UserFrosting, as of version 0.3.1, does not have built-in support for group hierarchies. However, it should be pretty easy to implement. Here is how I would do it:
- Create two groups, "Administrators" and "Members". Set it up so that "Administrator" is the default primary group for new users.
- Create two tables,
company and company_user. The company table will store information about the companies, with a primary key id. The company_user table will associate companies with users, and have four columns:
id (int)company_id (int)user_id (int)flag_admin (bool)
Change the register() method in AccountController.php so that when someone registers, it creates a new company and then associates them with this company, marking them as the Administrator of this company by setting flag_admin to '1'.
Any members that get added to a specific company should also be added to this table, but with flag_admin set to '0'.
Create a new AccessCondition called manages(user_id_1, user_id_2) which returns true if user_id_1 and user_id_2 belong to the same company and user_id_1 has flag_admin set to '1', false otherwise.
Grant appropriate permissions to users in group "Administrators" so that they can create/update/delete/view users, but only users in group "Members" and only if the Administrator manages them (so if "Members" has a group_id of "4", condition=in_group(user.id,4)&&manages(self.id,user.id).
- You will also want to modify the various user create/update/delete methods so that when an Administrator creates a user, it adds them to group "Member" and associates them with the appropriate company.
That should get you started, let me know if you need further clarification.
