In my project I have a few forms, mostly DropDownChoices like City, Budget Type, Financing Source and etc. And in the project I have user roles like ROLE08, ROLE27 and ROLE51. And depending to the user ROLE, the data in my DropDownChoices is changing. For example, if ROLE08 could see all city regions, the ROLE27 and ROLE51 just can see two or three city regions. How I can implement that issue architecturally right?
I can't mind up, how to create user behaviours, user rules for the project, and user access levels. I think I need create my own custom DropDownChoices where I can declare my custom Model data, and ChoiceRender rules. Could anyone additionally draw me a scheme, how it should be?
Look at Wicket IAuthorizationStrategy Interface.
Related
How hard would it be to create a website that lets people create their own pages on them?
Like a company creating a custom page on my site only with a drag and drop system provided by my website (of course they would need to create an account).
What frameworks would I need to use?
I tried searching the web but didn't find anything. I found craft.js but I don't know if I can implement it like that.
Thank you all in advance.
Such a project would be very complex and cannot simply be "coded down". Here are the main reasons:
You need an infrastructure where and how your users can save their websites. Does every user just have one page or several (limited or unlimited)?
Drag and Drop requires some JavaScript interactions and a set of predefined web components like buttons, input fields, labels or images. You would have to define abstract components that could be individually filled with user content.
If you ask your users to register before creating websites, you must respect the "General Data Protection Regulation" (applies for the European Union).
If you want to make money with your project you'll have to consider several legal aspects depending on the country where you live.
In short, there are many reasons why homepage kits are not an easy thing to program.
I'm part of a frontend project and I need some help to bring our authorization model into keycloak. We're building on node.js and the whole project uses stateless micro services - as well as our frontend middleware as the whole backend services we use. The frontend uses the standard JS adapter for session and token management.
So far we have identified four roles: travel agent, back office, configurator and data security officer. That's easy so far. My problem is how to model the next authorization layer we need.
For example: For the travel agents we want to be able to grant per person whether he can see specific customer data or is able to cancel orders. There are about 6-8 options for the travel agents. Thus, for the back office there shall be options for stock operations or different views on orders.
Like the backend we don't persist any data! That's why I have store all the things in keycloak and find a way to easily bring these information back to our middleware.
Here's what I tried / thought of so far:
* Use groups for the first layer and roles for the second one. --> doesn't work because the groups don't get exposed in the token.
* Use realm roles for the upper and attributes for the lower hierarchy. --> attributes are not included in the access token.
* Use realm roles for the upper and client roles on the lower hierarchy. --> works, but we have to make sure that roles on the second layer are definitely associated with only one role on the first layer. I don't know how yet.
* Use roles for the first layer and resources on the second one. --> That seems to get very close to what we need. But at the moment I can't figure out the correct approach with all these policies and permissions...
Discussions here at Stack Overflow seem very fruitful and I wanted to give it a try, although I don't have any code to offer.
Thanks for any help and please let me know, if I shall provide some further information.
Sven
Unlike the downvoter, I find this to be a legitimate question.
It looks like you're on the right path in terms of using Keycloak groups/roles/attributes. You can pick a combination that suits your needs. For example, if you need a hierarchy structure, you might use groups. Or you might want to use roles since these can be composite.
Regardless of which path you choose, your problem is how to expose these in the token. It can be done using mapper configurations.
For example, to expose Roles for the user, you'll want to create a "User Realm Role" mapper that adds your roles as a claim on the tokens. To do this:
click on "clients" in the left side menu
click on the client you're using
click on the "Mappers" tab
add a mapper of type "User Realm Role".
There are also mappers for "Group Membership" and "User Attribute" that can be used to add these two concepts as claims. If those aren't enough, or if you need more fine-grained control, you can roll your own custom mapper. See the Keycloak documentation and other questions here on Stack Overflow for how to do this.
is there anyway to create two homepages for moodle or someway of doing something similar to having a two homepage effect.
At my work (educational) we offer qualifications and we also offer online (e-learning) courses.
Ideally I want to create one area just for the qualifications where users will get a login and ONLY see the qualifications side of things.
