First of all i'm new to Jhipster, i've read the official documentations but i still can't seem to find a solution to my problem (i've been stuck for almost 3 weeks now), that's why i decided to ask here for help.
So, i have an application where i need to create an entity called employee and i need to create a user account with the additional fields taht are specified in the employee entity, so in other words, when i fill the form to create a new employee that will not only create a new one but it will also automatically create a user account for that emplyee.
What i've tried doing up until now, is creating a new employee entity and link it with a OneToOne relashionship to the USER entity (created by Jhipster) but the thing is, in that case i would have to create a new user and then add the additional information for the employee, wheareas i need it to be in the same form, to create an employee and the user linked to it at the same time.
Any help will be really appreciated.
What you want to do is not supported off the shelf by JHipster, you have to code it manually.
In backend, you could do it by defining a DTO that combines both entities, a RestController that exposes it and a service that is responsible for orchestrating persistence.
In frontend, it's the same you have a component that contains the form to update this DTO and call your REST API.
Alternatively, if a User is always an Employee, you could also merge them in a single User entity.
Of course, this depends on which authentication type you selected which defines where users are managed.
Related
I’m trying to understand why Vaughn Vernon (in the Github Sample code for the red book) includes tenantId in every repository get or find method. Particularly those that are doing a basic getById.
In one example he uses username to provide the identity of a User, and the business rule that usernames must be unique within a tenancy, so:
class UserRepository:
public User userWithUsername(TenantId aTenantId, String aUsername)
Makes perfect sense.
But in his other BCs he is using an identity value object based on a GUID, but still combines that with a tenantId when retrieving from a repository:
class ProductRepository:
public Product productOfId(TenantId aTenantId, ProductId aProductId)
Even the CQRS example, uses a combination of tenantId and entityId for its repositories single get method.
Its ubiquitous throughout, but I can’t understand why it would be necessary. If a product, backlog item, forum, calendar etc all have a globally unique identifier, why would you need anything more to query them?
If using this to ensure only entities for a particular tenant can be retrieved - this doesn’t seem to be a responsibility expected of a repository, but rather authentication etc, and so why include in every repositories query method?
Note, I understand why having tenantId as an attribute of the entity is required, and how it could be used to enforce some unique constraint. When retrieving a product however, wouldn’t productOfId(ProductId aProductId) suffice?
He does touch on this with “In the case of a multitenancy environment, the TenantId instance is also considered part of unique identity.” What value does combining two GUIDs to determine identity have over just the one?
I don't think this is specific to DDD, but to multitenancy. Regardless of how you design your application, you need to be able to tell if a record or entity belongs to a tenant or another. So, even if the IDs are globally unique, therefore don't need another ID part for deduplication, you still need the tenant Id.
On a more practical note, you can find the utility of the tenant Id on every entity if you need to provide a restful API on top of that data. Most likely, your API structure will look like the following:
api/{tenantId}/entity-type/{entityId}
You will have to validate that the user doing the request has access to the given 'tenantId' based, for example, on the claims in the authentication token. If the user has access, then you'll read from the database. But, if your repository only accepts 'entityId', then it will return that entity regardless of the tenant it belongs to and a user from tenant1 could get data from any other tenant only knowing the Id. You can, of course, add a check of the tenant id after loading the entity, but sooner or later you will forget to add it. If instead, you follow the practice of always adding the 'tenantId' to your repositories, then this check is built into the queries themselves, making the whole process more consistent and efficient.
On a side note, there are other ways to add a tenant Id check on all your queries, which will achieve the same goal without having to manually pass it to every repository method call and query implementation. For example, you could put the tenantId on a context and inject it using DI resolving your Repository. With SQL Server, you could use row-level security, so that the tenantId check is part of a table policy, instead of adding it to all the queries on that table.
I want to add 15 new fields to my user account creation page in Liferay. How it is possible other than custom fields, expando tables? Because I know how to use custom fields. I have more fields so it will be difficult to manage. Through hook I want to add more fields to account creation page.
Fields are related to user.
Create one selectbox that will have list of organizations available in my application.
Create one selectbox that will have list of roles available in my application.
onclicking of save button that should redirect to 3rd party payment gateway. Once paid amount it will create account for that user.
