Tiger_Model_OrgUser
@api· extendsTiger_Model_Table
OrgUser — MEMBERSHIP. The most important table in the substrate.
A row here says "user U belongs to org O, with role R." It is simultaneously:
-
THE TENANCY BOUNDARY. What stops a user from acting inside an org is the ABSENCE of an org_user row linking them to it. Cross-tenant denial is therefore structural — a missing row — not a code check someone can forget to write. Every tenant-scoped query should be gated on "does an (org_id, user_id) membership exist?"
-
THE ROLE CARRIER. The role lives HERE, per-membership — not on the user — so the same user can be
adminin one org andviewerin another. This is the core of Tiger's multi-tenant ACL (Tiger's key evolution over a single global role per user). The ACL engine reads the role from the current org_user row for the acting user + current org.
A user has at most ONE membership per org (unique org_id + user_id). status
distinguishes active / invited / suspended memberships without deleting the row.
Methods
membership()
membership($orgId, $userId)
The membership row for a (org, user) pair, or null if none exists.
A null return IS the cross-tenant denial signal — callers should treat "no membership" as "not a member of this tenant, deny."
$orgIdstring$userIdstring
Returns Zend_Db_Table_Row_Abstract|null
roleOf()
roleOf($orgId, $userId)
The role a user holds in an org, or null if they are not a member.
$orgIdstring$userIdstring
Returns string|null
orgsForUser()
orgsForUser($userId)
All memberships for a user (i.e. every org they belong to). Useful for an org switcher / "your organizations" list.
$userIdstring
Returns Zend_Db_Table_Rowset_Abstract
usersInOrg()
usersInOrg($orgId)
All memberships in an org (i.e. its members). Useful for a team/members list.
$orgIdstring
Returns Zend_Db_Table_Rowset_Abstract