Search code examples
laraveloctobercmsoctobercms-pluginsoctobercms-backend

making model relationship to user, user can only access its own data

i have 2 main models and some child models with relationController to main models, now i need to add user id to both main and child models so user can only access its own data since users data stay on the same table. i create belongsToMany relationship from user.php to the models and vice versa with pivot table but nothing happen i have no idea how to do this since i need simplified database management in case i need to do migration.. can someone share your experience on this..

Solution

  • I can suggest you that you just add user_id [for Backend => backend_users_id ] to models which data you want access to owner only.

    now in main model you can define belongsTo relation and in user you can define hasMany relation

    main model relationship [if you want to restrict the user in backend side then you need to add backend user relation and same in backend user model]

    class MainModel extends Model
{
    // Adding relation to user model
    public $belongsTo = [
        'user' => 'RainLab\User\Models\User',
        'backend_users' =>'Backend\Models\User' // for Backend
    ];

}

    adding a relation to the user model [ you need to put this code in your plugin's boot method ] 

    // Extending User Model
\RainLab\User\Models\User::extend(function($model) {
    $model->hasMany['mainmodel'] = ['HardikSatasiya\Plugin\Models\MainModel'];
});

// for Backend users
\Backend\Models\User::extend(function($model) {
    $model->hasMany['mainmodel'] = ['HardikSatasiya\Plugin\Models\MainModel'];
});

    Now access data [ Front-end side ]

    // Returns the signed in user
$user = \Auth::getUser();
dd($user->mainmodel); // it will return collection of related mainmodels

// it will return related data and now its filter by owner
dd($user->mainmodel[0]->otherRelatin); 


// for Backend users
// Returns the signed in user
$user = \BackendAuth::getUser();
dd($user->mainmodel); // it will return collection of related mainmodels

// it will return related data and now its filter by owner
dd($user->mainmodel[0]->otherRelatin);

    Example filter data in listview based on logged in admin user [ OctoberCMS do not give such functionality out of the box, you can not hide a portion of data records you can hide entire menu or all records based on rights and roles but can not hide partial records ]

    public function listExtendQuery($query)
{
    $user = \BackendAuth::getUser();
    $query->where('backend_users_id', $user->id);
}

    to add backend_users_id you can use this code

    class MainModel extends Model {

    public function beforeSave()
    {
        $user = \BackendAuth::getUser();
        $this->backend_users_id = $user->id;
    }
}

    if any doubt please comment.