> I have to build an application with quite a few different user types - > admins, members, affiliates, sales people, and all of these types will > use different applications within the project. Now, of course I'd like > to use sfGuard for this, but I'm struggling with how to administer > these users separately.
The way we do this in our application - which carries about ten different user types - is to stick with sfGuardUser as it is, and have a profile table. The profile table carries a type column which resolves via a lookup table to a type name (e.g. client, publisher, admin, etc.). When the user logs in, some custom code takes this value and adds a corresponding credential to the current user object (user_type_client, user_type_publisher, user_type_admin, etc.). This can then be used in security.yml files to specify permissions based on user type. Also, our profile table connects via an FK to a "properties" table, which contains name/value pairs. Typically in our system users have three or four of these, and differing user types rarely share the same property names. At logon, we read the name/value pairs into an associative array and store this as a persistent user attribute. The user object then offers lookup methods to read a named property's value. Should a user's property collection change in the db, they have to log off and log back on again, but this is not a big problem in our system. We also join user profiles to a company table, which in turn also has its own property table. In this way we can apply a set of property name/pairs to a group of users as well as to users individually. -- You received this message because you are subscribed to the Google Groups "symfony users" group. To post to this group, send email to [email protected]. To unsubscribe from this group, send email to [email protected]. For more options, visit this group at http://groups.google.com/group/symfony-users?hl=en.
