I’m using CakePHP4.X and trying to figure out how to handle different user types to be able redirect them to the following url’s after login
Super Admin redirect to /dashboard - Super Admin can add, edit delete everything
Partner redirect to /partners/dashboard – Partner can add, edit, view, delete their own related data
Members redirect to/members/dashboard - Member can add, edit, view, delete their own related data
once logged in be able to edit their own data ONLY without been able to edit/manipulate/delete ANYONE ELSES DATA?
I currently have Members and Partners with the following tables
partners -table
id PK AI
user_uid – fk user table user_uid
partner_name
partner_contact
partner_phone
rest of fields
then all related partner tables have the following
tablename
id – PK AI
partner_id – FK from id Partner table
members table
id – PK AI
user_uid – fk user table user_uid
member_name
member_phone
rest of fields
Then all related members tables are setup
tablename
id – PK AI
member_id – FK from id in Member Table
Users table
id – PK AI
user_uid – unique string
username unique
password
role_id
role_id – 1 = Super Admin 2 = Partner 3 = Member
user roles table
id
role_type
status
created
modified
Could someone advise how to do the following:
Redirect the user base on role to the correct URL and ONLY allow them to edit their own data?
I have looked a CakeDC – Users Plugin but not 100% sure how to implement it to do the above, if anyone knows how to do this, could you please help me getting it working or explain how to get it working??
You can doing this by Users table add role_id and create one table Roles which desciribe the roles associate with the Users Table then define varible to each role in your bootstrap.php
use following code as per $users = array(SUPER_ADMIN,CLIENT,CLIENT_ADMIN,CLIENT_BASIC); .ctp
initialization of variables
which code do you disable or enable then set following conditions
if(in_array($activeUser['role_id'], $users)) {
/// you ctp file code
}
Thanks for this, I have a user_role table setup where in users I have role_id as a FK I missed that of the original post, I shall amend to make sure it is clear.
//If the user is logged in send them to a destination.
if($result->isValid()){
$target = $this->Authentication->getLoginRedirect() ?? $this->loginRedirectByRole();
return $this->redirect($target);
}
getLoginRedirect() assumes the use of the ‘redirect’ query parameter when configuring the Authenticator. So again, almost straight from the documentation, in Application.php
Now some sample code for `Users::loginRedirectByRole() which I use if there was no other redirect known:
[ RoleCon is a class full of constants I use to prevent typos ]
function loginRedirectByRole() {
$identity = $this->getRequest()->getAttribute('identity');
switch ($identity->get('role')) {
case RoleCon::SYSTEM_ADMIN:
$url = ['controller' => 'AdminPanel', 'action' => 'adminPanel'];
break;
case RoleCon::TENANT_ADMIN:
$url = ['controller' => 'Tenants', 'action' => 'adminPanel'];
break;
case RoleCon::TENANT_STAFF:
case RoleCon::WAREHOUSE_STAFF:
$url = ['controller' => 'Orders', 'action' => 'status'];
break;
case RoleCon::WAREHOUSE_ADMIN:
$url = ['controller' => 'Warehouses', 'action' => 'adminPanel'];
break;
default:
$url = ['unknown role url'];
break;
}
return Router::url($url);
}
From your different destination actions you should be able to control access to the allowed records. Authorization plugin is the tool to control data access once logged in I believe.