Creating RBA tables
Before working with RBA, you need to set up your database with the required tables. The easiest way is to use the RBA module that you will find under tools -> Role-Based Access Module. Using this will show a form with a simple workflow to create your tables, PHP mapping module, supporting functions like Audit trail, Preference table (if you want to send emails), and templates (for sending emails).
To create the RBA module, you need to follow the following procedure.
Generate SQL
Clicking on 'generate SQL generates the SQL that will create your tables. You can change the names of tables and fields to something different. In our samples, we will stick to the 'standard.' The SQL adapts to the selected database type, so if it is MySQL, it should show varchar, whereas, in Oracle, it should show varchar2. If You find issues here, you can correct, but please let us know if you have to do that.
If you already have a previous module or want to refresh, you can choose to use a drop table, but it will destroy your data, so be careful.
Generate Tables
Clicking on the button will execute the SQL against the selected database connection.
Generate access class
PHsPeed needs a mapping class between the defined RBA module and its internals. Clicking on this button will generate the required PHP class (if you forget this step, you will get fatal errors while generating the project code).
Generate RBA PHP Module
Clicking on Generate RBA module will open up a screen with all the available RBA modules. You will find several templates for your primary login page (or as a basis) and modules for user registration and MFA.
By checking/unchecking the modules, you can select to import this module into your application.
Login_1..login_4 |
Different login pages that you can use and modify. The images used in the samples are not in the package. You need to use your own. |
Maintain_users |
This is a basic module for the maintenance of the user table. |
Maintain_group |
This is a basic module for maintenance of the group table that is used to assign users and applications to |
Maintain_application |
This is a basic module for the maintenance of the application table. The module has a button that synchronizes the table with the available applications that are generated. Be aware that it only adds applications to the table. If you remove an application, you have to delete this from the list manually. |
Maintain_applicationgroup |
This is a basic module for the maintenance of the assignment of applications to groups with their rights. (access, read, create, update, delete). For a faster initial approach, you can consider using the proc_applicationgroup. |
Maintain_usergroup |
This is a basic module for maintenance of assignment of users to groups |
Maintain_preferences |
If you use the preferences table, then you can store email server credentials so that the system can email users for a signup, forgotten password, etc. |
Maintain_templates |
If you use templates, then you can use these to set up email templates for users to signup, etc. |
Add_initial_user |
When you have created the user table, then there is no default user to log in. With this module, you can add your first (admin) user. If you use the module while there are already users in the database, this application will generate an error message. We advise to remove the module from your production system when not in use. |
Signup |
This is a user signup page if you allow users to create their account |
Apply_registration |
Users receive an email with an activation code. This page accepts the code to activate the account. Do not implement if you want to use MFA. |
Forgottenpwd |
This is the module for the user to request a new password. |
Apply MFA |
Users receive an email with an activation code. This page accepts the code to activate the account. It also supplies the Multi-Factor token, based on TOTP. All TOTP clients (Google authenticator, Microsoft or others) should work. Do not implement if you do not want to use MFA. |
Proc_applicationgroup |
The application group application allows you to maintain applications to groups in bulk. It is also a good sample for a selectable grid. |
Before importing and creating the RBA module, there are some considerations to make. Do you need an audit trail, templates etc.