Is there a way that we can set permissions to database rows in laravel.
Like I have a dropdown and I want to set permission to it’s fields that one user can view all the whole list of the dropdown and the other user can see only 2 fields in the dropdown?
I’ve use spatie package for roles and permissions. I just can’t figure out on how to give permissions to specific rows in database.
Related
I would like to know what the session user has access to. For example if user X has access to a particular database or a set of tables. When looking into HANA I see that I have the PUBLIC role that allows me to see the database, how can I pull this information using XSJS so I can perform logic based on those roles?
I've used $.session.hasSystemPrivilege("PRIV"); but this is different than checking roles. I tried testing for "INSERT" for inserting into the database which returned false. I know that I can write to the tables. Looking in to the HANA, the system privileges tab is empty for me.
Could someone give me some guidance here?
Create your analytic/calculation view on top of SYS.GRANTED_ROLES or GRANTED_PRIVILEGES.
Expose your view as OData service and access this service in XSJS.
I'm working on setting up security permissions on a specific database on SQL Server Management Studio. One specific request is we need to hide a specific data column from being seen to the specific user role.
We want the table to be viewable by the user role, but we don't want a specific data column to be able to be viewed by that user role.
How do I go about hiding that column to that specific user role?
Is it through a query or is it within the permissions for that specific table?
Create a view on the table that doesn't select the column you wish to hide, use the CREATE VIEW statement.
Creates a virtual table whose contents (columns and rows) are defined by a query. Use this statement to create a view of the data in one or more tables in the database.
Grant permissions on that view for the role, using the GRANT command.
Grants permissions on a securable to a principal.
Deny permissions on the table for the role, using the DENY command.
Denies a permission to a principal. Prevents that principal from inheriting the permission through its group or role memberships.
I am working in a Yii project with 4 or 5 roles. Where each role has access to similar forms and views but do not see all fields. Also there are reports which are only for management level roles.
In the past I have managed permissions based on per field control to avoid repeating code, but this get into a nightmare.
My question is, what is the best approach you have used to handle permissions? per field or per view?
I was thinking in create different views and the admin can select which ones to assign to each role.
Any ideas you can bring will help me.
Use RBAC module http://www.yiiframework.com/doc-2.0/guide-security-authorization.html
Once you have defined you role and permission you can use the function provided by Yii2 for show /hide the field you need or for lead the code behavior
I am trying to create a new level of user which is like an admin but has less credentials. He cant configure settings of the modules but can view, add, edit, delete data of the employees. Thanks in advance.
There is hidden "User Roles" module in OrangeHRM, it provides you all the permissions required to change/assign particular menu items to various roles. This needs some custom work such as updating the values on check/uncheck but should be a simple job to do. And tables names are shared by #patxrick should help you to do the modification easily.
You need to insert new user role in ohrm_user_role table.
Then add related records in tables like ohrm_user_role_screen table and ohrm_user_role_data_group.
I just wanna know if it's possbile to have a parameter or variable in Pentaho CE 5.0.1 when users log , so in that case each user will have his own report and cube in function of that parameter.
Thank you ,
If I understood you, you want to restrict data based on user name.
Example: User A can see Cube filtered to to Products from A department.
I used these 3 pages to implement such settings.
Try here, here and here.
The best way to do it is by assigning roles to different types of users and enabling cube security. You may grant role A the right to view a cube/schema/dimension/member and deny it to another.
As for content itself (reports, dashboards), you manage that from within Pentaho User Console by adding permissions either to a role or to a user.