Grant access to 3rd party for a single record

A place for users and developers of the Xataface to discuss and receive support.

Grant access to 3rd party for a single record

Postby tomhousley » Mon Mar 08, 2010 6:37 am

Hello,

I have a table with details of my prospects and customers.

I would like to be able to generate a link when I add or update a customer to my database which is sent by email to the customer so they can edit, but not delete their details.

I will use afterupdate or similar function in my tbl_organisations table delegate class, where $message contains a link:

Code: Select all
function afterUpdate(&$record){
//gets current logged in user//
$auth =& Dataface_AuthenticationTool::getInstance();
$user =& $auth->getLoggedInUser();

mail($to, $subject, $message, $headers);
}


Is there a way to automatically grant access to a specific record by means of a randomly generated username & password, so they will receive a link by email inviting them to update their details?

Hope the question is clear.

Many thanks, Tom
tomhousley
 
Posts: 52
Joined: Thu Feb 26, 2009 1:02 am
Location: United Kingdom

Re: Grant access to 3rd party for a single record

Postby shannah » Tue Mar 09, 2010 8:54 am

Here are a couple of strategies.

1. Store a 'secret code' with the record and pass this secret code to the user as part of the link. In the beforeHandleRequest method you check for this secret code and store it in the session variables. In getPermissions for the record you check for this secret code and grant access accordingly.

2. Store actual username/password in the users table, and store the username in the record, then compare against this in your getPermissions() method (and of course send the username/password to the user).

-Steve
shannah
 
Posts: 4457
Joined: Wed Dec 31, 1969 5:00 pm


Return to Xataface Users

Who is online

Users browsing this forum: No registered users and 30 guests

cron
Powered by Dataface
© 2005-2007 Steve Hannah All rights reserved