After paid amount all the above fields need to add under extra table with related columns and maps to the user_ table with userId as a primary key.
assign that organization to the user which is selected above and similar for role also.
I am using Liferay 6.2. Please let me know if any one have any ideas!
Learn Java. A modification of the platform to the extent that you're mentioning won't work without knowing Java. You'll introduce all kinds of issues in your system.
Then there are two options:
Just implement a custom portlet that takes all the values that you want, saves them where you want and queues them in your payment system. Disable Liferay's "do-it-yourself-signup" and place your own links to the "create account" portlet. This will be easiest to maintain
Alternatively, override Liferay's JSP that's used for the "create account" UI as well as the action that's handling the data. The default implementation would save everything in Liferay's database - including custom fields. As you implement it yourself, you can do whatever you want with this data.
I've been reading about and playing with ASP.NET MVC lately, to figure out if it will be the new framework for an exisiting product.
The product consists of a multi-user website where the customers are created by me and added to their respective companies. Each user then has access to do some stuff, add data etc. in the scope of his own company.
How would I go about creating a structure like that in MVC?
I basically want to be the "super-admin" that can create new users, add them to companies and control their rights.
The regular users will also have different user roles (admin, user, guest) within their company.
I've got pretty much everything else set up (MVC and the Entity framework is awesome), but I just need this last layer of separation.
Any help is much appreciated.
There's really two pieces to this. The first is roles. Simply create a clear designation between roles for a company versus roles for the entire application, for example: "Admin", "CompanyAdmin", "CompanyUser", and "CompanyGuest". There, I literally mean "Company", not a placeholder for a specific company name. You should only have one set of roles applicable to all company users.
The second piece is a form of ownership authorization. Each user is assigned to a company, surely through a foreign key on your user entity. Your routes will contain some component that identifies the company being utilized, whether that be via a subdomain, or just part of the path, i.e. /FooInc/Bar/Baz. In your actions, you'll use this component to look up the company from your pesistence store and then compare that with the company the user is assigned to. If the two do not match, then you return a 403. Otherwise, you let the user proceed.
There's many ways that can be done. You could use an action filter, base controller, etc. That's largely up to you and the needs of your application. Regardless, ASP.NET MVC is very capable to handle such a thing.
I have an application where a user can be linked to several companies.
The manyToMany relationship with the company is a distinguished entity called Associate.
I'd like to give to this Associate entity the exact same role functionnality as my FOSUserBundle User entity has. Important : if a user has a role_manager for one company, it should not be given the rights to access specific features of another company he belongs to too.
Is there a clean way to do this?
I'd like to check for instance if $this->getUser->getAssociate->hasRole('ROLE_MANAGER') is true.
What if I give a role array to my entity Associate? I've read it's not secure enough? Why? What could someone do to break that security if anyway my users have to pass through FOS security login checks?
I've found an article where using a voter is suggested. But I don't want to filter routes, I really want to check the condition against the link between a user and a company, so if a voter is the solution, how would I use it?
EDIT: if a better solution not involving roles or with different logic exists, I am interested in learning about it!!
So in my case, I actually one user can actually be only linked to a maximum of 4 companies, each of a different kind defined by its category.
The official doc would suggest using ACL, defining a role for every company or store the data in the entity. cf first paragraphs of :
http://symfony.com/doc/current/cookbook/security/acl.html
I used a combination of roles and business logic. I've created roles for every type of company and since one user can only have one company per type, I just had to check for the type and the role-manager associated to the type.
See my voter here:
symfony2 call is_granted in voter : how to avoid an infinite loop?
Is there a quick way to mark a custom entity as readable by all users via a Customizations.xml entry?
I have been successful in creating the custom entity I need, but cannot seem to make it readable by newly created users without creating a security role (with read permissions for the entity) and applying it to ALL users.
Is there a way I can ensure that everyone (even newly created users) have read access to a custom entity?
Sorry the question, but why do you need an Entity for each user that is readable by everyone?
I mean is not the same to create a record in one entity and filter it with custom views if you want to?
Users need at least one role to be able to log in, so I'd suggest to create one common role that is assigned to everyone. Then you can grant permission to read your entity in this common role.
This approach might help you also in future, when you'll have to allow access to other entities for everyone.