I want to create authentication apis in Hasura. My user can have differrent roles when signing up. Thinking of maintaining an Enum table for the same. So that I can have a foreign key/type from it in the user table. However, I intend to create a postgress trigger on this enum table, such that everytime, new role is added, a new hasura role should also be created to allow for JWT authentication and authorization accordingly.
Where does hasura stores its Hasrua role.
Answer 1 (direct answer)
Not sure this is something the app developer should edit.
All Hasura metadata (including roles/permissions) is in Postgres.
The schema is "hdb_catalog". The table is "hdb_metadata".
You can query this using:
SELECT * FROM "hdb_catalog"."hdb_metadata" WHERE id = 1;
It contains a large JSON document. It's better to look at it using PGAdmin.
Answer 2 (dynamic roles)
It looks like you're trying to get dynamic roles in place.
There is a great Youtube video that explains how to model it:
https://youtu.be/-18zZO3DrLY?t=1370
Related
I'm wondering if it's possible to auto update the User's column('number of posts') if the Posts table updates. The Post entity has a ManyToOne relation with User('userId'). Is there a way to make the User Table "listen" to the Post Table and automatically updates the number of post column, or i need to write it in the post service create function to do so. I'm new to sql so i'm just trying new stuff. I'm using NestJS,typeORM, Postgres and Graphql
#Kendle's answer does work and has the advantage of pushing the computation and complexity down onto your DB server. Alternatively, you can keep that logic in the application by leveraging TypeORM's Subscribers functionality. Documentation can be found here.
In your specific use case, you could register a subscriber for your Post entity implementing afterInsert and afterRemove (or afterSoftRemove if you soft delete posts) to increment and the decrement the counter respectively.
You don't want to duplicate that data. That's the whole idea of a relational database that different data is kept in different tables.
You can create a view if you want to avoid typing a query with a JOIN each time.
For example you might create the view below:
CREATE VIEW userPosts AS
SELECT
user.id,
user.name,
COUNT(posts.id)
FROM users
LEFT JOIN posts ON user.id = posts.user_id
ORDER BY user.id;
Once you have created the view your can query it as if it were a table.
SELECT * FROM userDate WHERE id = '0001';
Of course I don't have your table definitions and data so you will need to adapt this code to your tables.
I want to design a MongoDB schema where
There are multiple roles
There are multiple sites
users are mapped to sites with multiple roles like image below
The DB Schema is as below for Permission
**permission**
id
name
description
Role
**roles**
id
name
description
permission:[ids]
user
users
id
email
name
locationids:[ids]
unable to think through for
user_location_roles schema which will be easier to modify and easier to fetch from DB.
Please suggest schema that can be used
the UI for the site role user mapping is as below
I currently own a MongoDB database that contains a collection named User. User collection has a field called contact_info among several other fields.
My requirement is to allow a member in my team having access to the database with 'admin' role to view contact_info when querying a user, however, a team member with 'developer' role should be able to query a user but not view his/her contact_info (i.e. contact_info key in the user document should be hidden or masked for a team member with 'developer' role). I am looking for a field-level visibility restriction in MongoDB to comply with GDPR standards.
I am comparatively new to MongoDB and did some search for this requirement, but could not find any direct solution for this. Any help with be greatly appreciated.
Looks like you could create a view with only the fields needed (https://docs.mongodb.com/manual/core/views/).
Then I would create an extra user developer and 1 extra role developerRole
This developerRole should only have access to the view created.
In my database, I have table "User" and "Role" and I search to put a role in a user when the user sign up. The problem is that when I retrieve the role from database and post the user, a new role is create and I don't want it. I want the a existing role are put as foreign key.
In JPA you don't think as foreign keys. What you model is an Object which can have relations to other objects, such as a class User may have a list of Role references.
You'd then annotate it with the according JPA annotations to map this relation to your database tables. You may check the Oracle Java EE tutorial on JPA to learn how to do that.
Then, when putting a new Object (meaning one with a new ID) into the list, it will result in getting a new entry in the referring table when persisting it.
I have two tables, namely
USER_ROLE {user_id, Role} PK {user_id, role}
ROLE_PERMISSION {role, permission} PK {role, permission}
A User can have multiple Roles.
A Role can be mapped to multiple
Permissions.
I have a entity - USER that maintains information about the User. This info is fetched via LDAP (not DB) on first login. Now, for my authorization aspects, I need to also fetch dtls on User's permissions from above mentioned tables.
So I would imagine adding attributes to my existing USER entity
USER {
user_id,
first_name,
last_name,
etc
// Authorization
List<String> roles;
List<String> permissions;
}
Can someone pls help how I can use JPA to populate the roles and permissions Lists? Looked over internet, can't figure it out. thanks
I would create a USER table in your database and map it to a User object with the role and permissions. The User object then would include additional LDAP data.
Without a USER table you have nothing to map to.
Otherwise just query for the database using native SQL queries and populate your LDAP user object yourself.