I have little problem with permissions in my future social application.
Platform will nonrel db (Google's BigTable).
In my application each user has groups (for example: friends, collaborators, family...). In group has some friends (like in Facebook). And can publish some content (news, short text, ...) only for this group.
If I have user in my group it is my friend. Like in Facebook, but more groups.
My idea is, that each user can see (on himself "feed") all last content of all friends in one page (like as Facebook's Top news).
But I have problems with creating simple query.
For example:
SELECT * FROM News WHERE group_key IN [list_of_groups_where_i_am]
This works good, but there are sub-queries and limit of list is 30 items.
Other way is strong caching of content.
Does anybody have some idea? Or any study material, example...
With a requirement like this you can optimize for either read or write, but usually not both. You have the write optimized version - just write a record with the right group key but have a complex query to get content for all the groups.
The read optimized version would be to write the content (or just its id) to a feed for each user, which makes the read query very simple.
Related
I've just spent a long time reading documentation about the Google API Places, and there's some information I don't quite understand.
I need to build an application that can record a travel plan for a user, so a sequence of places.
For this, I need a very simple form, with a "destination" input, which will use "Autocomplete Places".
This endpoint return a place_id for the selected location, which is the only thing I'm allowed to store in a database, according to Google's terms and conditions.
So in my idea, I'll store this id, and a itinerary would be made of a sequence of place_id, without the need to store the place name or anything else. To display the user's itinerary, I'd just have to make Place Details queries, with the identifier.
But the documentation specifies that these ids can change over time, so they advise to redo queries "periodically" to refresh the place_id.
But how can I redo queries if I haven't stored any information about the place, other than the place_id ? Do I need to store the name of the place (and do I have the right to do that?) to be able to retrieve its ID, or am I missing something?
Another thing: I didn't find, or didn't understand, in the terms of use, if I was allowed to store data generated by my site beside Google IDs, for example, to store comments about places.
Sorry if I make language mistakes, im not fluent in english.
Thanks !
When building the query and type graph structure in a GraphQL API, where would you put highly contextual queries that only apply to the viewer?
On the top-level (query.friendRequests)
This would remove noise in the User entity and only keep queries in there that are queryable for all users. Not just the viewing user.
It would add much more top-level queries with a risk of them becoming specialists in specific things which is not really thinking-in-a-graph and model-data-around-business-logic ideas.
On the viewer entity (query.viewer.friendRequests)
From a data perspective, this makes more sense to put it underneath the viewer entity (which is a User type). friend requests always belong to a parent object which is always a user.
Other Examples
Dashboard widgets
User notifications
Action items / TODO items / Task lists
Messages
Counters and badges
What are you guys' thoughts on this? What would be a good best-practice to follow for viewing user contextual queries that don't apply to other user entities in an API implementation?
We have always put it under a specific field in Query. First we started with a me query that would return a user. But this did not turn out very practical because the user type got very big and also most fields did not need the whole user object but only the user's ID. In your example we would have done two queries
SELECT * FROM account WHERE id = $id
SELECT * FROM friend_request WHERE account_id = $id
Unless we would query a trivial field on the me query the first query was completely wasted.
Then we got inspired a bit this thread and especially this answer from Lee Byron
Viewer is what we used everywhere at FB, so it’s stuck with me. Also, a Viewer is not a User, it’s an Auth session - which references a User. So there’s a useful distinction of terms.
Now we have a viewer query that returns a Viewer object. This object then has a field user to query the actual user object. This also might or might not help solving the problem around private and public fields on your user object.
I'm working on a portal based on Orchard CMS. We're using Orchard to manage the "normal" content of the site, as well as to model what's essentially data for a small application embedded in it.
We figured that doing it that way is "recommended" for working in Orchard, and that it would save us duplicating a bunch of effort in features that Orchard already provides, mainly generating a good enough admin UI. This is also why we're using fields wherever possible.
However, for said application, the client wants to be able to display the data in the regular UI in a garden-variety datagrid that can be filtered, sorted, and paged.
I first tried to implement this by cobbling together a page with a bunch of form elements for the filtering, above a projection with filters bound to query string parameters. However, I ran into the following issues with this approach:
Filters for numeric fields crash when the value is missing - as would be pretty common to indicate that the given field shouldn't be considered when filtering. (This I could achieve by changing the implementation in the Orchard source, which would however make upgrading trickier later. I'd prefer to keep anything I haven't written untouched.)
