Dreamfactory User Management for Apps with different user roles and permissions?

Question

I am developing an app which requires user management with different roles to get different views on data stored in a MS SQL Server DB. I use dreamfactory to provide a REST API for the data. I would like to store User data in the same DB as the other data.

dreamfactory provides User Management and I would love to use it since building my own seems like a tough task, however I cannot seem to fully get a grasp of how this is working...
* How can I use dreamfactory User Management to store user data in my own DB (and not a DB built in to the DSP)?
* How can I restrict access to parts of the data accessible in the MS SQL Server DB API (since certain users are only allowed to see certain parts of that DB)?
* I get that I can set user roles for specific apps, but is dreamfactory actually suitable for managing (possibly hundreds of) users of several apps (each of them maybe having several user roles)? Do you have experience with that?

Reading the doc didn't help me and neither did this tutorial for user management with dreamfactory Tutorial 1

Would appreciate any intel on the topic in general.

Answer 1

The DreamFactory user system has a user REST API so you can store users in your own database if you need to. However, you do need to also store users in DreamFactory if you're using it to control security (the roles system in DreamFactory governs backend security so users need to be associated with a role in DreamFactory for all the security mechanisms to work).

You can restrict access to parts of the data (i.e. both table-level and record-level security) using the roles system. You control table-level access by specifying allowed http verbs for a given table for a given role. You can also use lookup keys to inherit any existing role permissions that you've set up in an external SQL database (go here for more info). You control record-level access using either lookup keys or server-side filters. A common use case for this is only allowing the creator of a record to update or delete that record. More info on that is here.

Roles simply govern which users can access which REST services, which data, and which applications. The user system is designed to scale to large numbers of users, roles, and applications. DreamFactory is used by large enterprises for this purpose.

Also, DreamFactory is an open source software install. The user and role system is stored in a MySQL database that is part of the install. You can easily extend the user and role schema as needed. The limit of users is only limited by the database size. You can store millions of users and thousands of roles and apps if necessary (Fortune 500 companies often have thousands of internal mobile apps).