Allow User To Update Only Selective Customer's Data

Yii 1.1 General Discussion
1

Hi Guys,

I am having a table called staffusers containing usernames (user1, user2,user3) and table called customer containing usernames (customer1,customer2,customer3,…customer100).

I would like to allow certain staff users to be able to update only selective customer’s data.

I have managed to create a checkbox and dropdown list of user on the admin.php page by adding the below code in admin.php.




<?php $form=$this->beginWidget('CActiveForm'); ?>


        <div class="row"> 

        <?php echo $form->labelEx($model,'Assign Data To User'); ?> 

        <?php echo $form->dropDownList($model,'lead_assigned_to', CHtml::listData(User::model()->findAll(), 'username', 'username'), array('empty'=>'Please Select'));?> 

        <?php echo $form->error($model,'lead_assigned_to'); ?> 

    </div>


......


<?php $this->widget('zii.widgets.grid.CGridView', array(

        'id'=>'customer-grid',

        'dataProvider'=>$model->search(),

        'filter'=>$model,




        'columns'=>array(


                  array( 

                        'class'=>'CCheckBoxColumn', 

                        'selectableRows'=>2 //allows to check multiple rows. 

                ),

See the code in action http://imageshack.us/photo/my-images/29/custdata.jpg/

Can anyone please help me in getting the below things done.

In the given url http://imageshack.us/photo/my-images/29/custdata.jpg/ admin user will select some customers and then select user1 and click on submit, on submitting the selective customers will be removed from the current page and go to another page where only user1 can see those customers and not anyone else ex (user2,user3).

Similarly if selective customer’s are assigned to user2 those customer’s will get removed from the current page and seen to user2 and not anyone else. ex(user1, user3).

How can I do this? So far I haven’t found any relevant information about this. Can somebody please point me to the right direction?

Thanks a lot!

2

Hi Guys,

Can anyone please guide me…

Thanks in advance.

Regards

Mithlesh

3

You can use a RBAC.

There are a few in the extensions repository.

Or create a table

staffuser_customers and use it as a pivot table between the three (assuming you have a user and customer table) to check if the username and customer match up

in mysql something like


CREATE TABLE IF NOT EXISTS `staffuser_customers` (

  `id` int(11) NOT NULL AUTO_INCREMENT,

  `user_id` int(11) NOT NULL,

  `customer_id` int(11) NOT NULL,

  PRIMARY KEY (`id`)

) ENGINE=InnoDB  DEFAULT CHARSET=utf8;

Generate the model and crud with Gii or by hand

Relate the three tables in the models in the relations sections as a HAS_MANY.

check the table staffuser_customers before rendering the page in the controller to make sure the user and the customer match if not show an error message or redirect back.

maybe with something like this




	public function actionView($id)

	{

		$current_id = $this->loadModel($id);

		$current_user = Yii::app()->user->id;

		$criteria = new CDbCriteria();

		$criteria->condition = 'current_user =:current_user AND customer_id = :current_id';

		$criteria->params = array(':current_id'=>$current_id, ':current_user'=>$current_user);

		$hasaccess = new CActiveDataProvider(Staffusercustomers::model(), array('criteria'=>$criteria));

		if(!empty($hasaccess)){		

		$this->render('view',array(

			'model'=>$this->loadModel($id),

			'dataProvider'=>$dataProvider,

		));}

		else {

			$errormessage= 'You do not have access to view this customer.';

			Yii::app()->user->setFlash('errormessage', $errormessage);

             $this->redirect(array('../customers/'));

		}

	}

I personally would use a RBAC but the above should work… you will prob need to change a few things. I haven’t tested it at all nor used anything like it.

4

Hi skworden,

Thanks for your reply…

The code you have pasted is something different from my requirement.

I think it is very simple but i am not getting how to do it.

It should be like there will be a javascript which will keep the values of my selection (customer id) which i selected and after selecting staff user (user id) and then after clicking on submit button the selected customer id will no longer be seen on the current page and then return to the same page.

The selected customer id will be now seen in the staff user’s page

Regards

Mithlesh

5

Dear all,

Can anyone please guide me… i am stuck in this.

Regards,

Mithlesh