Restrict access to a page when event fires - laravel

i have created a booking system which synchronizes with Google Calendar every 5 minutes and also truncates and old data and fetches new one from calendar, this process takes about 2-3 seconds.
What i want to do is, when the event to fetch data from Google Calendar fires, i want to disable access to the route of the booking system for these 2-3 seconds then enable it again when the event ends, i want to do this because it truncates the old data and fetches new one, so if a person is looking at the booking system this 2-3 seconds all the book schedule times will be free and i don't want this to happen.
Is this kind of thing possible?
Thanks and regards!

Well, my suggestion is to create a new field in your users table something like : is_google_sync_active and route middleware.
Then just before you will start sync. you change that field to true and in your new middleware you may check whether your sync. is active or not, then when your sync. ends you just change the value of field again to false. So, every time when user tries to pass to your sync route he will be passing your middleware which wil handle all job.
In addition, you can redirect user to page which shows status or progress if the sync. is processing.

Related

Change data in the database after indicated time

In a certain amount of time after the user clicks a button, I need to have some data in the database changed.
For example, there is a sessions table with the is_active(default value 0) field and two buttons. After the first button clicked the field has to be equal 1 for 5 minutes; after clicking the second button field has to be equal 0 immediately.
In the first place, I thought Queues or Task Scheduling might be the solution, but I don't see how make it works
Is that even possible to do by Laravel?
Yes, you can with some help of the database. You can define a schedule that runs once in a moment, and you can push a record to the database when an user clicks a button. Then on the scheduled task, check if there are any tasks need to be run in that moment, or past moments etc. Then delete the task when it's done from the database. Be aware that on the next query, if there are jobs still running, add an extra flag to the table saying that the job has started, and don't run that again.

Want to build an attendance management system using MEAN stack

I want to build an attendance management system using MEAN stack. The application should work like this -
There will be an admin who will control CRUD operations on User and as well as look into the Attendance of each user and have a detailed list of average attendance of the user per month and per year.
There will be a user page and when the user logs in i want to store the date and time in the client side and then send it to the database. So that based on the time and date the admin can see when the user has logged in and mark the user as present for that particular day.
I want to know how to store the date and time in the client side and then pass it onto the database for calculations. Also wanted to know that is it necessary to authenticate in the front end as well?
May be I am late, but I can try to answer your query.
You can store date and time as an object and pass it via request parameters to the backend to store it in the database.
You can take a look a the following on how to get date and time in Javascript How do I get the time of day in javascript/Node.js?

How handle bot to count pageviews

I don't know how exactly handle this situation. I have a directory where I count the pageviews for each item. For authenticated users I only count as new pageview after a delay of 200 seconds between requests. For unauthenticated users I use the IP and also 200 seconds of delay.
I use a redis SETEX to verify and then the key will expire after 200 seconds. If the key doesn't exist, then insert a new page view.
Something like this
item_id:user_id (authenticated users)
item_id:ip (unauthenticated users)
Well, this works fine until a user try to increment intentionally the page views for a specific item. I have almost 3000 views for a specific item only yesterday (in last year the page has only 150 views...). So, he created some bot to visit the page with a delay to avoid my validation.
I need to register legit pageviews, but I need to avoid the type of fraud. Any idea?
As far as I know, the best way for handling bots is a way like Google Analytics.
Google Analytics works by inserting a JavaScript snippet into the
header of your website. This snippet counts a page view whenever a
visitor triggers that JavaScript, and most bots do not process
JavaScript.
You can integrate some kind of CAPTCHA in your application to limit the number of times a user can view the page within a specific amount of time.
Upon a set number of views within a given duration (say, 20 views in under 3 minutes) from the same user or IP, make them verify the CAPTCHA each subsequent time they try to view the page.
Issue a Token for every page view request. Store the token in the Cookie.
User your already available IP or USER_ID as a filtering mechanism.
After page loaded, User the token, old_token from the cookie, Operating System, Browser Name and IP / User_ID to validate the request.
Give two different timings, like 200 second expiration time and 3600 seconds of grace time, if any of the above data matches within the grace time, don't count the page view.
You can also extend this by keeping track of page views within grace time and create some methods to validate pageview request.
I usually register the Request Time together with the Request to measure the Visit Frequency and the Visiter Count per certain Time Span.
When you register all the Request that come in with with the item_id, user_id, ip and timestamp you can afterwards process the Registers by grouping them by user_id, ip and timestamp.
That way you can find out the amount of Hits per Second and identify and exclude those who clear surpass the normal Activity Pattern without loosing Data.
Often I use the Web Service Logs to generate Statistics about Visit Frequency to certain URLs on a hourly, daily or even monthly basis.

