Limiting users to data

hi. I need to develop a website where registered users can have limitation on actions but also on data.

The site will handle data about several companies, and user A should be allowed to access only to companies Z and Y, while user B to X and Y and so on.

In the past I’ve done something similar using MySQL’s views, but I’d like if there’s a better implementation with Yii.


checkout some of the extensions available:

I didn’t find any really related to this, unless I’m using the wrong search terms…

I don’t believe there is anything available to address the data access part. There really isn’t a way to do that without modifying the database to support it. You can use either the “view” solution you came up with before or by introducing extra column(s) and/or tables to handle the relationships between users and data access. Without knowing all of the details, it sounds like you might be able to use roles for grouping company permissions and then assigning roles to users. These roles would be different from the roles for action permissions. To restrict the data a user sees, you could automatically retrieve the users role(s) based on the userid and use that info to modify any queries.