Security Filter Based on Many-to-Many Relationship

A place for users and developers of the Xataface to discuss and receive support.

Security Filter Based on Many-to-Many Relationship

Postby ADobkin » Fri Oct 29, 2010 6:01 am

I would like to create a security filter such that each user in my application only has access to certain records, and each record can be managed by multiple users. Let's use courses as an example.

I started by creating a join table on courses and users, and I set up a relationship in the users table to select the courses with a checkbox widget type. This part works well so far. I suppose I could also set up the reverse relationship in the courses table to select the users with a similar checkbox widget, but I haven't done that yet.

I was planning to use the secSecurityFilter function in the getPermissions method, but I'm not sure how to do this with a many-to-many relationship. Which table should I load, the join table, or the courses table, or both? Should it be done in the ApplicationDelegate.php file or in the specific table delegate classes?

Lastly, I would like this security filter to apply to other related tables in the action. For example, if courses and programs are related and the user selects a course which they have access to, they should only be able to access those related programs as well. They should not be able to go to the programs table directly and see other unauthorized programs.

Is this all possible? Any advice is greatly appreciated!
ADobkin
 
Posts: 195
Joined: Mon Oct 22, 2007 7:31 pm
Location: Atlanta, GA, USA

Return to Xataface Users

Who is online

Users browsing this forum: No registered users and 23 guests

cron
Powered by Dataface
© 2005-2007 Steve Hannah All rights reserved