Alpha Anywhere Development Platform and Related > Web Applications

Need a Second Set of Eyes on Security & Data Management

(1/2) > >>

Jausan:
I am in the midst of developing a system that requires multiple logins based on groups such as Managers, Employees, Executives etc.  However these individuals will be from various organizations with the aforementioned criteria for each company.  I have setup web security to require email and external user id value which is the organization's name.  What I would like to do two things, 1) place the security information into mysql tables, and 2) ensure that each individual linked to thier particular organization cannot see items of another.  I am currently restricted to using only one MySQL database.  Any suggestions.

PeterGreulich:
It's called a multi-tenant system. I've built a couple. Not "hard" to do exacty once you know how, but there really is a LOT to it. It's too big of a subject to answer in a post. Try searching the Alpha message board for multi-tenant or multi tenant.

PeterGreulich:
Actually, I have to correct myself. Yes it's "hard" to do. If you don't know how, it's not only hard, but near impossible. If you know how, it's a lot of work.

factotum:
Surely you simply need each user to belong to an organisation and all table data rows need to be prefixed with the relevant organisation foreign key.
One a user logs on you know the organisation by association and you know their user permissions - so therefore all data viewed/maintained is governed by organisation filtering and the user related permissions... That said, I am not a user of Alpha web development tools, so it may be more complicated than what I read into your question.

User Table
                UID
                USERNAME
                PASSWORD
                ORGID
                USERTYPE
                EEID

Organisation Table
                UID
                ORGID
                ORGANISATION
                LOGO
                etc.

User Type Table
                UID
                ORGID
                USERTYPE
                Permissions etc. (may be a separate table)

Employee Table
                UID
                ORGID
                EEID
                Name, Job, Dept. Details etc.

Orders Table
                UID
                ORGID
                ORDID
                CUSTID
                etc.

Etc. etc.

PeterGreulich:
That's a nice table layout, Paul, but build that and it won't help you, in and of itself, with Alpha security on the web. It really is somewhat complex. I'm not saying that to be high-handed, it's just that it really is a lot. If I could have answered the question in a simple post I would have done so.

Navigation

[0] Message Index

[#] Next page

Go to full version