juergen_mueller
DaDaBIK Guru
Hello Eugenio
This belongs to the feature request forum, perhaps. But maybe other users have similar issues.
Firstly, this is the application set up I provide for a customer:
The application is used by more than 250 schools in Switzerland, in all three official languages. It manages pupils who participate in special a programme in order to find an apprenticeship after mandatory school, companies who provide those places and other more general information.
Access is based on id_user, there is three (main) groups (id_group) for the three languages. However, there is sometimes more than one person (attached to the individual school) who uses the same login credentials (first possible point for confusion or 'miss use').
Schools can only see there own pupils (data protection) with personal data, and other information, e.g. comments about their performance in a company or at school.
At a school, there are people with different roles (mostly 3) in this programme, sometimes one person covers more than one role. Each role should have access to different data, once more comprehensive, once more limited.
So far, I use a lot of views and second or third DaDaBIK installation for the same database to manage these different access (and language) levels which gets more and more confusing as the demands for the applications become increasingly comprehensive, adding new options and tasks (evaluation, documents management etc.).
My wish, dream, request... would be to have a second user access level as follows:
- General access by id_group
- Schools are grouped by id_group access level (with an extra language field ;-))
- Individuals belong to a group (school) having different access levels for data of the group, let's say a, b, c
So, School A has three individuals granting access to three different data sets each a, b, c (views e.g.). Or, School B has two individuals where one person covers two roles and has access to a and c while the other person has access to b only.
I hope you understand my issue. Maybe I'm thinking to complicated. Any idea for putting this setup in more straight forward way, is highly appreciated.
Thanks and best wishes
Juergen
This belongs to the feature request forum, perhaps. But maybe other users have similar issues.
Firstly, this is the application set up I provide for a customer:
The application is used by more than 250 schools in Switzerland, in all three official languages. It manages pupils who participate in special a programme in order to find an apprenticeship after mandatory school, companies who provide those places and other more general information.
Access is based on id_user, there is three (main) groups (id_group) for the three languages. However, there is sometimes more than one person (attached to the individual school) who uses the same login credentials (first possible point for confusion or 'miss use').
Schools can only see there own pupils (data protection) with personal data, and other information, e.g. comments about their performance in a company or at school.
At a school, there are people with different roles (mostly 3) in this programme, sometimes one person covers more than one role. Each role should have access to different data, once more comprehensive, once more limited.
So far, I use a lot of views and second or third DaDaBIK installation for the same database to manage these different access (and language) levels which gets more and more confusing as the demands for the applications become increasingly comprehensive, adding new options and tasks (evaluation, documents management etc.).
My wish, dream, request... would be to have a second user access level as follows:
- General access by id_group
- Schools are grouped by id_group access level (with an extra language field ;-))
- Individuals belong to a group (school) having different access levels for data of the group, let's say a, b, c
So, School A has three individuals granting access to three different data sets each a, b, c (views e.g.). Or, School B has two individuals where one person covers two roles and has access to a and c while the other person has access to b only.
I hope you understand my issue. Maybe I'm thinking to complicated. Any idea for putting this setup in more straight forward way, is highly appreciated.
Thanks and best wishes
Juergen