Whenever I use authentication on its basic form: 1. Any user can register something I do not want. 2. Any user can see all the data
I want to be more specific and have control of the registration process as to where I create the users and group they pertain to and hence look at their specific data only. Where is this defined? within the Authentication/Groups or do I have to add another specifying field?? I read the Authentication part of the book but I simply dont know how to tackle this problem. Also while at it, is it a good practice to use the same database for different clients? Thanks
