The OrientDB documentation on record level security uses a blog as example. The user “Steve" can grant rights to individual blog posts for another user “Luke”.
However, in my situation I want Steve to be able to grant Luke access to the whole blog, so that Luke can create, edit etc all blogPosts connected to the blog as long as he has this access. And if it's revoked he shouldn't be able to edit any posts in Steve's blog even if he created them.
Can this be done somehow? I suppose record level security can't be used as it's not the same record? But maybe this behavior can be altered with a hook, or creating a user "group" for "Steve's blog" that gets the _allow rights, and both users are part of the group instead.
I'm very new to OrientDB, graphs and java, so sorry if it's a stupid question.
Related
I am using Moodle LMS Management system for our project. We have different roles in the project like a principal, admin, tutor, course creator, student, IQA, EQA. The problem we are facing is, restricting the comment section. See, Tutor will give feedback on a student assignment and submission.
So if the tutor comments, all the other roles can see the comment. If IQA person gives feedback on particular student submission means, that comment should be visible only to principal, tutor, admin, EQA. It should not be visible to the student. My doubt is, how to restrict the comments in moodle? Any Help Appreciated..
Facebook API endpoint /v2.11/{GROUP_ID}/member_requests/ allows me to list membership requests to group I have permission.
I'm looking method/idea/etc to list membership requests WITH answers to questions (my group requires answering questions when user wants to join).
Do you have any ideas how can I achieve this?
Best regards,
Milosz
Looking for the same.
I currently found https://developers.facebook.com/docs/workplace/integrations/custom-integrations/reference/member to list members, but still can't get members' answers.
Unfortunately, you can't do this via the API. However, there are some Chrome Extensions that allow you to save the answers to those questions!
Check out GroupTrack CRM...it's a CRM that is integrated into Facebook via a Chrome Extension. It does what you're looking for (one click to approve individual or all pending members while also saving their answers to your questions and adding them to the CRM), along with a ton of other awesome stuff.
Keep notes and tags, track sales funnel stages, bookmark posts and comments, set follow up tasks with reminders, and more across unlimited Groups. Everything is synced in real time with a web app as well, so you can access your contact information from anywhere, plus it can be set up to integrate with external systems (Google Sheets, Streak, and Kartra at the moment, but many more to come).
Lastly, GroupTrack supports teams, so if you run a Group with other admins, you can share access to the CRM and have everything kept in sync. It's awesome!
I want to implement a social network posting feature with post, comment, and set post visibility features in my application.
I am using Meteor platform. Put aside for a while the fact that relational databases are more suited to social network related data. I will use relational documents in separate collections for storing posts and comments and their meta data like poster or commented, with references. So, for reading, I will simulate sql-like joins with one of the meteor packages supports this in server side publish.
But I am not certain how I will implement post visibility setting in order to make a post visible to people that a poster wants the post be visible to, and invisible to people a poster wants them not to see. Visibility presets are "only me", "friends", "friends of friends", "groups", and individual specific groups that the user is a member of, and "public".
So far my collections are "users", "friends", "memberships" (referring to groups)", "posts", "comments", "likes". I can publish a reactive join of a desired combination of the posts, comments, likes, users by say reywood:publish-composite, package.
What is the preferred way of implementing this behaviour in the publish level? Or it is not a good idea at publish level, just try a conditional (iffy) publish.
New user so I can't post images. Image link provided below:
http://i.stack.imgur.com/EXf0G.jpg
This is for a walk-in booking system not an online reservation system.
Normal Booking scenario:
User/Member gives information to receptionist. Users can book up to a month in-advance.
Receptionist searches user/member info. Receptionist must be logged in to search user/member or make a booking.
if details are found the booking continues as normal, if not user details are added to the users file.
Booking time/date/type is then checked for availability. If available then a booking is made.
Extra:
There are two types of staff account 'normal-user' (Receptionist) and 'admin' (Manager).
Manager can reset staff account passwords and create new staff accounts.
Manager can edit session details on the timetable (time, date, type) etc. Do i need a timetable class here??
In order to answer that, we would need a much more developed specification.
I would suggest you develop with what you have, meeting only the minimum requirements for each iteration. Then, if you find your users need a timetable of some sort, then add it at that point.
In general, don't add more complexity than you need until you know you need it. The more moving parts a system has, the harder it is to maintain and use and to put together in the first place. Get the application up and functioning and in the users' hands. Until you get real feedback from them, you are just taking stabs in the dark. Let the users' tell you what they need and want.
I hope this is allowed but I have a number of questions regarding Facebook Connect, I'm quite unsure on how I should approach implementing it.
I am working on a live music type service and currently have user registration, etc. If I were to implement Facebook Connect alongside this, would I still be able to email the Facebook Connect users as if they were on my database?
Also, would it instead be possible to let users who have Facebook "link" their accounts once registered so I am able to give them the benefits of sharing via Facebook and inviting friends while still having an actual registered user on my system.
I have tried to read up answers to the above questions but what I've found is quite ambiguous.
Thanks, look forward to your views.
Facebook's documentation process is very poor, so don't feel bad about having a hard time getting started. Their wiki-style approach to documentation without any real official documents tends to leave the "process flow" tough to grasp, and requires piecing together parts of a bunch of randomly scattered docs.
Facebook has an obligation to protect privacy, so they never make a user's actual email address available to application developers, through Connect or normal applications. They do have a proxied email system in place that you can use, however, you must get explicit permission from a user in order to email them. There's a decent document on proxied email here. You can get permission by prompting for it; there's several methods for doing so linked in that document.
In regards to linking Facebook and local accounts, this would definitely be the way to go. Once a Connect user logs in, you want to store that fact for that user so you can provide the Facebook-specific functionality. I would simply create a normal user account in the database for every new Connect user that came by, with it's own local id, so that you don't have to do special handling of two different types of user accounts all over the site. That being said, the account would obviously have to be marked as a Facebook user's account (I use an externalId column in my users table), and any part of the site that relied on information you might otherwise have locally would have to handle the Facebook aspect properly (such as using proxied email instead of normal email).
For existing users, you could arrange an "account link" by having a process whereby they log into FB Connect after they've logged into the site already, and you could detect that and simply add their FB id to your users table. After that, they could log in through Connect in the future, or through your normal process. I've never done this, but it should be possible.
If you write the account handling code generically enough, your site will be able to function well no matter what kind of user you throw at it.