I have an idea of doing a back office for my website. The problem is that, when I introduce a user who has, for example, two roles, I want the user to choose the role to work with, but I can't figure out how to do that. I've tried so different things such as putting the two roles separate with commas in MySQL and separating them in PHP but it didn't work.
let say you have a user table, and a user can have multiple role.
you can create a master table for role ( let say roles )
you can have a field on user table say user_roles -> it can have values like 1,2,4
note:- there should not be gaps between the numbers / comma
on the front-end you can take a mutiselect / tags UI element to input role for the user.
to fetch the role of a user at server side - you can use explode() + in_array() to check the role if exists
comma separated example
EDIT:-
It requires validation when adding roles ( ie: which user's role is allowed to select when already selected specific types )
For authorization, the user's roles should be added to the session :- this will help when allowing the user to do tasks he is allowed to do.
you can take a third table to maintain user's roles ( as suggested by #ADyson ), this will help if you want to join tables based on user + roles but you will need to join roles table for getting user data when starting session for the user.
Related
I am developing a web app which uses Firebase Authentication and Real-time Database. The sign-in method is via Google and then if the user is new he/she will be ask if whether he/she is a teacher or student.
Teacher: can create classrooms and add students using their user.uid. Each classroom has a unique classroom id. Can view the list of their students.
Student: can view their classroom, and classmates.
So How do I code two different types of users in Firebase for my web app?
What will be the rules to use in the database?
[UPDATED]
You could try this the simple way:
Create a JSON object to store the users information in a field depends on the usage:
a field isTeacher of type boolean (assume you won't add other user type) or
a field userType of object contain all the feature types (isTeacher: boolean, isStudent: boolean, isHeadmaster:boolean, etc.) or
a field of userType of type string
Create a method or condition to check the field of the user document whether is true for a particular user type / compare string (depends which one you use) by using if or switch case
Under each case / condition, show the elements of the web according to their privilege.
After signed-in, before the page load, do the checking using the function created
I need to hide Balance and Foreign currency balance columns on accounts page (Setup>Accounting>Charts of Accounts) for any other roles in this company besides the administrator.
I tried to create User Event Script for Account record type, I thought it could be used to zero out the balance fields get loaded. But my script wont get loaded until I edit an account. But I need my script to get loaded on Accounts list page. Please help!
The Chart Of Accounts list page is not scriptable with SuiteScript. Your best bet is to create a Saved Search where you filter out the accounts you don't want the other roles to see and grant them access to the Saved Search but not the Chart Of Accounts list.
Currently doing a chat app where a user could join multiple chat groups, something similar to what Telegram and Facebook Messenger has. Pretty straight forward. We're mainly using Firebase database for storing the chat groups and message details.
Sample DB structure:
To only get the chat groups a user has:
root/
users/
chatGroups/
$uid/
$chatGroupId: true
We then get the details of the chat group from a different node, same with the latest chat message in that group:
root/
chatGroups/
entries/
$groupId/
group details here...
messages/
$groupId/
$messageId/
message details here..
Everything above to get the data for a single group item that looks something like this:
All works fine. We initially get at most 5 chat groups at first, then just sort the list. The problem lies where we have to listen for updates for the chat groups -- group with the most recent chat message would go to top of the list.
The structure we have listens only to the list of groups the specific user has -- we could detect groups joined (onChildAdded) and left (onChildRemoved) by the user, but it doesn't contain the timestamp we need to sort the chat group list by the most recent changes timestamp.
Has anyone tried this similar behavior with Firebase before (we're doing a client for both Android and Web -- Javascript)? Any ideas or suggestions would be appreciated. Let me know if you need some relevant details to make things clearer.
Because there is no auto-created metadata in Firebase about when a child was added, updated or deleted and also because those operations doesn't contain the information you are searching for, you need to create your own mechanism by adding the local timestamp for each operation or by writing a server-side timestamp.
There is another approach in which you can use denormalization. Add those chats to a new created section named uxChats. The chats will need to contain only the text message and the timestamp. If you are using FirebaseUI then you can reverse the order just using this lines of code:
LinearLayoutManager layoutManager = new LinearLayoutManager(getActivity());
layoutManager.setReverseLayout(true);
layoutManager.setStackFromEnd(true);
recyclerView.setLayoutManager(layoutManager)
Latest chat goes on top.
Hope it helps AL.
I'm new on the SharePoint world and right now I'm facing a little adversity.
Right now I do have a list that represents a collection of books. I also created a button with JavaScript that will allow the users to order them for a temporary time.
For this matter when the user clicks on the button, it'll change some column values from that list item, such as: the status, order and return date, some counters... I tested with my account and everything was working fine until I remember that I do have the permissions to edit this list. However if it's a end user, he'll receive (correctly since they haven't permission to edit) the "Request failed. Access denied. You do not have permission to perform this action or access this resource" message and won't be able to order the book.
Well, I could give the permission to this users in order to edit the list, but that way they would be able to delete and edit some columns that they aren't suppose to.
Do anyone have any suggestion/solution?
Thanks in advance!
With this type of scenario, I would suggest using more than one list, so you can manage the books and orders separately. Also, create a workflow in SharePoint Designer that starts when an order is created. This workflow will perform the operations that you are doing in JavaScript.
Here's a basic implementation plan:
Book List - Give users read only permission to this list.
Book Order List - Give users Add permissions to this list. Add a lookup column to the Book List.
Book Order Workflow - Perform the management of the order and inventory statuses here. App Steps can be utilized to run specified actions in the workflow with elevated privileges.
I have website which uses URL parameters e.g. example.com?key=value.
Let's imagine I have business card generator but besides parameters like name, surname. I want the user to provide a key to access it.
An example key can be gI8ol3dAci, I want my Javascript to check it before doing everything else. The key will be in a MySQL database table, I want to block IPs that entered wrong keys after 3 times and I want to store how many times key has been used. I was thinking about the following concept:
Check if IP is not blacklisted (3+ failed attempts)
Check if the key is working
Add 1 to count of uses of this key
The thing is I am not sure if it will be safe using JavaScript.