Powerapp: users, profiles, permissions, and profile_permissions

Introduction

in Powerapp, the same principle of permissions management system will be adopted as Prestashop webshop: that considering of users, profiles, permissions, and profile_permissions. The following table will be synthesized from Prestahshop to Dataverse

it will be syncronized via dataflow: ps_lang, country, zone, shop, employee, tax, tax_rule, tax_group

ps_employee
ps_profile
ps_access
ps_authorization_role

Additional Table in Dataverse

uni_user_employee: is created to define the relation between the User (dataverse) and ps_Employee relation

Related Tables:

uni_employee_customer_relation: define the relation between employee and customers

uni_employee_supplier: define the relation between empoyee and supplier

below is the description on how the data schema’s are implemented in Prestashop

1. Users (Employees)

In PrestaShop, users who access the back office are referred to as employees. Each employee is associated with a specific profile.

`ps_employee` Table

id_employee: Primary key, unique identifier for each employee.
id_profile: Foreign key linking to the ps_profile table.
Other fields include firstname, lastname, email, passwd, etc.

2. Profiles

Profiles define roles with specific sets of permissions. Each profile can be associated with multiple employees.

`ps_profile` Table

id_profile: Primary key, unique identifier for each profile.
name: Name of the profile (e.g., Administrator, Manager, Employee).

3. Permissions (Access)

Permissions are associated with profiles to define what actions can be performed on various back office tabs (sections).

`ps_access` Table

id_profile: Foreign key linking to the ps_profile table.
id_authorization_role: Foreign key linking to the ps_authorization_role table.

`ps_authorization_role` Table

id_authorization_role: Primary key, unique identifier for each authorization role.
slug: A unique identifier for each role and action combination, formatted as ROLE_MODULE_CONTROLLER_ACTION.

4. Profile Permissions (Access Management)

This table links profiles with permissions, defining the specific actions (view, add, edit, delete) that a profile can perform on different tabs.

`ps_access` Table (Permissions Details)

id_profile: Foreign key linking to the ps_profile table.
id_authorization_role: Foreign key linking to the ps_authorization_role table.
Each profile’s permission for each action is stored in a separate row.

Data Model Relationships

One-to-Many Relationship between ps_profile and ps_employee: Each profile can be assigned to many employees, but each employee has only one profile.
Many-to-Many Relationship between ps_profile and ps_authorization_role through ps_access: Each profile can have multiple permissions, and each permission can be assigned to multiple profiles.

How It Works

Assigning Profiles to Employees: When creating or managing employees, you assign them a profile by setting the id_profile field in the ps_employee table.
Defining Permissions for Profiles: Permissions are managed by linking ps_profile to ps_authorization_role through the ps_access table. This table records which profiles have which permissions.
Checking Permissions: When an employee tries to perform an action, PrestaShop checks the ps_access table to see if the profile associated with the employee has the necessary permission.

Example Workflow

Creating a New Profile:
- Insert a new row in the ps_profile table with the profile name.
Assigning Permissions to a Profile:
- Insert rows in the ps_access table linking the profile’s id_profile to the appropriate id_authorization_role entries for the desired actions.
Assigning a Profile to an Employee:
- Update the id_profile field of the employee in the ps_employee table to the new profile’s id_profile.

By understanding these relationships and how they interact, you can effectively manage user roles and permissions in PrestaShop, ensuring that employees have the appropriate access to perform their tasks.