We have been building applications using Wavemaker's application building platform and now we wanted to assign multiple roles to a single user? Can this be done and how?
To achieve the above requirement, create a separate table for user roles, say user_roles.
For Example, USER table contains the fields: user ID , Name etc
USER_ROLES table contains: user ID, Role_Name etc.
Using the fields as mentioned above gives provision to have multiple roles for a single user.
Related
One of my project where we are displaying the group claims from Azure AD is failing because the user is part of a huge number of groups. Is there a way to check if the logged in user is part of a specific group and dispaly / filter the group claim to show only specific groups?
If you are using Microsoft Graph API to get the group claim, you can filter with the group id like this:
https://graph.microsoft.com/v1.0/users/{user id}/memberOf?$filter=id eq '{group id}'
Obviously this requires you to know the group id in advance. Group name is not supported to filter.
You can also get all the groups by https://graph.microsoft.com/v1.0/users/{user id}/memberOf and filter the group name in your own code. Then return the filter result to the group claim.
I am creating an application that should allow users to create or join a group with other users. Every user in a group will have access to some common information. The users are currently stored in a Postgres database with attributes: name and email. I am trying to create a model for groups that would contain a list of authorized users that can access its material.
One approach I thought of was creating a new table in the database consisting of rows of groups and each group had a column: 'authorized_users' which contained an array. However, I read that this is bad practice in SQL.
Another approach would be to create a new table each time a group is created and store the authorized users in that table.
I was looking for help to see if there is an API for node that already performs this, or if any of you have suggestions on how to implement this group model.
You need a new table that keeps the users in groups info, modelling a many to many relationship:
users_groups:
user_id,
group_id,
(optional) can_read, can_write, etc
Can you add a user to multiple groups in one login?
No. A user can only belong to one group max. In the UI you can only select one and via API you can only specify one group_id.
Yes. You can add a user to multiple groups at a time provided your application separates your Authorization logic.
For eg, If you have 3 groups i.e., Customer, Manager and Administrator then the customer must have a different login interface where only customers can login, the manager must have a different login interface where only managers can login and so on. This can be achieved but it consists of lot of code related tweaks to be done.
But the recommended approach is that to assign a user to one specific group and manage the permissions at group level.
I need to implement the store based access to web portal. For that we have created the following roles
Admin
Store Manager1
Store Manager2
I am able to implement authorization for Store Manger 1, Store Manager 2. If there are around 500 stores do I need to add 500 roles in active directory since each role has different view?
It sounds like quite a lot of work to make roles for each store. Though you could automate it with PowerShell, to me it seems a bit weird.
You could instead just have a Store Manager role, and then on your app side check which stores they access to. One way would be a relational table with one column being the user's id and the other a store id they have access to. You can query that when you authenticate the user and store the values in claims/session data.
I am editing user security and am trying to give a user access to an e.List item. I select the user using the [...] button and successfully find that user by searching in our AD domain.
After I select the user and press OK, that user does not come into the CAC, just this error The filter will only accept groups and roles. Users will not be added to the filter. I don't see any filters here at all.
Have you seen this before and is it possible to set up security by users?
Thank you,
WE
Answer from ericlfg on http://www.cognoise.com/community/index.php/board,15.0.html:
Hi William,
The message you are receiving is by design. In order to add a specific user, rather than a group or role, that use needs to be a member of some kind of hierarchy in your security provider.
Ex: If you're using cognos groups and roles with a Role called "Test". You would populate this test role with members from your namespace. In the CAC, you would then select the Test group when you click on the elipsis and then that will allow you to select your individual user (or alternatively the Test role).
The same would be true if you're trying to add members directly from your 3rd party authentication provider. The individual users need to be part of a roll-up role or group in order to add that roll-up role or group to the filter. Once added to the filter you can select the individual users.
Hope this helps.