0

My Application in zend framework, symfony,doctrine.

In my web Application have multiple clients which have it's their entities like product and product related to other entities. Below is my problem :

User Table(clients) : 

id       Name 
----------------
1        A
2        B

Product Table : 

id       Name       
-------------
1        Product-1
2        Product-2
3        Product-3

UserProduct Table : 

id       user_id   product_id
1        1         1
2        1         2
3        2         3

Client 'A' go to edit product after login, Url : xyz.com/product?id=1 Now client 'B' go to edit product after login, Url : xyz.com/product?id=1

So client 'B' should not edit product id = 1.

Is it possible to make in general function?

Abdul Manaf
  • 4,768
  • 3
  • 27
  • 34
ashish patel
  • 25
  • 4

1 Answers1

0

Yes. You can able to restrict the client 'B' should not edit product id = 1. You can use Joins for getting record form table. You have to maintain user_id in session

SELECT * FROM product p LEFT JOIN userproduct up ON (p.id == up.product_id) WHERE p.id = '1' AND up.user_id = $_SESSION['user_id'] ;

This won't allow to view other clients products to current client.

Moorthy GK
  • 1,283
  • 9
  • 17
  • You are right but I don't to make query every time. I have number of models in my application so I want to restrict by generalize. Like ACL will restrict user to access our controller/action etc. but not restrict such like this issue. understood what my issue? – ashish patel Jan 27 '14 at 13:14