PDA

View Full Version : Allow changes to certain records by authorized users

opsys
30th October 2006, 00:14
I want to create a user such as 'dnsadmin@example.com' and have that login only see and be able to chenge records that belong to them.

I see that the structure is there to allow it but I cannot not figure out how to add an id 'soa.origin' to group.

admin works fine with adding, deleting, and modifing. Even have Sql Replication working.

I hag to add ruid to use and group for all the records for admin to be able to VAD (View, add, Delete) in the rr table. (domains imported with mydnsinport {zone xfer})

Alex
till
30th October 2006, 09:57
Did you add the sys_group table as described in this thread?

http://www.howtoforge.com/forums/showthread.php?t=7099
opsys
30th October 2006, 10:05
Yes I did. And after that I was able to add groups. I can add a user such as user@exampel.com. But when I login as that user. I get NOTHING on the list_soa page.

What permissions are need for each group?
What field allows a group or user to access a record?


I see many different fields. Sys_user, sys_group., etc.... But I am having trouble reading the comments as they are in German and Google translate makes for funny translations.
till
1st November 2006, 11:11
Yes I did. And after that I was able to add groups. I can add a user such as user@exampel.com. But when I login as that user. I get NOTHING on the list_soa page.

Thats correct if the user has not created any records himself and he is not member of another group where records already exist.

If you want to share records between users, you must enable the group checkbox for this group in the users settings and set the default group selector to the same group. The default group is the group that is used when new records where created.

What permissions are need for each group?
What field allows a group or user to access a record?

possible permissions in the sys_perm fields are:

r = read
i = insert
u = update
d = delete

The default permissions are:

owner (user): riud
owner (group): riud
other: [empty which menas no access permissions]
voipfc
20th November 2006, 23:13
I have a feeling that by using updatable database views, users record visiblity and access can be controlled mostly through the database schema. That though is more of a postgresql sql thing.