Alpha Developers Network

Guest


Author Topic: Need a Second Set of Eyes on Security & Data Management  (Read 1012 times)

0 Members and 1 Guest are viewing this topic.

Jausan

  • Guest
Need a Second Set of Eyes on Security & Data Management
« on: September 30, 2013, 02:25:49 PM »
I am in the midst of developing a system that requires multiple logins based on groups such as Managers, Employees, Executives etc.  However these individuals will be from various organizations with the aforementioned criteria for each company.  I have setup web security to require email and external user id value which is the organization's name.  What I would like to do two things, 1) place the security information into mysql tables, and 2) ensure that each individual linked to thier particular organization cannot see items of another.  I am currently restricted to using only one MySQL database.  Any suggestions.

PeterGreulich

  • Guest
Re: Need a Second Set of Eyes on Security & Data Management
« Reply #1 on: October 01, 2013, 02:06:20 PM »
It's called a multi-tenant system. I've built a couple. Not "hard" to do exacty once you know how, but there really is a LOT to it. It's too big of a subject to answer in a post. Try searching the Alpha message board for multi-tenant or multi tenant.

PeterGreulich

  • Guest
Re: Need a Second Set of Eyes on Security & Data Management
« Reply #2 on: October 01, 2013, 08:05:24 PM »
Actually, I have to correct myself. Yes it's "hard" to do. If you don't know how, it's not only hard, but near impossible. If you know how, it's a lot of work.

factotum

  • Guest
Re: Need a Second Set of Eyes on Security & Data Management
« Reply #3 on: October 02, 2013, 10:44:53 AM »
Surely you simply need each user to belong to an organisation and all table data rows need to be prefixed with the relevant organisation foreign key.
One a user logs on you know the organisation by association and you know their user permissions - so therefore all data viewed/maintained is governed by organisation filtering and the user related permissions... That said, I am not a user of Alpha web development tools, so it may be more complicated than what I read into your question.

User Table
                UID
                USERNAME
                PASSWORD
                ORGID
                USERTYPE
                EEID

Organisation Table
                UID
                ORGID
                ORGANISATION
                LOGO
                etc.

User Type Table
                UID
                ORGID
                USERTYPE
                Permissions etc. (may be a separate table)

Employee Table
                UID
                ORGID
                EEID
                Name, Job, Dept. Details etc.

Orders Table
                UID
                ORGID
                ORDID
                CUSTID
                etc.

Etc. etc.
« Last Edit: October 02, 2013, 10:48:13 AM by factotum »

PeterGreulich

  • Guest
Re: Need a Second Set of Eyes on Security & Data Management
« Reply #4 on: October 02, 2013, 11:58:40 AM »
That's a nice table layout, Paul, but build that and it won't help you, in and of itself, with Alpha security on the web. It really is somewhat complex. I'm not saying that to be high-handed, it's just that it really is a lot. If I could have answered the question in a simple post I would have done so.

factotum

  • Guest
Re: Need a Second Set of Eyes on Security & Data Management
« Reply #5 on: October 03, 2013, 01:32:32 AM »
That's a nice table layout, Paul, but build that and it won't help you, in and of itself, with Alpha security on the web. It really is somewhat complex. I'm not saying that to be high-handed, it's just that it really is a lot. If I could have answered the question in a simple post I would have done so.

Understood Peter, I did say however that I am not an Alpha web developer so was unsure of any related complications. I was merely looking at the problem from a desktop data perspective, i.e. each user working in a filtered subset of the master data.

Paul :)

PeterGreulich

  • Guest
Re: Need a Second Set of Eyes on Security & Data Management
« Reply #6 on: October 03, 2013, 08:08:24 AM »
No problem, Paul. Thanks