How to prevent two users to edit one row from DB

i am using Spring/Hibernate/ZK. In one tab i get object from DB for editing by user, but second user can open the same tab and the same object for editing . I want to informed second user whit message like "This object is аlready open" and hide buttons for save.Тhus second user can see current data from DB to this object but can`t edint him.Is there a way to check session for this object or another way to do that.
The other answers mostly look at the database, but if all users use the same zk application to access the database, you could keep track of opened objects in the Composer or ViewModel (depending whether you use MVC or MVVM; I'll just call it controller).
Your controller would need a static list of objects that are currently modified. If a user requests to open an object that is not in the list, everything is fine and your controller enables the fields and save button. Otherwise, those are disabled and/or you display a message.
The tricky part is clearing objects from that list. If a user presses the save button, you just remove the object from the list. But what if the user doesn't and just closes the tab or their session just times out? In this case you need a callback, or a mechanism that regularly checks whether the screen is still open.
You could achieve this by adding a zk timer to the tab that pings every now and then and updates the timestamp in your static list (so make it a map). If a new user tries to edit the object, check how old the last timestamp is. If it is old enough (i.e. the previous user saved it or abandoned the screen), allow them to edit it.
Still, you have to think about what to do if a user just keeps the screen open. How long are they allowed to keep the lock on the object? This is an issue in Microsoft Office as well. If multiple users try to open an Excel file from a network location, the first one gets to lock and the others cannot save until that user saves.
You may have additional field which indicates that column is being edited. When first user starts work, the field would be updated. The second user would query object with 'on hold' status and your code would handle this.
Other way - use Hibernate #Version field in your entity. It holds object version which is incremented after every update operation. If second user would save object after first one already saved, it would throw OptimisticLockException which you could handle in your code. More about optimistic and pesimistic locking: Chapter 5. Locking. Related discussions: Hibernate Automatic Versioning and When to use #Version and #Audited in Hibernate?
The best solution is to use Optimistic Concurrency Control with Versioning and when Hibernate throws Concurrency Update issue due to same row is being updated in two transaction then use one of below strategy
First Wins Strategy
Last Wins Strategy
Merge Conflicting Update Strategy
First Wins Strategy is not good solution as it leads to lost update and user will get frustrated that all his work is lost.
By Last Wins Strategy one of user will get error message that you are working on Stale data and start your transaction again . By this way also user can get frustrated due to fact that now again he need to restart operation from beginning but his changes will not lost.
Instead go with Merge conflicting Update Strategy, when Hibernate throws Stale object exception reload screen with new data and user will see updated result and allow him to proceed with latest data. In this user changes will not loss and user will not get error message , just his screen reloads with fresh data and he can decide whether to proceed or not .
You can take example any e-commerce site and you will get one of result of either Last Wins Strategy or Merge Conflicting Update Strategy. Two user can start to by one item but one of user will get message in last screen that item is not stock.

Notification bar on website - how to avoid multiple notifications for same user

I am building a website that will notify users of certain changes to their account via a notification bar at the top of the screen (similar to the way SO notifies of new badges).
In my DB I have a table that list the events and also a flag to denote whether they have been notified of the change yet or not. The table is of the form :
UserID AccountEvent EventDescription HasBeenNotified
ABC123 1 Your price deal ends in 2 weeks FALSE
What I would like to achieve is:
Customer logs in and is shown notification (assuming one needs to
happen)
Customer clicks to acknowledge message
DB HasBeenNotified field set to TRUE (to acknowledge notification has occurred)
I have been able to achieve all this but there is a snag!
I am putting the events that need to be notified into the HttpRuntime.Cache with a 10 min expiry so I don't need to keep polling the DB.
The issue this creates for me is that a customer could potentially see multiple notifications of the same message until the cache expires, for example:
Customer logs in and app logic looks in cache and says customer ABC123 needs to be
notified of X
Customer then acknowledges message (which updates DB to set notification flag to TRUE)
Cache does not yet reflect updated DB so if customer navigates to new page the same notification message is fired (until cache expires)
As far as I know I cannot update the actual data within the Cache (can only Remove data from cache based on cache key).
Can anybody provide hints and tips of how to get around the issue of multiple notifications?
Why not burst the cache? Remove that key from the cache?
Or you can update the cache by setting it again to new HasBeenNotified value or even set it to null which you should deal with and accept as empty.
HttpRuntime.Cache["YourKey"] = "";//new object/value;

Resources