0

We are building a database management system in water resources which will be managed by many users and access by public users. In our system, we manage the objects (Channel, Weirs, Borehole...) and their properties. We would to build a function that allow the superuser could register another users with controller, actions and id of the data object. For example, the managers at District A have full permission with all data object which located in district A only while some other people who also can access data object in district A but for input data only (water level input for example). There will be hundred of people who will manage and contribute the database depend on the level of the unit where they work, their role (view, edit, delete...), and data object which they response. It is really dynamic user management function. A prototype system to manage data is building in PHP with Symfony2 and upgrading to Symfony3. Now we need to build the user management functions as discuss to startlaunching the system.

Do anyone have experience in database structure, bundles, model... to solve this problem. Thank you.

askmacos
  • 1
  • 1
  • 1
  • 1
    Welcome. I think many of use have experience with data structures, Symfony, and PHP, but personally im a bit puzzled with what you need. It all just sounds a bit confusing. Do you perhaps have some code you can share with us. Maybe pseudocode or drawing diagrams? – CodeGodie May 18 '17 at 16:47
  • We haven't started any code for this function yet. Everything we did is data manage functions for borehole and doing now with other objects. The same template for all data obj controller such as boreHoleController which includes actions: add($obj), edit($id), delete($id), editParaA($id), editParaB($id)... We would to register 1 user with some controllers and even he/she can call the permitted controller, he is still limited by registered actions and then objects by id. – askmacos May 18 '17 at 17:11
  • im not sure what you mean by "...register 1 user with some controllers..." can you explain that in more detail. – CodeGodie May 18 '17 at 17:12
  • For example: the user in surface water group can only call weirContrller, channelController... (Surface water obj) But can't call boreHoleCotroller, aquiferController (groundwater) But general data admin can call controllers in both – askmacos May 18 '17 at 17:35
  • It sounds like you would just need to assign each user with a role, then manage their access using those roles through Symfony's `security.yml` http://symfony.com/doc/current/security.html – CodeGodie May 18 '17 at 17:39

1 Answers1

0

yes this can be done quite easely in symfony, using roles, permissions, and SecurityVoters :

http://symfony.com/doc/current/security/voters.html

Sam Janssens
  • 1,491
  • 1
  • 12
  • 30