Users management

[asalazar]

Is there a way of setting user_tab so that each user can manage the information in there, in particular changing password. Suppose we extended the user_tab to include name, email, etc., and of course the password and username. I would like for each user to be able to change the email, password fields directly, however I would not want them to be able to insert any new users.

From trials with version 4.6 I have been unable to do so. If I remove the insert option on the Admin, then the users don't see their own row in the user_tab or have the option to see anything in user_tab. Which makes sense since the user_tab rows were made by an admin user. So how can we set the user_tab row that corresponds to each user so that it seems that it was made by them (as for them to be able to access in order to modify the fields).

In the same line of questions, is there a way of adding a forgot password email function at the login (I notice some emailing routines) and new user registration. I realize I can just add the code in the right places, I am wondering if there is an option on Dadabik already or at least a suggested method in order to integrate such options with dadabik.

Thanks in advance for your help and forgive me if this happens to be a trivial question

Regads,
A

 

[DebbieS]

Adding additional fields into the users_tab table is not a problem - same as adding fields to other tables. Have a look through this post (bypassing admin restrictions) for a lot of good code samples for manipulating the user table.

I've added a few fields in the users_tab table, however, the only thing I've allowed them to change on their own was their password (see this post for more detail about that). Since I implemented this, we've switched to LDAP authentication (installations are internal only), so we don't even use the change my password thing anymore.

I use additional fields in the users_tab to list specific tables the user is allowed access to among other things that come up.

To allow users to edit their record in the users_tab, you would need to change the way DaDaBIK looks at the users_tab throughout the program - there are spots where it checks if it is user table and admin user before displaying the information from it. As for emailing a reminder of their password, this would be possible if you removed the MD5 encryption that is used to encrypt the passwords before they are inserted into the database table. As far as I know, there is no way to decrypt md5 data.