I have a simple "use case", imagine I wish to clone the Facebook application with Xamarin & Azure.
After reading this : https://learn.microsoft.com/en-us/azure/cosmos-db/social-media-apps
I noticed that I can store my datas into a set of collections/document (SQL API).
But when I have to handle millions of relationships, it does not work, I have to use a Graph API database !
So, for this I need to create a database on Azure, here is what I will do for now :
1 - One Cosmos DB database - with SQL API (Collection) with :
a) A collection for user
b) A collection for publication
2 - One Comos DB database - with Gremlin API (Graph) with :
a) A graph to manage the relationships between a user and a publication (ie. user A like publication B)
So, the SQL API database will manage all the records, and the Gremlin one for
all the complexes relationships.
So, I have a few questions:
1) Do I really need 2 unconnected database ? Or it is a bad design ?
Because each time I add a user, I need to add a document in the collection,
but also a vertex ! It is a double management !
2) When I insert a document into a collection, it generate an "id" with a
GUID key automatically. Can I use this ID as a key for my vertices ?
Maybe a user and a publication can have the same GUID ? and so, in my graph
I don't know if my vertices is a user or a publication ?
Is there another way to manage this ?
Thanks
Krysalid. Why you want to create 2 database for your situation? Per my understanding, you could choose SQL API or Graph API.
SQL API:
Create user collection and pub collection.If you want to query what publications the user likes, just store pub id array in user document.
{
"user":"jay",
"likePubArray":
[{"pubId":"A"},{"pubId":"B"}]
}
If you also want bidirectional query, please store user id array in pub document.
Graph API:
Create user vertex and pub vertex and add target property in vertex.
Hope it helps you.
Related
I am new to web development, so the question might be trivial.
I have some physical devices, which will transmit humidity (and other stuff) to Azure Cosmos DB. I want users to be able to read their devices only(through a graph in a web app). All devices end up the the same collection.
I have set up a system in Azure in the following way:
Device -> Azure IoT-Hub -> Azure functions -> Azure Cosmos DB.
The web app uses Azure B2C for users to be able to sign in, but how do i "assign" device-id´s to a user? I have read that it is possible to create access tokens with specific access to certain partition keys, but how do I store the information with access permissions for each user? Do I need a new database for storing this information only?
In the beginning it is fine if I have to grant permissions manually.
General info:
The data in the Azure cosmos db are using device-id as the partition key.
Users can have more than one device.
The web app is running ASP.NET core (I am new here).
The web app requires log-in to be accessed.
I am coding in Visual Studio 2019, and have used the example with a build-in authorization.
Thank you for your help.
NOTE: It might be too much to ask for, but a general explanation together with a code example would be perfect for me :)
UPDATE:
I managed to fetch the email of the logged in user:
#using System.Security.Claims; // for using ClaimsIdentity
// Get user information
var userEmailAddress = ((ClaimsIdentity)User.Identity).FindFirst("emails").Value;
My initial idea is then to have a database containing: "Email" and "accessible devices". I guess this has to be a separate database since i need the Time-To-Live parameter in cosmos db.
You might be able to achieve what you are looking for by using Resource Tokens.
As in this sample from the documentation, you can assign permissions by partition key:
//Create a user.
Database database = benchmark.client.GetDatabase("SalesDatabase");
User user = await database.CreateUserAsync("User 1");
// Create a permission on a container and specific partition key value
Container container = client.GetContainer("SalesDatabase", "OrdersContainer");
user.CreatePermissionAsync(
new PermissionProperties(
id: "permissionUser1Orders",
permissionMode: PermissionMode.All,
container: benchmark.container,
resourcePartitionKey: new PartitionKey("012345")));
Alright, I have been busy with other projects, but i finally came back to this issue.
So basically the reason why I wanted a separate database was because I need the TTL on the Azure Cosmos-DB, and I do not want to delete the user permissions.
It turns out that it is possible to overrule the database's default TTL by setting a "ttl" field in the document itself. Thereby it is possible to exclude documents from being deleted.
So the basic solution is:
Create a documents with a "ttl" parameter set to -1 to exclude it from being deleted. Then this document can contain information about which users have access to what.
I have a customer that owns a carpet cleaning business and we have all of his different franchisee's data in a multi-tenant database model and we would like to move this data into a data warehouse in snowflake. I don't want to have to build a separate database for each customer because then I have to keep each database up to date with the latest data model. I want to use 1 data model to rule them all. I have a tenant ID that I keep with each record to identify the franchisee's data. I want to give a set of credentials to each franchisee to where they can hook up their analytics tool of choice (tableau, power bi, etc.) and only get access to the rows that are applicable to them. Is there a way to secure the rows they see in each table based on their user. In other words some sort of row level access control similar to profiles in postgres. Are there any better methods for handling this type of scenario? Ultimately I want to maintain and manage the least number of elt jobs and data models.
This is the purpose of ether Secure Views, or Reader Accounts.
We are using both, and they have about the same technical hassle/setup costs. But we are using an internal tool to build/alter the schema's.
To expand on Simeon's answer:
You could have a single Snowflake account and create a Snowflake role & user for each franchisee. These roles would have access to a Secure View which uses the CURRENT_ROLE / CURRENT_USER context functions as in this example from the Snowflake documentation.
You'd have to have a role -> tennant ID "mapping table" which is used in the Secure View to limit the rows down to the correct franchisee.
A new database has been added to our project to handle user authentication. I am working on linking the existing project_db.User table to the auth_db.Auth table. The goal is to pull User information such as FirstName, LastName from our new table.
I have been able to access the new db via raw SQL queries, but I then need to map the data out to create the User object for the front end. Ideally the User entity could be set up so it will point to the proper columns of the proper databases, so queries can be made in traditional TypeORM syntax.
I am creating an application that should allow users to create or join a group with other users. Every user in a group will have access to some common information. The users are currently stored in a Postgres database with attributes: name and email. I am trying to create a model for groups that would contain a list of authorized users that can access its material.
One approach I thought of was creating a new table in the database consisting of rows of groups and each group had a column: 'authorized_users' which contained an array. However, I read that this is bad practice in SQL.
Another approach would be to create a new table each time a group is created and store the authorized users in that table.
I was looking for help to see if there is an API for node that already performs this, or if any of you have suggestions on how to implement this group model.
You need a new table that keeps the users in groups info, modelling a many to many relationship:
users_groups:
user_id,
group_id,
(optional) can_read, can_write, etc
I have a question about transaction on Azure CosmosDB (with SQL API) where I have to edit two items on collection A and create other item on collection B.
I’m developing a project where there are exchange of points. So I have users with status of their points and I have to save the transaction for history. On a SQL database, I start a transactions, do the operation of update user A balance, update user B balance and create a new row on tickets with all details of operation and if it is good, end the transaction. But I have dudes about how to do on Azure CosmosDB. I have a collection where there are users with their balance, and other collection with tickets. So, with stored procedure, I can update user A and user B because both are on the same collection and if some of them fail to update, the collection isn’t edited (as transaction of SQL database), but, how to create the new ticket? Because If I have understood the documentation correctly, it works on same collection, but it doesn’t work with different collections.
Could you give me some advice about how to do it in order to do the 3 operations on the same transactions?
CosmosDB only supports transactions within the same partition.
This means that you cannot have cross containers transactions and you also cannot have transaction between 2 documents with different partition key values.