Still don't get it.

This topic is locked

Still don't get it.	1/14/2014 11:02:47 PM
PHPRunner General questions
S SkyForum author I'm having trouble setting this up. I did manage to get the many to many relationship setup but still cannot grasp what the groupID field in the property table would do. Also, you said I need to set this up as user can only see their own data. Which table do I apply that too? The User Table, The propertyrole table or the property table? Once that is done, how does it interact with the 'groupid' I created in the property table? Maybe it should be called propertyroleID instead of groupID? How does this entire setup restrict access to each record? Nothing explains how it works, just how to set up pieces here and there. I cannot connect the dots between the security and the many to many relationship. Also, I am getting this error. I am using mysql and I can't find the error it describes I know you're going to ask for it so here it is: unset($values["Phone"]); $sql = "select * from propertyrole where UserID=".$values["UserID"]. " and PropertyID=".$_SESSION["propertyrole_masterkey1"]; $rs = CustomQuery($sql); if ($data = db_fetch_array($rs)) { $message="This user is already assigned to this property"; return false; } return true;

Mark as Solved Mark as not solved

11 replies


	Sergey Kornilov admin 1/14/2014
	I'm not really sure how row level security and the issue you having are related. Row level security doesn't require any custom code. It's not related to many-to-many relationships either. This is a simple association between one of fields in the data table and in the login table. If field values match current user can see and edit record. Again, no coding is required. Here are links that you can check: http://xlinesoft.com/phprunner/docs/advanced_security_settings.htm http://xlinesoft.com/articles/alumni.htm http://www.xlinesoft.com/tutorials/security.htm


S	SkyForum author 1/15/2014
	I'm not really sure how row level security and the issue you having are related. Row level security doesn't require any custom code. It's not related to many-to-many relationships either. This is a simple association between one of fields in the data table and in the login table. If field values match current user can see and edit record. Again, no coding is required. Here are links that you can check: http://xlinesoft.com...ty_settings.htm http://xlinesoft.com...cles/alumni.htm http://www.xlinesoft...ls/security.htm What is the sql error and how do I fix that? Might be a clue....


S	SkyForum author 1/15/2014
	I have setup dynamic permissions. I can see where I can restrict users to what they can do in a specific table (add, edti, delete, etc) but your program does not allow me to restrict users to specific rows within that table and I don't understand why. If it did, I could then just create a group for each property in the property table as I added them and assign the user to that group, problem solved. Instead, I have to create a many to many relationship outside of the security part of your application to perform this task. This is where I am getting lost. I can get it to work but I keep getting the error above. How come you did not add this functionality right into the security section? Seems like a logical course of action to me. What is the sql error and how do I fix that? Might be a clue....


	Sergey Kornilov admin 1/15/2014
	According to the error message it breaks executing the following SQL query: `select * from propertyrole where UserID= and PropertyID=1` As you can see UserID field value is not specified. You need to amend your code to build a valid SQL query.


S	SkyForum author 1/15/2014
	According to the error message it breaks executing the following SQL query: `select * from propertyrole where UserID= and PropertyID=1` As you can see UserID field value is not specified. You need to amend your code to build a valid SQL query. I followed the instructions explicitly. I do not know how to 'amend' the code. That's why I bought a product where I wasn't supposed to have to 'code'....


	Sergey Kornilov admin 1/15/2014
	If you need to implement something that PHPRunner doesn't support out of the box you do need to write the code. However, as I mentioned as few posts ago, for such a simple task as row level security you do not need to write any code. That being said I'm completely lost trying to understand what you trying to achieve.


S	SkyForum author 1/15/2014
	If you need to implement something that PHPRunner doesn't support out of the box you do need to write the code. However, as I mentioned as few posts ago, for such a simple task as row level security you do not need to write any code. That being said I'm completely lost trying to understand what you trying to achieve. I don't mean to sound aggressive. That's not my intent. I just want to finish this puny little project of mine and get it online. I have created a managers group and then created the necessary permissions as to what tables they have access to, works fine. I then created the many to many relationship following all the information available in the manual as well as watching your video at least a dozen times. Step by step I set it up. I even started from scratch by unlocking all my edited pages, then rebuilding the entire ap, then reapplying all the changes. I am getting this userid error and I don't know why. When I set up the many to many table, in your instructions, it says to create a one to many relationship between the office and the office_employee table. It does not however, tell me to create a relationship between the employee and the office_employee table. I thought this was weird but did not want to step outside your instructions. Could this be my issue?


	Sergey Kornilov admin 1/16/2014
	There is something wrong here. Why do you think many-to-many relationships can help you here? I never said you need that.


S	SkyForum author 1/16/2014
	There is something wrong here. Why do you think many-to-many relationships can help you here? I never said you need that. I give up. I've explained it so many times I've grown tired of doing it. It is EXACTLY like the many to many relationship you outline in your tutorials. There are 100 properties in the property table. Jane works for property management company. They have 5 properties they manage. I want Jane to have access ONLY to those 5 properties. Bob also works for property management. I also want bob to have access to the same 5 propertiesbut none of the other properties in the property table. Hence, the property can have multiple users assigned to it and the user can be assigned to multiple properties. -- the classic example of a many to many relationship. As far as I can see, your system does not allow me to do this.If it does, I can't find any real information that explains how to do it.


	Sergey Kornilov admin 1/16/2014
	It's very, very simple. I have explained it many times but you won't listen. You need to have CompanyID field in Properties table. It will be populated with ID of the company that owns/manages those properties. It's logical for this CompanyID to be a primary key value from Companies table. Users/Login table should also have CompanyID field populated with ID of the company they belong to. When you setup advanced security choose CompanyID in both tables. What can be easier?


S	SkyForum author 1/16/2014
	It's very, very simple. I have explained it many times but you won't listen. You need to have CompanyID field in Properties table. It will be populated with ID of the company that owns/manages those properties. It's logical for this CompanyID to be a primary key value from Companies table. Users/Login table should also have CompanyID field populated with ID of the company they belong to. When you setup advanced security choose CompanyID in both tables. What can be easier? Why do you keep using names that have nothing to do with my application? It's confusing. I have a property table and a user table. I am not assigning any companies to the properties nor do I have a company table. It's like you are trying to teach me the theory behind it and it's confusing me. Now, using your example, and please correct me if I am wrong. I have three tables. A User table, A property table and a propertyrole table (could be defined as the Property_User table and this table actually facilitates a many to many relationship, right?) I need to create a propertyroleID field in the user table, then I need to create a propertyroleID field in the property table, then I need to assign the propertyroleID in advanced security for the users and the property table, correct? One last question, I need to set both of those tables in advanced security where the user can only see their own data, correct?

11 replies

Mark as Solved Reply