PHP Runner has the possibility to implement row based access for users. For instance, a user-id can be linked to a user-id in a salesorder table, in order to restrict the user to his own data only.
This can also be done with a department-id. When the user table contains a column 'department-id', which is also present in the salesorder table, then the user can be authorized for all records of his department.
Now I want to have the option to "let the user see and edit 'some but not all' of the data". (It would be even better to have the option "let the user see 'some but not all' of the data, and only edit his own data", but I forget about that for now.)
This is the case (an EXAMPLE):
I have departments 10, 20, 30, 40, 50, 60.
With the standard authorization option, I can only give the user access to one or all of the departments salesorders.
But how do I provide access to departments 20, 30, 40 to one user, and not to the other departments? I tried this by defining a n:m table, linking users to one or more departments, and then creating a join from this table to the salesorder table. And more views for other transaction tables. I think this is cumbersome, and maybe there is a way to do this within PHP Runner more elegantly.