phpmysqlcodeigniterauthenticationion-auth

Ion auth only show users in certain group


I have installed a user management with Ion auth in codeigniter. Now i'm facing the following challenge.

When logged in and visiting the auto/index page an overview of users is shown. I'm using 3 different admin levels. Each user is connected to a company. (the company id is added in the users_groups table)

Admin company-admin company-user

The super admin should see all the users, The Admin should only see the users which are also in the same company The user has got no access to the auth/index (that already works)

How can I create a page in such a way that a Admin only sees his company users. Below an examaple of the index function of my auth.php controller.

//redirect if needed, otherwise display the user list
function index()
{

    if (!$this->ion_auth->logged_in())
    {
        //redirect them to the login page
        redirect('dashboard/', 'refresh');
    }
    elseif ($this->ion_auth->in_group('company-user')) 
    {
        //redirect them to the home page because they must be an administrator to view this
        redirect('dashboard/', 'refresh');


        //set the flash data error message if there is one
        $this->data['message'] = (validation_errors()) ? validation_errors() : $this->session->flashdata('message');

        //list the users
        $this->data['users'] = $this->ion_auth->users()->result();
        foreach ($this->data['users'] as $k => $user)
        {
            $this->data['users'][$k]->groups = $this->ion_auth->get_users_groups($user->id)->result();              
        }           
        foreach ($this->data['users'] as $k => $user)
        {
            $this->data['users'][$k]->companies = $this->ion_auth->get_company($user->id)->result();        
        }           


    }
    elseif ($this->ion_auth->logged_in() && $this->ion_auth->in_group("company-admin"))
    {
        //set the flash data error message if there is one
        $this->data['message'] = (validation_errors()) ? validation_errors() : $this->session->flashdata('message');

        //list the users
        $this->data['users'] = $this->ion_auth->users()->result();
        foreach ($this->data['users'] as $k => $user)
        {
            $this->data['users'][$k]->groups = $this->ion_auth->get_users_groups($user->id)->result();
        }
        foreach ($this->data['users'] as $k => $user)
        {
            $this->data['users'][$k]->companies = $this->ion_auth->get_company($user->id)->result();
        }


        $this->_render_page('admin/auth/index', $this->data);
    }       
    else
    {
        //set the flash data error message if there is one
        $this->data['message'] = (validation_errors()) ? validation_errors() : $this->session->flashdata('message');

        //list the users
        $this->data['users'] = $this->ion_auth->users()->result();
        foreach ($this->data['users'] as $k => $user)
        {
            $this->data['users'][$k]->groups = $this->ion_auth->get_users_groups($user->id)->result();
        }
        foreach ($this->data['users'] as $k => $user)
        {
            $this->data['users'][$k]->companies = $this->ion_auth->get_company($user->id)->result();
        }

        $this->_render_page('admin/auth/index', $this->data);
    }
}

Does anyone know what i've got to add to the elseif ($this->ion_auth->in_group("company-admin")) part in order to only show the users in the same company as the company-admin?

//////////////////////////////////////////////////////

Thanks for the answer. Now i've made the following changes:

I'm answering this way, to have the possibility to show code. I have changed my controller but still see users from other companies. I have changed this as following:

elseif ($this->ion_auth->in_group("company-admin"))
    {
        //set the flash data error message if there is one
        $this->data['message'] = (validation_errors()) ? validation_errors() : $this->session->flashdata('message');

        // Check the company the user is in
        $user_in_company = $this->ion_auth->get_users_companies(); // Return array groups

        //list the users
        $this->data['users'] = $this->ion_auth->users()->result($user_in_company);
        foreach ($this->data['users'] as $k => $user)
        {
            $this->data['users'][$k]->groups = $this->ion_auth->get_users_groups($user->id)->result();
        }
        foreach ($this->data['users'] as $k => $user)
        {
            $this->data['users'][$k]->companies = $this->ion_auth->get_company($user->id)->result();
        }

        $this->_render_page('admin/auth/index', $this->data);
    }   

I would expect to view only the users within the company thoug.. wat could be wrong with my controller?


Solution

  • At first get groups logged user.

    $user_in_group = $this->ion_auth->get_users_groups(); // Return array groups 
    

    And get user list that have same group with logged user

    $this->data['users'] = $this->ion_auth->users($user_in_group)->result(); // Pass groups array as params
    

    And users listed only have logged user group.