Hide ROWS from users

A place for users and developers of the Xataface to discuss and receive support.

Hide ROWS from users

Postby chrish » Sat Aug 08, 2009 12:21 pm

Hello,

Newbie question (and thanks for building such a nice framework)

I started with a database belonging to an unsupported program for our school library.

I managed to get it connected to our LDAP server for authentication of the users. I defined 4 ADMIN users in the Xataface users table and when these users login they can edit the database, when all other users login (students or teachers) they can only read the data about which book is in the library or in which classroom.

So far so good...

This library is also used to keep track of not only books but also cd, DVD and other media, including the equipment (TV, DVD-players, radio, PC) that exists in a given classroom.

The library interface is a good tool to keep track of the equipment that's sometimes moved to other classrooms. From a security side, it's a bad idea to display this information on the internet, only visible for students and teachers and those who know their password. (only registered users can access the library), but students sometimes share their account with others...

So what I want to do is this:

When one of the administrators logs in, they should see all information in the DB as it is now.

When others log in (they get the role READ_ONLY by conf/ApplicationDelegate.php) they should see all information about available books and other media, except when the medium_id =9 (equipment) in the books_media table. The rows with this value should be filtered out for all users, except the admins.

Instead of showing all items in the database, READ_ONLY users should only see this selection: "SELECT * FROM `books` WHERE `media` != '9';"

I have been thinking of moving all these items into a new table and make this one only available to the administrators of the library. I'm afraid that this would solve the security issue but the Librarians (=ADMIN) would lose the overview of all media (including equipment) in a specific classroom.

Can anyone help me with implementing this?
chrish
 
Posts: 1
Joined: Sat Aug 08, 2009 11:33 am

Return to Xataface Users

Who is online

Users browsing this forum: No registered users and 24 guests

cron
Powered by Dataface
© 2005-2007 Steve Hannah All rights reserved