Imagine a website that agregates online ordering for many restaurants and is built using parse.com.
In parse.com there is a class called Order where all of the orders are stored.
Each order belongs to one, and only one, restaurant.
When querying the Order class, each restaurant can only read (and write) its own orders. A restaurant should not see (and write) orders for other restaurants.
To solve this, I've tried using one role per restaurant and add the restaurant-role to the each restaurants order's ACLs. So I've created one role for each of the Restaurants using the following naming taxonomy: Restaurant-[restaurantObjectId].
I have taken care that user's belong to their respective restaurant-role.
I've also fiddle with Class Level Permissions (CLPs) without results: either total access or total lack of access, none of access limited to restaurant data.
Any clues?
It seems that one has to have make the Find operation available to the Public. Otherwise it gives the not authorized error.
Related
I'm looking to build a budgeting app where users can categories transactions (i.e. entertainment, rent, utilities, etc).
Is it possible to categorize plaid transactions by needs/wants? aka rent is under the need category, restaurants are under a want category.
I've looked here but am struggling to find any info: https://plaid.com/docs/api/products/#auth
You can use the /categories/get endpoint to see all the categories used by Plaid. From there, it should be pretty straightforward to essentially create a mapping where for each category you classify it as a need or a want. (This is a determination you'd have to make yourself; need/want info is not built into the API.)
In my elasticsearch setup I want to search amongst a large collection of payments (billions), where each payment has multiple account names. This is due to each user being able to name assign a personal name to each account, while an account can be shared by many users. 1 account, many names (1 per user).
Simplified payment structure:
Payment {
"agreementNumber": 12345,
"accountNumber": 123456789,
"amount": 17,
"currency": "EUR",
"accountName" : ...
}
The user needs to be able to search for and sort on account names, however the result set must differ based on user.
Eg. if Bob and Lisa both have access to the same account, but have made individual naming, sorting on account name would make the payments appear in a different sequence. The rest of the payment details however remains unchanged. This example could be repeated for several thousands users that created their own naming.
Consideration I have made:
Flattened or inner object
I am unable to flatten the structure of the payment to contain all possible account names, and only use the account name for the specific user given the context. That would mean that all payments made with said account number would need to contain all names, and all payments with said number would need to be updated every time an alias is created, updated or deleted.
Nested
Here I would create one collection of names that I refer to in my parent. This would lighten the storage as I only maintain the account names once. This comes with limitations that an update to my nested element (list of account names), would trigger a reindex of all parents (payments) as well. As one account number can be part of thousands to millions of payments this would be very expensive.
Parent/Child relationship
Having account names as children of the parent means, that I can update the child and parent independently negating the drawback of nesting. However Elasticsearch doesn't support joins as far as I have understand, meaning I would get payments and account names as individual documents.
How do I structure my account names without it being crazy expensive?
Note
The limitations mentioned stems from this post:
https://www.elastic.co/blog/managing-relations-inside-elasticsearch
Using the Google Classroom API method userProfile, I can get various information about a user, including their name and email address, but not whether they are a student or teacher. How can I determine whether a user is a student or teacher?
Classroom does have the concept of teachers and students, however the distinction between teachers and students is only meaningful relative to a particular course (it’s possible for a user to be a “teacher” of one course and a “student” of another) and so you might not be able to use these categories to apply access controls in the way you were expecting.
For example, if alice#school.edu is a member of a particular course’s courses.teachers collection, and bob#school.edu is a member of courses.students, then you can use this information to decide that bob#school.edu should not see certain content created by alice#school.edu. (For example, you might not want to show Bob the answers to a quiz that Alice has created on your website, just the questions.)
However, because by default all users can create courses, you probably do not want to show alice#school.edu sensitive information created by teachers of other courses, information intended for teachers that you provide (for example, if you are a textbook publisher), or giving her domain-wide admin features.
If you need to distinguish between “real-world” teachers and students, we recommend that you do this via a mechanism entirely separate from Classroom, such as checking that the user’s email address appears in:
a separately-maintained list of teachers (e.g. CSV uploaded by admin)
the classroom_teachers group – domain administrators can choose to verify teachers to allow them to create new classes (use the Directory API to list a user’s groups)
Classroom api dosent provide global role for a teacher or a student its vary from course to course so you can just call student/teacher api
after that you will get json output and you find a special permission for teacher "Create Course" it will help you to recognized that the person is teacher.
"permissions": [
{
"permission": "CREATE_COURSE"
}
]
in case of student this array will be null.
having a brain failure with a relationship between three objects, hoping someone can help me out.
I have four models: Team, User, ProjectType and Project
Team has many User, has many ProjectType
User belongs to many Team, has many ProjectType
ProjectType belongs to manyUser, belongs to many Team, has many Project
Project belongs to ProjectType
As a single user can belong to many teams, I want to request the ProjectTypes that a User has access to, but only within the Team they are currently logged in with. It may be the case that a User has access to project types across multiple teams, but will only be logged in to one team at any time, so I need just that subset.
I'm hoping this structure makes sense, but I'm struggling to get access to the data I want easily
So I'd like to do $user->projectTypes and get all project types for that user, but only the subset of the team they're currently logged in with.
Equally, once I've got that, I want to be able to get $user->projectTypes->projects within that set.
I'd like to do this whilst maintaining all of the nice relationship methods I get with Laravel, but am struggling to setup the data structure to support this, and get the data in turn.
Worth adding I'm using Laravel 4.2, but am not desparately tied to it, and can upgrade to 5.x if necessary to get this functionality.
Once you've defined the relationships as you've described, you can access the ProjectTypes that belong to a User, that also belong to a certain Team (in your case $teamid should be the id of the Team that the User is currently logged in to) like so:
$projectTypes = $user->projectTypes()->where('team_id', $teamid)->get();
To easily access a collection of all Projects that belong to all ProjectTypes that belong to a User, you would first define the HasManyThrough relationship like so:
class User extends Eloquent {
public function projects()
{
return $this->hasManyThrough('Project', 'ProjectType');
}
}
Then you can access that collection like so:
$projects = $user->projects;
And finally, to access the Projects that belong to the ProjectTypes that belong to a User, that also belong to a certain Team (i.e. what it seems you're looking for), you can use lists() to get a list of relevant ProjectType ids, then whereIn() to filter for those within that list:
$projectTypeIds = $user->projectTypes()->where('team_id', $teamid)->lists('id');
$projects = $user->projects()->whereIn('projecttype_id', $projectTypeIds)->get();
I have an application where users of the application can have many contacts ( other users of the application ) related to them. I would like to maintain a relation between a single user and its set of contacts. At any given point of time, I do NOT need to know anything more than the direct set of contacts for a particular user, i.e, contacts of contact of a particular user is not of relevance in this application.
Any suggestion on how to organise this data within the database? Please note that the number of users could go up really high.
Just to add some extra info, the database I am using right now is Mongodb and language being used is Ruby.
The only model right now before thinking of building all these relations is the Users model which stores details of each user registered onto the application. Now as I mentioned above, I need to built the specified relation between the user and its set of contacts. Any help would be highly appreciated.