pennyMorant
commented
1 year ago now , i'm no idea abot this
Open ariadarkkkis opened 1 year ago
pennyMorant
commented
1 year ago now , i'm no idea abot this
ariadarkkkis
commented
1 year ago To simplify it:
We now have 2 roles, administrator and user. What I meant was to add a third role called reseller and their access is limited to only managing their own users (either by grouping them and assigning them a number or add a new field to users table called creator_id which will assign the reseller userid to them and can retreive data from database with a single where clause. So they have no access to other users on the panel). Its like a new role and with limitations. They cant manage nodes because nodes are only managed by administrator role and each node can be assigned to a specific reseller so they can have their own nodes. They can see their order and bill table of their own users as well.
Im no PHP developer but I will make some time and work on it to give you the idea in code so you understand it better and we can improve from there.
This panel is very good but I can see (atleast for my usage) lack of reseller role in it. I also have some other ideas and features and I will try to implement them myself and send you a PR to check.
pennyMorant
commented
1 year ago you could write it , then pull request .
alohane
commented
1 year ago I believe this function is quite complex and not as easy as it may seem. Haha.
Vào Th 3, 22 thg 8, 2023 vào lúc 15:35 zeropanel @.***> đã viết:
you could write it , then pull request .
— Reply to this email directly, view it on GitHub https://github.com/zeropanel/zeropanel/issues/19#issuecomment-1687730124, or unsubscribe https://github.com/notifications/unsubscribe-auth/ANPJN5Z4TBHDQSFRXDGQ4ATXWRVLNANCNFSM6AAAAAA3WDJYGA . You are receiving this because you are subscribed to this thread.Message ID: @.***>
ariadarkkkis
commented
1 year ago I will try to implement it and send a PR whenever I can make time. Keep this open, please. Thanks.
I believe this function is quite complex and not as easy as it may seem. Haha. Vào Th 3, 22 thg 8, 2023 vào lúc 15:35 zeropanel @.> đã viết: … you could write it , then pull request . — Reply to this email directly, view it on GitHub <#19 (comment)>, or unsubscribe https://github.com/notifications/unsubscribe-auth/ANPJN5Z4TBHDQSFRXDGQ4ATXWRVLNANCNFSM6AAAAAA3WDJYGA . You are receiving this because you are subscribed to this thread.Message ID: @.>
Its not that complex its just need some access check system to check each role and their data whenever a role wants to access a part of the system. Ideally, it should be a layer over the system (like a middleware or something else) to check for user access based on generated accessToken. But it can be done more easily in otherways, I will try to come up with some ideas and post here and see if anyone can implement, otherwise I will try to implement myself and PR.
alexlearncss
commented
1 year ago now , i'm no idea abot this
=]]]
I wanted to propose a new role called reseller. Currently, I edited my SSPanel-Uim code to have this and what I did was assign a group to each reseller and made their account administrator and limited their access to whole panel settings. They can only manage users and they only see users in their own group and they also cant change user groups. So if a reseller group_id is 2, they only see users which has group_id 2 and their users will only have access to nodes that have group_id 0 or 2. So this way, each reseller have their own server and can only manage their own users without seeing or other resellers users or etc. The way I edited the code was not clean at all and Im not a PHP developer so I just added the logics I wanted to the code. Also, another idea is add reseller role and assign a group to that user upon creation so they have limited access to different parts of the admin panel ( no need to create another panel although it will be much cleaner to add another one). So if the user have reseller role, they cant see nodes and other panel information and edit them, if they somehow tried to access those settings from routes, they wont be allowed to change anything because they dont have admin role (although it would be much better that they dont even access those routes in first place). Admin role acts as a God role which has access to everything in the system including other resellers users and orders and payments and etc. Each reseller can have their own commission rate and will receive a cut of their payments in their balance and can withdraw from that (although im not sure if withdrawal is already implemented or need to be implemented or the process is manual, not important at this stage).
I already told you the changes I did in SSPanel-Uim is not clean, which is wherever I didnt want other resellers have access, I added an if statement to check if their user_id is not 1, get their group_id from db and get other informations from db according to these values. I also just hid other panel sections from them but they can access them now.