It seems the sort order can only be defined in the administration UI, it doesn't seem to support tokens to allow for the field to sort by to be changed when querying.
So I decided to dump that approach and switched to trying to do this with just MVC controllers that access data using IContentQuery. However, there I found out that:
I have no clue how, if at all, it's possible to sort the query based on field values.
Or, for that matter, how / if I can filter.
I did take a look at the code of Orchard.Projections, however, how it handles sorting is pretty inscrutable to me, and there doesn't seem to be a straightforward way to change the sort order for just one query either.
So, is there any way to achieve what I need here with the rest of the setup (which isn't little) unchanged, or am I in a trap here, and I'll have to move every single property I wish to use for sorting / filtering into a content part and code the admin UI myself? (Or do something ludicrous, like create one query for every sortable property and direction.)
EDIT: Another thought I had was having my custom content part duplicate the fields that are displayed in the datagrids into Hibernate-backed properties accessible to query code, and whenever the content item is updated, copy values from these fields into the properties before saving. However, again, I'm not sure if this is feasible, and how I would be able to modify a content item just before it's saved on update.
Right so I have actually done a similar thing here to you. I ended up going down both approaches, creating some custom filters for projections so I could manage filters on the frontend. It turned out pretty cool but in the end projections lacked the raw querying power I needed (I needed to filter and sort based on joins to aggregated tables which I think I decided I didn't know how I could do that in projections, or if its nature of query building would allow it). I then decided to move all my data into a record so I could query and filter it. This felt like the right way to go about it, since if I was building a UI to filter records it made sense those records should be defined in code. However, I was sorting on users where each site had different registration data associated to users and (I think the following is a terrible affliction many Orchard devs suffer from) I wanted to build a reusable, modular system so I wouldn't have to change anything, ever!
Didn't really work out quite like I hoped, but to eventually answer the question in your title: yes, you can query fields. Orchard projections builds an index that it uses for querying fields. You can access these in HQL, get the ids of the content items, then call getmany to get them all. I did this several years ago, and I cant remember much but I do remember having a distinctly unenjoyable time with it haha. So after you have an nhibernate session you can write your hql
select distinct civr.Id
from Orchard.ContentManagement.Records.ContentItemVersionRecord civr
join civ.ContentItemRecord cir
join ci.FieldIndexPartRecord fipr
join fipr.StringFieldIndexRecord sfir
This just shows you how to join to the field indexes. There are a few, for each different data type. This is the string one I'm joining here. They are all basically the same, with a PropertyName and value field. Hql allows you to add conditions to your join so we can use that to join with the relevant field index records. If you have a part called Group attached directly to your content type then it would be like this:
join fipr.StringFieldIndexRecord sfir
with sfir.PropertyName = 'MyContentType.Group.'
where sfir.Value = 'HR'
If your field is attached to a part, replace MyContentType with the name of your part. Hql is pretty awesome, can learn more here: https://docs.jboss.org/hibernate/orm/3.3/reference/en/html/queryhql.html But I dunno, it gave me a headache haha. At least HQL has documentation though, unlike Orchard's query layer. Also can always fall back to pure SQL when HQL wont do what you want, there is an option to write SQL queries from the NHibernate session.
Your other option is to index your content types with lucene (easy if you are using fields) then filter and search by that. I quite liked using that, although sometimes indexes are corrupted, or need to be rebuilt etc. So I've found it dangerous to rely on it for something that populates pages regularly.
And pretty much whatever you do, one query to filter and sort, then another query to getmany on the contentmanager to get the content items is what you should accept is the way to go. Good luck!
You can use indexing and the Orchard Search API for this. Sebastien demoed something similar to what you're trying to achieve at Orchard Harvest recently: https://www.youtube.com/watch?v=7v5qSR4g7E0
I need to apply a filter in some report for some users.
I was told that the best way to do this is a security filter but i discovered that security filters are applied to all the reports that the user open.
I need some kind o filter that filter an attribute on a user but just on some reports, not all.
example:
if report1{
if user1 then attribute = 1
if user2 then attribute = 2
}
let's say i have departments and chiefs of those departments.
It is not a matter of security but a matter of comfort.
I want to avoid the chief of a department to manually select (prompt) his department.
It would be more comfortable if the system would recognize the user and show the data of his interest.
