I have two tables, namely
USER_ROLE {user_id, Role} PK {user_id, role}
ROLE_PERMISSION {role, permission} PK {role, permission}
A User can have multiple Roles.
A Role can be mapped to multiple
Permissions.
I have a entity - USER that maintains information about the User. This info is fetched via LDAP (not DB) on first login. Now, for my authorization aspects, I need to also fetch dtls on User's permissions from above mentioned tables.
So I would imagine adding attributes to my existing USER entity
USER {
user_id,
first_name,
last_name,
etc
// Authorization
List<String> roles;
List<String> permissions;
}
Can someone pls help how I can use JPA to populate the roles and permissions Lists? Looked over internet, can't figure it out. thanks
I would create a USER table in your database and map it to a User object with the role and permissions. The User object then would include additional LDAP data.
Without a USER table you have nothing to map to.
Otherwise just query for the database using native SQL queries and populate your LDAP user object yourself.
Related
My customer has created roles with the names of the company's business divisions and sub-divisions. He wants to take the role the creating user is in, along with the next level up Role and populate that into two fields on the opportunity, to then use those two fields. (ROLE and SUB-ROLE) as Dashboard filters. Since the role is in the setup section and is also not a field on the user record, I'm assuming some type of Apex Trigger or Flow would be needed to take the role names of the creating user and then insert them?
They are new to Salesforce.. they have not tried anything yet.
I want to create authentication apis in Hasura. My user can have differrent roles when signing up. Thinking of maintaining an Enum table for the same. So that I can have a foreign key/type from it in the user table. However, I intend to create a postgress trigger on this enum table, such that everytime, new role is added, a new hasura role should also be created to allow for JWT authentication and authorization accordingly.
Where does hasura stores its Hasrua role.
Answer 1 (direct answer)
Not sure this is something the app developer should edit.
All Hasura metadata (including roles/permissions) is in Postgres.
The schema is "hdb_catalog". The table is "hdb_metadata".
You can query this using:
SELECT * FROM "hdb_catalog"."hdb_metadata" WHERE id = 1;
It contains a large JSON document. It's better to look at it using PGAdmin.
Answer 2 (dynamic roles)
It looks like you're trying to get dynamic roles in place.
There is a great Youtube video that explains how to model it:
https://youtu.be/-18zZO3DrLY?t=1370
I want to design a MongoDB schema where
There are multiple roles
There are multiple sites
users are mapped to sites with multiple roles like image below
The DB Schema is as below for Permission
**permission**
id
name
description
Role
**roles**
id
name
description
permission:[ids]
user
users
id
email
name
locationids:[ids]
unable to think through for
user_location_roles schema which will be easier to modify and easier to fetch from DB.
Please suggest schema that can be used
the UI for the site role user mapping is as below
Is it possible to add additional properties to the User object on the server in WAMS? I would like to store the Id primary key of my User table for (secure) use in my table scripts. At the moment the only id is the vendor specific authentication Id, but I'd like to be able to allow users to choose an authentication method. Currently my (simplified) table design is as follows:
User table:
id
googleId
twitterId
facebookId
name, etc...
League table
id
userId
name, etc
I'd like to store the user primary key in the userId field on the league table, and then query it to ensure that users only get to see leagues they created. At the moment, the user object in table scripts sends through a User object with the Google/Twitter/Windows authentication token and I have to do a query to get the primary key userID, everytime I want to carry out an operation on a table with a userId column.
Ideal solution would be that when the Insert script on my User table is called on registrations and logins I can do:
// PSEUDO CODE
function insert(item, user, request) {
var appUserId;
Query the user table using the user.userId Google/Twitter/Facebook id
If user exists {
// Set a persisted appUserId to use in all subsequent table scripts.
user.appUserId = results.id;
} else {
Set the GooTwitFace columns on the user table, from user.userId
insert the user then get the inserted record id
// Set a persisted appUserId to use in all subsequent table scripts
user.appUserId = insertUserPK;
}
}
Then, in subsequent table scripts, I'd like to use user.appUserId in queries
If all you are trying to do is authorize users to only have access to their own data, I'm not sure you even need the "user" table. Just use the provider-specific userId on the user object to query your "league" table (making sure the userId column is indexed). The values will be provider-specific, but that shouldn't make any difference.
If you are trying to maintain a notion of a single user identity across the user's Google/Facebook/Twitter logins, that's a more complicated problem where you would need a "user" table and the kind of lookup you are describing. We hope to ship support for this scenario as a feature out of the box. It is possible (but fairly messy) to do this yourself, let me know if that's what you're trying to do.
I have task to build application for user registration. I have 3 types of user (profiles)
1. "Normal" user
2. "Company" user
3. "Company2" user - similar like 2. but with few additional fields..
All users share some specific info, like e-mail and password (Login data), role, registration date etc.... So, I'm trying to "design" classes for this type of app using only EF Code First approach, but with no luck..
Do I need table (class) for :
USER - all kind of users with all their Login data (email and password) and UserType
USERTYPE - list of all user types (1,2,3)
USER_DETAILS - details of normal user
COMPANY_DETAILS - details of company
COMPANY2_DETAILS -details of company2
My problem is how to reference USER table with USER_DETAILS, COMPANY_DETAILS, COMPANY2_DETAILS. I hope so that you understand my problem :)
My classes (user management and profile) is implemented like http://codefirstmembership.codeplex.com/ example.
Thank you in advance!
You can use a normal inheritance model with Entity Framework.
I would just use a base class User that contains the login data (please don't store the password in the DB though, use a hash - Membership should do this for you already) and other user info, then you can add another class CompanyUser that inherits from User and contains the additional properties. Finally CompanyUser2 (needs a better name) can inherit from CompanyUser.
Having this in place there are different models you can use on how EF maps your classes to tables:
1.) Table-per-Hierarchy
2.) Table-per-Type
3.) Table per Concrete Type