Multi-user application mode

For simultaneous operation of several users with the same information, locate the database on the Web hosting and link applications on each device with this database.

We will use MySQL database as the most popular system.
Since the application cannot directly send queries to the MySQL database, we need to create an intermediate layer between the application and the database.
This is PHP-service - the apiserver.php file. It is created by the application and then uploaded manually to the Web server.
This process will be described below.

This is how the work of several users with a single database looks schematically.

iOS Devices
  • iPad 1
  • ....
  • iPad N
OS X Devices
  • Mac 1
  • ....
  • Mac N
Internet
Web Hosting
apiserver.php MySQL Database


To organize a multi-user work, we need to perform the following actions:

  • 1. Create a database on the Web hosting.
  • 2. Generate the apiserver.php file and upload it to the server.
  • 3. Connect applications to the server.
  • 4. Transfer data from the local server to the Web hosting (if necessary).
  • 5. Add users and assign them access permissions.


1. Creating a database on the Web hosting.


At this stage, we need to receive:
  • Url address of the site (domain name). For example, http://mysite.com
  • Hostname of MySQL. For example, localhost
  • MySQL database name. For example, db_mybase
  • MySQL user login. For example, db_user
  • MySQL user password. For example, db_pswd

If you already have a website, for example, http://mysite.com, and you have an opportunity to create an additional database on this site, then this will be the simplest and most convenient option. In this case, we recommend creating a subdomain, for example, http://nano.mysite.com.

Otherwise, you should select a web service provider and register the new domain name of the server where the database will be stored.
As a rule, all the providers have automated and well documented process of domain registration and database creation.
Attention! The database must support UTF-8 encoding.

Now proceed to the next step.

2. Creating the apiserver.php file and locating it on the server.


Go to the "Database" page.
To do this, select the "Database" menu in the "Settings" section in the Mac version or click the quick access button   .
In a mobile version, click the      button in the toolbar on the home page ("Dashboard"").

2.1. On the “General” tab, enter the URL of the server. By default, this field will be set to http://yourserver.com/apiserver.php. Replace yourserver.com with your domain name. If your domain is http://mysite.com, then you should have http://mysite.com/apiserver.php.

2.2. The access key provides additional security and is used by the application for each access to the server. It can be any word.

2.3. On the “Files” tab, enter the MySQL database parameters, which you received in the previous step.

2.4. Click the "Create apiserver.php file" button.

2.5. In the Mac version save the file in any convenient place. In the mobile version, the file will be saved in the “Documents” folder of the application. Download it to the computer using iTunes.

2.6. Download the received file to the root (home) folder of your site using the "File Manager" in the control panel of your account or through ftp-access to the site.
To make sure that you did everything correctly, type in the browser http://mysite.com/apiserver.php (substitute mysite.com with the real name of your domain).
If you did everything correctly, you should get the following message {"success":0,"errormsg":"Action not found.","data":""}.

3. Connecting the application to the server


Go back to the "General" tab and in the "Database location" field set "Remote".
Click the "Update" button.

The application will try to connect to the server and, if successfully, create a database with the demo data on it.
You will be prompted to enter the user's login and password.
Enter the login "admin" and password "admin". You will be able to change this data.

Advice. You can resume the work on the local database at any time. To do this, click on the link "Or click here to work with the local database" in the authorization form under the "Sign In" button.
Or set the "Database Location" field to "Local" in the "Database" menu.



4. Transferring local data to the web hosting.


In the local database mode, go to the "Backup" menu and click "MySQL dump" button.
In the Mac version, you will find the mysql.dump file using Finder. It should be downloaded to the computer from the mobile version using iTunes.
The data from this file must be imported into the MySQL database using "phpMySqlAdmin" in the control panel of your account.

5. Adding users. Access control.



Access permissions to the functions (operations) of the application
To differentiate the users’ permissions in the application, the Role-Based Access Control (RBAC) is implemented.
This means that the permissions are assigned to roles rather than to users. Thus, the role serves as a set of permissions. The user receives certain permissions after he is included in one or more roles.
The number of roles and users in the system is unlimited. The set of permissions is determined by the functionality of the system.
Thus, the main objects of the access control system are Users, Roles and Permissions.
Users enter roles through the Roles - Users matrix.
Roles are assigned permissions through the Roles-Permissions matrix. This matrix also specifies the access level for each permission - Create, Read, Update and Delete (CRUD).

The diagram shows how these objects are connected

Users   Roles   Permissions
         
  Roles - Users   Roles - Permissions  


Access permissions to application objects
The application also allows you to restrict access to the system objects such as Accounts, Price lists, Sections of the directory, etc.
For example, there are several cashiers working at your enterprise. They may have equal permissions (contribute and give out money from the cash register).
I.e., they will all enter one and the same Role of the application. However, each cashier must see only his cash register.
This feature is implemented in the application with the help of additional Users - objects matrix.

How to add a user in the application and assign its permissions.

Task: Add a system user. Permit him to work with the money receipts and expenditures. Give access only to one bank account (cash register).

This is just an example describing the general principles of the access system.

In this particular application, there could be no cash transactions.

Sequence of actions:
  • Go to the menu "Access Control" - "Users".
  • Add a new user (click the "+" button), fill in the required fields. Note the "Activated" indicator. Only activated users can log into the system.
  • Add the "Cashiers" role to the “Roles” menu.
  • Now assign permissions for this role.
  • In the list of roles, click on the link "Show permissions". The "Roles - Permissions" matrix should open.
  • Click on the button "+", mark the required permissions in the first column, for example, Money - receipts and expenditures, Money - Accounts. After that, click the ready button to add the selected permissions to our role. Here we are asked to specify the access degree (read, modify, add, delete). Confirm by clicking the "Add" button.
  • Now add the user to the role.
  • In the list of roles, click on the link "Show users". The "Roles - Users" matrix should open.
  • Click on the button "+", mark the users in the first column and click the "Ready" button.
  • A new user can already log into the system and work with the money transactions. At this point, he has access to all the bank accounts.
  • Limit the list of accessible accounts. Go to the "Users" menu.
  • In the list of users, click on the link "Show objects". The "Users - Objects" matrix opens.
  • Choose the object type of the "Accouns"
  • Click on the button "+" and add the necessary account.
Attention! All permissions modifications take effect at the next system logging of the user.

Advice. All the above actions can be performed from one menu "Roles".

When you select users to add to the role, click the "+" button in the selection list and add a new user.