07-20-2023, 01:10 PM
I would like to implement a multiple user CMS website, where each user is able to execute CRUD actions on their own records. This means that security should be implemented on record-level, not on model-level.
I've come up with 2 solutions:
1. Have an `owner_id` field in each model.
2. Have a database per user for the models that they modify. Keep a main database for all the related records (such as users' data (name, email, username, password), models that are edited by admins, but not users, etc).
---
Solution 2, I was thinking of implementing with Apache's help. I would have
- `/config` - I would need for the database configuration for user3
- `/web/uploads` - I would use for their uploads.
---
Is there a best practice/design pattern to implement this with Symfony? I have never developed a website that can dynamically select a database based on the user (solution 2), so am wondering if this makes sense.
I have experience with Symfony 1.x , but haven't done any development on Symfony2 yet.
I've come up with 2 solutions:
1. Have an `owner_id` field in each model.
2. Have a database per user for the models that they modify. Keep a main database for all the related records (such as users' data (name, email, username, password), models that are edited by admins, but not users, etc).
---
Solution 2, I was thinking of implementing with Apache's help. I would have
[To see links please register here]
for user3, for example, where this would be a separate website to the main website at[To see links please register here]
. I would symlink all the directories apart from `/web/uploads` and `/config`:- `/config` - I would need for the database configuration for user3
- `/web/uploads` - I would use for their uploads.
---
Is there a best practice/design pattern to implement this with Symfony? I have never developed a website that can dynamically select a database based on the user (solution 2), so am wondering if this makes sense.
I have experience with Symfony 1.x , but haven't done any development on Symfony2 yet.