Hi All,
Im using version 1.7.3.
The idea that I had at first was to be able to set permission for a group of user. We can do this by assigning couple of users to a user group and set the permission of the user group. However, that doesnt do the other way around, if I set the user permission first and then change the user group permission afterward, the user permission doesnt seem to change. I looked at the tables of the database, and found out that, there are 4 tables connected to this scheme.
One is the
users table which hold the user data, and then the
groups table which hold the group data, and then the
groupmatch table which tells us which user belong to which group, and the last one is the
groupaccess table which tells us about which group is permitted to have which access. I know it is a bit confusing, but if you understand about the concept of relational database, you will get trough my explanation.
I also find out that, one user data will be put on the group table as a different group type then the the usual group. That is why there is only one table that tells us about the permission, there is no useraccess table to tell which user can access which, there is only groupaccess table which tell which group can access which, that is why, a user data is also treated as a group data. Everytime a user is created, this data will also be inserted to the group table.
The main problem with my first idea that user group permission overwrite user permission is that, if you change a user group permission, there are no SQL writing on the database that says it will also change all data access for user on the groupaccess table, the SQL only change the permission for that group, not for the users under that group.
So for instance, I have a group called group1, and I have 3 users called user1, user2, user3. I want to set all users can send eCard, but I only want user1 to be the only one who can upload image. If I put them under group1, and change the permission, and then change the permission for user1 only, it just doesnt work.
My question is, if my analysis is true, this thing happens for a reason? or is it something that the developer miss when they write the code? What is the solution to this?
I hope somebody can understand this, and give a solution. Many thanks.
