parent object is deleted, they're not going to provide an interface to lookup to many records at once.
If you're not a developer then your best bet is to either just create on junction object record at a time, or look into using dataloader. You could prepare your data in Excel or similar and then upload all the records into Salesforce in one go.
If you are a developer, or have developers at your disposal, then what we've done in the past is create a Visualforce page to do the job. So if, for example, you wanted to link a bunch of contacts up to an Account, we'd have a single account lookup field on the page, then some search fields relating to fields on the contact. Using a SOQL query you can then find all contacts matching the search parameters and display them in a list, where you may want to provide checkboxes to allow the user to select the contacts they want. Then it's just a case of looping through the selected contacts, setting their Account field to be the chosen account.
There are areas in Salesforce (such as the send Email functionality you mentioned) where it's clear to see that bespoke work has been done to fulfil a specific task — another instance of what you want is in the area where you can manage campaign members. This is the model I've copied in the past when implementing a Visualforce page as described.
Good luck!
For adding multiple junction objects at one time, the only solution we have found is a custom Visualforce page, as described by LaceySnr.
For a slightly different problem, where we need to assign many of object B to object A, We have trained our users to do this with a view on object B. We are assigning Billing Accounts (B) to Payment Offices (A). The view on Billing Account has check boxes on the left side. The user checks the Billing Accounts to be assigned, then double-clicks on the Payment Office field on any of the checked rows. A pop-up asks if you want to update only the single row or all checked rows. By selecting 'all checked rows', the update is done to all of them.
The view is created by the user, who enters the selection criteria (name, address, state, etc.). All user-created views are visible only to them.
I'm building a small project with database. I have a user table which has two columns, user_id and name, The second table stores the id and name of some documents: it also has two columns doc_id and doc_name. I want to grant access of specific user to specific (multiple) docs.
For example:
user1 can access doc_2 and doc_3 Only.
user2 can access doc_1 and doc_2 Only and so on.
Users and forms keep changing (eg. after some time i need to add a new doc, and add access to existing or new user to that new doc).
Do i need to change database design? (for example add a column in docs to store name of each user who can access it? ) If this is so, can you tell me what changes i should do?
OR
Is it possible to do by creating views? In this case, do i still need to change the database design? If this is the case, can you tell me an example view please? In this case, will i need to create view for each user? For example if there are 100 users, i will need to create 100 views?
You need a third table (I'll call it user_doc). You need 2 main columns; user_id and doc_id.
You then insert one row for each document and user combo that has access permissions.
If their user_id doesn't appear in the user_doc table with the relvelant doc_id, they don't have permission.
A sample query to get a list of all docs a specific user has access to:
SELECT doc_id FROM user_doc WHERE user_id = #UserId
or to find all users with access to a specific doc:
SELECT user_id FROM user_doc WHERE doc_id = #DocId
You need to have a PERMISSIONS table with relationship between Users & Documents. The columns could be PERMISSIONS_ID,USER_ID (Refer User), DOC_ID (Refer Document). Every time access has to be given to a user for a document this table needs to be populated.