2. PHPRunner General questions
  3. Tips and or suggestion on display
This topic is locked

Tips and or suggestion on display

 		2/16/2016 11:09:49 AM
PHPRunner General questions
greggk author

Hello,

I have a fully functioning project that displays inventory products and their associated vendors, etc.

Now the client has asked me if it's possible to display only certain products to users based on the vendors.

Now, I've done this before with the sessionID, and assigning a user to a vendor, will only display the vendors products.

In this case however a particular user/sales person would and should have access to more than one vendors. At first I thought maybe adding check boxes to add the different vendors to the users however this may get to be too long, because there could be 40 vendors for example.

Anyone have any ideas and or suggestions on how I would go about doing something like this?

Thanks
Sergey Kornilov admin 2/16/2016

Sure, this is possible. We call this functionality record-level security. You will need to add a new cross-reference table that would hold the relationship between users and vendors and for each user you can define which vendor products will be available.
See tutorial at http://www.asprunner.com/forums/topic/23195-how-to-implement-record-level-security/
greggk author 2/17/2016



Sure, this is possible. We call this functionality record-level security. You will need to add a new cross-reference table that would hold the relationship between users and vendors and for each user you can define which vendor products will be available.
See tutorial at http://www.asprunner.com/forums/topic/23195-how-to-implement-record-level-security/


Thank you, that's exactly what I need, however when I tested it I get the following error:

Error type 256

Error description Unknown column 'ID' in 'IN/ALL/ANY subquery'

SQL query select count(*) FROM NewPurch where ((((ID in (select vendorID from VendorUser where userID=16) ))))
I will mess around with the code some to see what I could be doing wrong, but any hints is appreciated.
greggk author 2/17/2016

Ok, I figured it out. I just had the wrong ID in the statement.

So it looks like it's going to work.

I have another question though, even the admin user now only sees what you added in the vendoruser list. Is there a way for the Admin to continue to view everything? Or do you think I should create another VIEW, just for the vendor users so that they will be able to see that, and the rest of the users would be able to see the whole project?
At any rate, I think I will be able to get it to work with this.
Sergey Kornilov admin 2/17/2016

In AfterTableInit check user id or user group and only apply this filter if current user is not an admin. See examples at http://xlinesoft.com/phprunner/docs/modify_sql_query_on_the_fly.htm