I'm using mongoose in my nodejs application, I have two Models: an Employee and Organization , I want to attribute some permissions to employees who belong to an organization like inviting or deleting other employees
I've created a mdoel ACL(_id,_empId,_orgId,[permissions]), but I'm not sure if will do the trick
What Models do I have to add in my database, knowing that I need just few permissions
Related
First of all i'm new to Jhipster, i've read the official documentations but i still can't seem to find a solution to my problem (i've been stuck for almost 3 weeks now), that's why i decided to ask here for help.
So, i have an application where i need to create an entity called employee and i need to create a user account with the additional fields taht are specified in the employee entity, so in other words, when i fill the form to create a new employee that will not only create a new one but it will also automatically create a user account for that emplyee.
What i've tried doing up until now, is creating a new employee entity and link it with a OneToOne relashionship to the USER entity (created by Jhipster) but the thing is, in that case i would have to create a new user and then add the additional information for the employee, wheareas i need it to be in the same form, to create an employee and the user linked to it at the same time.
Any help will be really appreciated.
What you want to do is not supported off the shelf by JHipster, you have to code it manually.
In backend, you could do it by defining a DTO that combines both entities, a RestController that exposes it and a service that is responsible for orchestrating persistence.
In frontend, it's the same you have a component that contains the form to update this DTO and call your REST API.
Alternatively, if a User is always an Employee, you could also merge them in a single User entity.
Of course, this depends on which authentication type you selected which defines where users are managed.
I am writing my first API with NestJS and I am looking for a smart way of managing access to resources. I have the following simplified structure:
organization:
users
products
users:
email
organization
products:
organization
more data
I use Passport JWT and Local strategies. But I want to make sure only users from inside the organization can update and create products for that organization.
I have looked at nest-access-control but can't figure out if it can be used for this.
You can create a third table called 'memberOrganization', with the following columns:
membersOrganization
idMembersOrganization
idUser
idOrganization
idPermission
and a fourth table:
permissions
idPermission
permission
That way you could check if that user is a member of that organization and what permissions they have (using leftJoins). Depending on permission, you allow the creation of such products.
Holpe this helps.
I am creating an application that should allow users to create or join a group with other users. Every user in a group will have access to some common information. The users are currently stored in a Postgres database with attributes: name and email. I am trying to create a model for groups that would contain a list of authorized users that can access its material.
One approach I thought of was creating a new table in the database consisting of rows of groups and each group had a column: 'authorized_users' which contained an array. However, I read that this is bad practice in SQL.
Another approach would be to create a new table each time a group is created and store the authorized users in that table.
I was looking for help to see if there is an API for node that already performs this, or if any of you have suggestions on how to implement this group model.
You need a new table that keeps the users in groups info, modelling a many to many relationship:
users_groups:
user_id,
group_id,
(optional) can_read, can_write, etc
I am brand new to Azure so please bear with me ...
Using export tool in SSMS I managed to copy all of my tables from local database to Azure.
Now the most important part, adding users and mapping them to a database is unexplained.Also adding roles to database.Maybe it is explained but I sincerely dont understand a word of it. Seen some movies on YouTube but they mostly deal with database creation. SSMS is virtually useless for the Azure task (Or at least I do not know how). Also I can not find any tool on Azure dashboard to do it with.
So can someone to me explain in plain english the functionality of this stuff.
What I could fathom is that you need to add users first to the Master database. Ok, I add user with a query:
CREATE LOGIN USER1 WITH PASSWORD = 'AG123SAL#'
So the user is added to the Master database.
Now, how do I map this user to a certain database?
How do I set what he can do?
And how do I add roles to my database and add user to role ?
This is all very hard for a total newbie ...
You can use Contained user database model,instead of old model..The way to do this is to connect to database on which you are trying to provide access to a user and run
CREATE USER mary WITH PASSWORD = 'strong_password';
to provide permissions to this user
ALTER ROLE dbmanager ADD MEMBER Mary;
Microsoft recommends this model ,when using SQLAzure since this is database as a service..Below is a quote from microsoft on same
As Microsoft evolves the SQL Database service and moves towards higher guaranteed SLAs you may be required to switch to the contained database user model and database-scoped firewall rules to attain the higher availability SLA and higher max login rates for a given database. Microsoft encourage you to consider such changes today.
If you are looking for old model of login-user based heirarchy,you can read below
to create login:
create login mary with password='password'
Now to map user to database,you need to create user and map to that login.Login to the database ,you want to provide permissions and create user
create user marydb1 from login mary;
you also can assign roles as well
ALTER ROLE dbmanager ADD MEMBER Mary;
Updated as per comment :
create role
create role rolename AUTHORIZATION db_manager*;
*:this should be user has total permissions on the database..since we may use this as base
now add permissions to that role
grant select,update,delete to rolename;
now add users
ALTER ROLE rolename ADD MEMBER username;
Look at this sql server authentication with Azure SQL Database tutorial
https://learn.microsoft.com/en-us/azure/sql-database/sql-database-control-access-sql-authentication-get-started
I am trying to implement collection level access control using mongoose in my web application. I have created users with different roles. User with superadmin role can do anything however user with guest can read all the collections values but can only write to certain collections.
But with mongoose, i am finding it extremely difficult to implement this feature. With mongodb native driver we can exports db object based on user role and query the database with db.collections object but with mongoose i am not sure.
Should i create multiple connections at the initial and then pass the connection object based on user role to the model file and create mongoose model every time user role changes or what do i do?
I have done a lot of coding with mongoose. so i cannot choose mongodb native driver. How do i do it? please suggest