Please tell me if there is any method through which I can get the users unique id who logged into the JasperReports Server, and that id could be used in the report to display only those records matching this id.
Is there any parameter which can be referred or any other work around to obtain the logged in user id or any other way to deal with the issue.
Related
I've been trying for few days and couldn't really find answers about what I'm trying to do.
Take the example of a registration where a link to confirm your email is sent, and then when the link is clicked the account is confirmed.
I want to achieve this to do a kind of validation for announcement publication.
I tried taking the example of the symfony verify email feature, but in this case it's using the authenticated user when the link is clicked. In my case, the person clicking the link doesn't have an account on the website and shouldn't be authenticated.
How could the mail link, when clicked, change a booleon in the database, like 'is_confirmed' from 0 to 1 without needing a user authenticated?
Thanks
You're still going to need to authenticate, but you'll do it with a one-time token instead of a userid and password. For each message:
Generate a unique unguessable string, like a UUID v4.
Generate an expiration timestamp for however many minutes/hours/days in the future you want the token to be good for.
Save the token and the expiration timestamp in the db so it's associated somehow with the record in question. This might mean adding two columns to an existing table, or creating a new join table.
Generate an email to the recipient, including a link that has the token embedded in it, like http://example.com/approve?token=whatever or http://example.com/approve/whatever
Create the /approve page. Configure it to not require any traditional Symfony authentication. It should then:
Look up the token that was provided.
Verify that the associated timestamp isn't expired yet.
Perform whatever process you want to occur.
Wipe the token and the expiration from the db.
instead of code, have more of a best practice/functionality question regarding CloudKit. Can't seem to find answers, or maybe just don't understand.
Questions:
When I save the record, cloud kit creates a unique record id, i was thinking of getting that id and storing in core data to allow specific query's on that at a later time vs entire database searches. However, once I save a record, how do i get the record id that was created? Is this possible?
What if I allow a user to report another user for some reason and thereby want to block that user from posting to the cloud until a review can be done. Is there a user access database in the cloud? if not, thoughts on how to?
Thanks all.
By default when you create a CKRecord it will generate a guid as it's ID. You can also specify your own id the moment you create the CKRecord. The it does not need to be a guid. As long as it's unique. Your save action will have a callback where you will get the ID.
Every user has it's own unique id which you can easily get. You could create a table with your blocking information. You only have to query for that yourself to implement the blocking mechanism.
We are looking to integrate Facebook, Google, Twitter into an existing site.
Unlike most implementations, the user MUST be a customer prior being able to login with Facebook, Google, etc. The current database design is as follows;
userid | username | password | customerno
So the idea is if a user decides to login using Facebook, we need to validate that they are also an existing customer using their customer number which is alphanumeric. Once authenticated, they are no longer required to authenticate using their customer number. If they are not yet a customer, they will first need to create an account with us.
Do I need to design a new table for each provider? If so what should the design look like?
How do I authenticate a user who has logged in using Facebook with their existing customer number?
How do I authenticate a user who has logged in using Facebook with their existing customer number?
That depends on what criteria you have to recognize someone as a customer …
IMHO the best and easiest way to connect Facebook users to existing accounts on some other page is the email address. If you don’t have that, and see no other reliable way to identify someone as a customer with the data that Facebook can provide – then maybe you could just ask the user for their customer id on your site before connecting their Facebook account.
As for your database design – if you read the email address on every connect/login, then you could just look that up to find your user id. Otherwise, you could either add extra fields to your existing user table, where you save someone’s Facebook/Google/... user id. But if you want to use multiple services, maybe it’d be better to put this data into a second table like
userid | foreign_user_id | type
where type would be one of 'facebook', 'google' etc. to identify the login provider that foreign_user_id comes from.
Currently on my website, users login with their login id and password, they are also required to enter their email when they register. Both login_id and email column on the users table have unique index. users table also stores other data associated with the user such as gender,last_name,first_name but these are optional (nullable) fields.
There are two changes I would like to make to the website.
The first one is, users can use their email (in addition to login_id) to login. For new users, when they register, they no longer need to provide a login_id because they will be using their email to login.
The second change is, they can login with facebook. For new users, if they login with facebook for the first time, their facebook uid will be obtained and stored in my database. This means I will have to add a facebook_uid column on the users table.
For existing users, when they login with facebook for the first time, I should first obtain their email address from their facebook profile and then check if there already exists a record using that email in the users table, if yes, their facebook uid will also be stored on the facebook_uid column on that record.
According to facebook, its platform supports two different OAuth 2.0 flows for user login: server-side flow and client-side flow. Which one or both is required for this use case?
Also, what problems can be anticipated when I implement the features like I describe above?
You could take either approach for this, it's entirely up to you. Both methods will give you the data you need, it's a question of how comfortable you are working on the back vs front end. You just need to ask for permission to access to the user's email address.
Problems that could happen: I'm not sure but there may be legal restrictions on storing the user's Facebook ID. Also, what if someone (not me, an evil person!) registers with my email address and you don't validate that they really have access to that address - then when I log in via Facebook, the app will assume we're the same person and the evil hacker now has access to my account. Unlikely scenario but could happen...
In my app I have already asked for extended permission to obtain the email address of all my Facebook Application Users. Now... how can I obtain all these emails to advice purpose?
I've tried this but with no success:
select email from user WHERE is_app_user=1
I obtain the following error:
Your statement is not indexable. The
WHERE clause must contain an indexable
column. Such columns are marked with *
in the tables linked from
http://developers.facebook.com/docs/reference/fql
Surfing the web I understood that it's up to you to save the mail addresses in your servers or somewhere. Is it correct? Does exist a workaround?
It means that the attribute is_app_user in WHERE clause does not have index in the database, hence facebook will not execute the statement. You can only use the attributes marked by * on this page.
Indexed attributes in user table are: uid, name, username, third_party_id
Workaround is to store fb_id of the users using your application as soon as they join. You can also store email address of the user when he/she joins. I will prefer storing the fb_id of the user as it permits the user to revoke email permissions whenever he wishes to do so.