I only have to draw up a UML class design for it.
The web portal should allow the user to pick from a hotel, or flight, or car rental or all 3 or 2 out of the 3. The user should be able to search through the products as a guest but will be redirected to register or login to purchase a product, Admins are allowed to remove or add products to the productdatabase. What I initially have is a general set up of the system however I need to implement design patterns. Now I already tried singleton but I see no reason for there to be only one instance in this portal.
1st half of my UML class diagram
2nd half of my UML class diagram
Related
If a user has the chance of asking for his role to be changed (for example : an employee asking to be promoted to leader ). Does the action belong to the Employee or to the leader ?
You question is tagged "use-case". Int this regard, there seems to be a confusion in your question about what an actor really is. Here is what the UML specs say:
An Actor models a type of role played by an entity that interacts with the subjects of its associated UseCases. Actors may represent roles played by human users, external hardware, or other systems.
If a user changes role during the interaction with the system, in the model, it's just like another actor interacts with the system. Example:
an user interacts with the system with the role of an Employee and "executes" some use-cases corresponding to the Employee actor;
this user gets promoted to a Manager.
With the new role, the user may "exectute" use-cases associated with the Manager actor.
A same user may play several roles with the system. But this does not change the model: the model is about all the users who have a given role at a given moment, regardless of the individual who performs this role.
Now in some cases, one role is a specialization of the other. This means that all the users having one role also have the other role. A typical example is if a Manager is always an Employee. In this case, you'd show the inheritance in your use-case diagram, to avoid replicating for Manager all the association of Employee with use-cases.
If your question is not about use-cases but about classes for authorisation management, then you'd need to reformulate your question. But before, have a look at the existing questions on SO, since there are many questions about class diagrams and how to assign users authorisations.
I am trying to understand DDD principles. And for practice, i want to have subscription. And i am wondering in a saas application for the sake of example, the user can only access the app if he is a subscriber and has an active subscription.
Is subscription part of the domain? If yes, when dealing with an third party like Stripe Payment, should our aggregate Subscription be aware of some data from Stripe like payment_method_id for the reccurent billing?
For me, Subscription is part of the domain model since there are some business rules (authorization, access_control).
I'm a bit confused.
I recommend having a look at "Context Maps". They show the relationship between Bounded Contexts.
To answer your question: yes a Subscription is part of your domain and therefore part of some Bounded Context within your control. Stripe is a Bounded Context not within your control.
So how you model stripe in your solution depends on the relationship and strategy thereof (see context maps). Are you Conformist? Are you in need of an Anti Corruption Layer? Are you in a Customer/Supplier relationship?
A conformist approach could well be to model all stripe properties AS-IS in your domain model. It is up to your understanding of the relationship
We have to authorize hundreds of users for a cube, and the users must be restricted to individual dimension members. Two dimensions are relevant for the permissioning, a datatype permission (with only 10 members) and a customer dimension (with 2000+ members).
Since one user can be permissioned for any number of datatypes and customers, we could build one role per datatype and one role per customer... ending up with 2010+ roles. The datatype roles are not authorized for any customers and vice versa, therefore we could enable users for any combination of datatypes and customers.
On the other hand, if we create one role per user, we end up with only hundreds of roles. I therefore do not see the benefit of roles in our scenario. We will probably use AMO to maintain the roles.
My question is, if there is a penalty when using one role per user or it this is a tested method. Of course I am also interested in any alternative approach.
Problem in this case is that you don't have any data that would help you automate the roles.
So in order to make use of suggestions by mmarie you will need to further develop your cube and to maintain the user-customer relationship somehow (more horrible admin work).
Technically your scenario seems simple enough to be handled by http://easyroles.com which was made specifically to help out in these situations.
Disclaimer: I am involved with eR tool, but there is no other way I can answer this question since there are no other tools that are made for this.
I have an application where a user can be linked to several companies.
The manyToMany relationship with the company is a distinguished entity called Associate.
I'd like to give to this Associate entity the exact same role functionnality as my FOSUserBundle User entity has. Important : if a user has a role_manager for one company, it should not be given the rights to access specific features of another company he belongs to too.
Is there a clean way to do this?
I'd like to check for instance if $this->getUser->getAssociate->hasRole('ROLE_MANAGER') is true.
What if I give a role array to my entity Associate? I've read it's not secure enough? Why? What could someone do to break that security if anyway my users have to pass through FOS security login checks?
I've found an article where using a voter is suggested. But I don't want to filter routes, I really want to check the condition against the link between a user and a company, so if a voter is the solution, how would I use it?
EDIT: if a better solution not involving roles or with different logic exists, I am interested in learning about it!!
So in my case, I actually one user can actually be only linked to a maximum of 4 companies, each of a different kind defined by its category.
The official doc would suggest using ACL, defining a role for every company or store the data in the entity. cf first paragraphs of :
http://symfony.com/doc/current/cookbook/security/acl.html
I used a combination of roles and business logic. I've created roles for every type of company and since one user can only have one company per type, I just had to check for the type and the role-manager associated to the type.
See my voter here:
symfony2 call is_granted in voter : how to avoid an infinite loop?
I'm new in UML representation. I couldn't map a UML representaion for below representation
1. Company have many users.
2. Each user may belongs to different company.
3.Each user may have different roles in different company.
If I have represent a UML diagram for this,how can we find the roles of a user in each company.
Information we get from this diagram:
1- A company can have many roles: manager, programmer are roles in company a
2- Every role belongs to one company.
3- A user may have many roles: be a consultant at company a and programmer at company b.
4- A role may be overtaken by many users: user 1 and 2 are both programmers at company a
What this diagram shows is the static structure, you cannot identify which specific user works for which specific company using a class diagram.
You can use an object diagram for that purpose, but an object diagram is useful for showing just a snap shot of the system with specific instances.