There a different ways to solve this kind of scenario, depending on the level of flexibility you want to offer to your user and the effort you need to implement and maintain the solution.
The User Login way
No flexibility, low maintenance, more effort to implement
Use the User Login prompt. This is a system prompt (created by default MicroStrategy) that returns the user login. If you have a table with the data that a user can see like this:
UserLogin YourAttribute
user1 attribute1
user2 attribute2
user3 attribute3
... ...
You can create an attribute UserLogin to be parent of the Attribute you want to use as filter and then create a filter (User Login = User Login System prompt)that you will put in your report.
More detailed information can be found here.
Once implemented this solution will you need to maintain that new table and when the user run a report with that filter it will be able to see only his data. It's similar to a security filter, but now you can decide where to apply the filter.
Multiple reports for multiple prompt defaults
Flexibility, high maintenance, little effort to implement
For each user create a copy of that report with the proper answer as default.
Maybe you can create ten reports now, but if you need to modify that report tomorrow you will need to modify ten report or recreate again all copies with different prompt answers.
Anyway this is good for the users, because they can change the prompt answers if they need.
Using URL to answer prompts
Flexibility, low maintenance, variable effort to implement
Instead to run the report using MicroStrategy you can provide to each user a specific URL that, using MicroStrategy URLAPI, answer automatically the prompt.
Of course you need to prepare the URLs in advance or find a way to do it programmatically. This is a good solution if the user don't want to navigate the MicroStrategy web interface but just run the report.
Subscribe the prompt answers
Flexibility, low maintenance, medium effort to implement
Have the report with the proper prompt answer delivered to your user every morning (or when you want). Using MicroStrategy Distribution Services you can deliver a report or document to your user and for each user you can specify the correct prompt answers.
No user can receive the full report in their mail box or just a link to their history link, opening that link they will see the report with their data. Of course users (or probably you) will need to setup all the subscriptions required.
Final thoughts
In these case I prefer to leave flexibility to users and teach them how to use the product. Of course there are some people they have no time for this kind of things (usually C something levels), in that case the best this is to have the data delivered to their email.
I understand some of these options are not that straight forward to implement if you are new to MicroStrategy.
My suggestion: for now go with the subscriptions (if you can) or teach your users how to save their own copy of that report (in My Reports) with the prompt already answered (oh, yes, this was another option, but each user has to do it), every time they will open it now, the prompt won't show up (but if you change the original report they will need to do it again).
Let me know if you need more details.
Hi Sitepoint wizard people,
Say we have an admin application that has multiple users and various objects. What I'd like to do is control access within the object itself - that is, it will behave one way for one type of user, and another way for other users. For example...
Director Mike can override Reception user Sally's registration date. One would assume that Mike could set any date both in the past or in the future. Then we have Payroll user Steve who can also modify Sally's registration date, but only for dates in the past up until (for example) one year ago. To spice things up, then we have the HR Manager Mary who can also amend Sally's registration date, but only for dates from precisely 23rd June 2007 up until one month from now...
How can I program the access restrictions so that on the front end, the form control is restricted with a min and max date, and in the backend, the validator checks the entered date to make sure it falls between those dates? I'd obviously need to be able to tweak the min and max dates for each user type. Other objects might have different parameters - maximum amount on a discount field or days of the week for overtime, for example.
I've asked this question in different ways, but each time I get bogged down by the implementation. I'm currently developing it as a php/MySQL web-based application, but thoughts and comments from other platforms very welcome! This time I'm looking at first principles, so it doesn't matter what your background is, if you have any ideas, please let me know! What do you even call this type of access control...?
Depending of how you application is based, you could ask for credentials at the start of the application and depending on who is requiring access, you could load a different xml file containing different settings.
As for security issue, make sure that the different xml files can't be reached by the users.
Edit:
Since you are using MySQL you could do something like this.
Let's say you have a table of users that has those fields : UserId, UserName, RestrictionId.
And with a Restriction table that looks like : RestrictionId, FieldName, FieldCondition.
This way, in your php app, when a user is authenticated, you can go fetch the correct "Restrictions" on the field and apply them in your code. If it happens that you have multiple fields that require different rules then you can simply add them with the correct RestrictionId.
This DB design is far from perfect, I'm pretty sure you can do better
Since, you are already using MySql db. You can maintain the UserRole Master table details in DB itself. Load the user role data based on login, then you can easily validate the changes made by the user accordingly.