Hi Vlad,
Concerning question 1.
I use the setSecurityFilter method to prevent nonAdminUsers to see all records of my table users. Maybe that will help you too.
I have this function in the ApplicationDelegate class of my table users i.e. ../tables/users/users.php
function init(&$users){
$auth =& Dataface_AuthenticationTool::getInstance();
$user =& $auth->getLoggedInUser(); //get the current logged in user
if ( !$user ) return Dataface_PermissionsTool::NO_ACCESS(); //if no user is logged in this will force the login-prompt
$role = $user->val('Role'); //get the Role of the current logged in user
switch ($role){
case 'ADMIN':
return Dataface_PermissionsTool::ALL(); //if the user is ADMIN he can see all the records
default:
$users->setSecurityFilter(array('gruppe'=>$user->val('gruppe'))); //the user can only see records of his own group
}
}
Cause I want the members of my usergroup (gruppe) to see only their records of table users I have a field gruppe in this table.
You can also use every other field like UserName or something else for that and you have to have the field Role in users table where the roles are defined.
I took the users table from steves example
CREATE TABLE `users` (
`UserID` INT( 11 ) NOT NULL AUTO_INCREMENT ,
`UserName` VARCHAR( 32 ) NOT NULL ,
`Password` VARCHAR( 32 ) NOT NULL ,
`Role` ENUM('READ ONLY','NO ACCESS','ADMIN') DEFAULT 'READ ONLY',
PRIMARY KEY ( `UserID` ) ,
UNIQUE (`UserName`)
)
and just added a field gruppe VARCHAR ( 10 ) NOT NULL,
Maybe this helps
If not, have a look at this thread
http://framework.weblite.ca/forum/dataface-users/755042441/#696282782Markus
