Re: Letting a user see only the data they should.
Re: Letting a user see only the data they should.
- Subject: Re: Letting a user see only the data they should.
- From: Justin Tocci <email@hidden>
- Date: Wed, 5 May 2004 08:55:03 -0500
Arturo wrote:
You have a User object backed by a table with a username and password
field as well as a user primary key. You have an Order object backed
by an order table that has its own pk and a foreign key to user.
You've set up a relationship from the User object to the Order object.
That relationship is named "orders".
Drat! Arturo, I started to go in this direction and immediately hit a
huge snag. My relationship is not a typical join at all. Take a look:
CREATE OR REPLACE VIEW public.theforecast AS
SELECT theparts."ID" AS id, theparts."NSN" AS nsn, theparts."Item" AS
item, theparts."System" AS system, etc..., usertable.usersname
FROM theparts, usertable
WHERE theparts."type" = 'KIT'
AND
CASE WHEN usertable.company IS NOT NULL
THEN usertable.company = theparts.company
ELSE true
END
AND
CASE WHEN usertable.project IS NOT NULL
THEN usertable.project = theparts.project
ELSE true
END
AND
CASE WHEN usertable.area IS NOT NULL
THEN usertable.area = theparts.area
ELSE true
END
AND theparts."Rep" ~~ (('%' || usertable.rep::text) || '%');
The relationship here allows you to specify a user's sales rep,
company, project and area. The user is a customer, so we are trying to
limit what he can see. For example, generally an employee of WidgetCo
only gets to see one project. So that's the only field that would be
filled in for that user's 'limits'. The president of WidgetCo would
want to see everything for his entire company, no matter how many
projects there are, so his limit would be the company name in the
company field. Lastly, when a Sales Rep logs in, they want to see just
the stuff they make a commission on, you get the idea.
Anyway, I went through the EOModeler manual and I don't see how this
sort of relationship is possible. I do this sort of stuff all the time.
I can't see EOModeler being any help in these sort of relationships
unless I am missing something major. Somebody please confirm this sort
of thing is not possible or point me in the right direction please.
justin
_______________________________________________
webobjects-dev mailing list | email@hidden
Help/Unsubscribe/Archives: http://www.lists.apple.com/mailman/listinfo/webobjects-dev
Do not post admin requests to the list. They will be ignored.