Then I want to make another area JUST for the e-learning side of things. Both sets of users would not be able to see the other areas (ie. e-learning cannot see qualifications etc)
Does anybody know if this is possible?
Hopefully this makes sense.
Kind regards,
What you can do is to have a single front page and then restrict access to individual courses based on their enrollment status.
You can add an additional plugin to allow for self-enrollment with administrative approval.
Additionally, you can do things like hide specific courses or categories of courses and then configure permissions to view these hidden courses or hidden categories.
If you want to create completely unique landing pages, you may need to manage more than one instance of Moodle.
I'm working upon a small-scale enterprise database application. It works with such business objects as Vendors, Device types, Devices, Suppliers, Invoices, Departments, Employees etc., so I need to let users view and edit data from all these tables.
My first approach was to create a pair of forms for each type of business object:
a table to view and select an object
an editing form for this type of object
But now I find it hard to maintain all these forms, because e.g. if I want to change the look of all view forms, of course I have to edit each one of them.
So I want to replace all my view forms with a single one "template" form and to call it with some kind of parameters. The problem is, I don't know the right approach to perform it. Maybe there could be some example in some book or somewhere else?
I think the best way is by using Visual Form Inheritance .
Actually we use this kind of programming a lot, it keeps maintenance pretty simple. Stick your base functionality in the parent form, and specific behaviour in the child forms.
I have Lotus Notes application, deployed only as modifications (new forms, views, and adding a button to one of the "standard" views) in the main mail template (R7).
All these "new" forms and views are inherited in turn from my main application template.
Now, for one of these forms to function properly, it have to have a field, which is different from customer (not end user, but organization) to customer.
I do not want to break the inheritance from our template, so we can update the application easily by just sending a new template. So, I can't ask the client admin just to break the inheritance for this particular form, as it will stop all updates (or they have to be done manually).
So, let's say I have MainAppForm, which has a calculated field ClientCustomData. I'd like to have another form, which only has only one "default" field ClientCustomData. I can break the inheritance for this second form, as it has no really design elements which may change, and then the client can modify this default value to whatever they need w/o fearing that it'll be overwritten.
The question is - how from MainAppForm I can read the value from the other form?
Or - is there a way to store 2 data elements only in a mail template (I dunno, shared file, or something), so it becomes available to each user, and MainAppForm can get them, w/o a need to remove the inheritance dependency of MainAppForm from our template.
I can envision even a class library with just to functions to return this (I don't know why this approach smells to me).
Any best practices or advices?
I'm not sure if I have understood your querstion correctly, but it sounds like you want to have a small part of a larger form configurable per client. If this is the case, I think computed subforms could do the trick.
Consider the following scenario: Your application ships with the subform ClientCustomData that contains just sensible defaults for the client settings. The form MainAppForm includes this as a computed subform. It is then possible for the local admin to disable inheritance on the subform and changing the custom data without affecting inheritance on MainAppForm.
The obvious drawback is that you cannot update the ClientCustomData subform automatically once inheritance is disabled; Keep this subform as small as possible. If you find that you need more client-custom values, you can always add another subform in the same manner.
First a clarification: In Lotus Notes, you don't have forms reading from other forms. Forms are just UI objects. However, you do have back-end and front-end documents that get created with the help of Forms.
When you create a new document based on a form (for instance, a new email), you are creating a front-end document that hasn't been saved yet. That document can access other parts of itself or it can access any back-end document that has been saved.
If I'm following you correctly, you need some bit of data that is different per client/customer to be brought into documents based on MainAppForm. There are a few ways to do that. My suggestion is to use Database Profiles, which are special documents that can easily be accessed from anywhere in your database via Notes Formula language or LotusScript. Granted, you can't push data within those documents out via a template, but if you use a database profile to store your database settings your client admin can set options once and they won't get altered when the template changes.
Have a look at the #SetProfileField and #GetProfileField functions.
To answer my own question (still I do not know if I'm right in terms of Notes way of thinking, but looks promising):
I found the "Shared fields". So, I create 2 such a fields with a computed values (the ones I want to pass on), and make my MainAppForm use them. Upon installation, the admin will change the values and mark them to not refresh with the template.
I'd respect any pros and cons, provided from a Notes expert.
Thanks