Home/ Questions/Q 646907
In Process

The Archive Base Latest Questions

Editorial Team
  • 0
Asked: 2026-05-13T21:39:52+00:00

Hi Sitepoint wizard people, Say we have an admin application that has multiple users

  • 0

Hi Sitepoint wizard people,

Say we have an admin application that has multiple users and various objects. What I’d like to do is control access within the object itself – that is, it will behave one way for one type of user, and another way for other users. For example…

Director Mike can override Reception user Sally’s registration date. One would assume that Mike could set any date both in the past or in the future. Then we have Payroll user Steve who can also modify Sally’s registration date, but only for dates in the past up until (for example) one year ago. To spice things up, then we have the HR Manager Mary who can also amend Sally’s registration date, but only for dates from precisely 23rd June 2007 up until one month from now…

How can I program the access restrictions so that on the front end, the form control is restricted with a min and max date, and in the backend, the validator checks the entered date to make sure it falls between those dates? I’d obviously need to be able to tweak the min and max dates for each user type. Other objects might have different parameters – maximum amount on a discount field or days of the week for overtime, for example.

I’ve asked this question in different ways, but each time I get bogged down by the implementation. I’m currently developing it as a php/MySQL web-based application, but thoughts and comments from other platforms very welcome! This time I’m looking at first principles, so it doesn’t matter what your background is, if you have any ideas, please let me know! What do you even call this type of access control…?

Share

Leave an answer

You must login to add an answer.

Need An Account,

1 Answer

  1. Editorial Team

    Depending of how you application is based, you could ask for credentials at the start of the application and depending on who is requiring access, you could load a different xml file containing different settings.

    As for security issue, make sure that the different xml files can’t be reached by the users.

    Edit:
    Since you are using MySQL you could do something like this.
    Let’s say you have a table of users that has those fields : UserId, UserName, RestrictionId.
    And with a Restriction table that looks like : RestrictionId, FieldName, FieldCondition.

    This way, in your php app, when a user is authenticated, you can go fetch the correct “Restrictions” on the field and apply them in your code. If it happens that you have multiple fields that require different rules then you can simply add them with the correct RestrictionId.

    This DB design is far from perfect, I’m pretty sure you can do better

    • 0