I have a liferay entity (log table) that has a primary key auto generated by Liferay Service Builder (service.xml).
However now an external application need to add entries to this same database table.
Looking at this requirement I see only two options to achieve this:
If I can specify within service.xml that can allow this database entity to use MySQL generated primary key (rather than Liferay counter services), then Liferay or External application both can add entries without any worries.
If #1 is not possible due to Service Builder limitations, then only option is to expose this entity using a liferay web service for the external application to add entries to this db table.
DTD Service Builder 6.2.0
The answer to your question is directly in the xml document description.
First Example
The second implementation generates identifiers that are unique only when no
other process is inserting data into the same table. This implementation should
NOT be used in a clustered environment, but it does work for all supported
databases.
Example
<column
name="id"
type="Integer"
primary="true"
id-type="increment"
/>
Second Example
The third implementation uses an identity column to generate a primary key. In this implementation, the create table SQL generated for this entity will
create an identity column that natively auto-generates a primary key whenever
an insert occurs. This implementation is only supported by DB2, MySQL, and
MS SQL Server.
Example
<column
name="id"
type="Integer"
primary="true"
id-type="identity"
/>
A hard to come by piece of information is how to override the create method in your generated persistenceImpl class. When you create a surrogate key in Liferay you generally use the CounterLocalService to increment. However, when your key is handled by the database you need to send in 0 as the argument.
public SoftwareKey createSoftwareKey() {
return softwareKeyPersistence.create(0);
}
Your first point it is not a good idea, primary keys would be managed entirely by Liferay.
However your second point it's the correct way to accomplish what you want, take a look here.
Related
Is it possible to add data into commands on certain MongoDB collections?
The use case here is for simple management of multitenancy. We have data that doesn't contain the tenant's id and we then want to insert the tenant's id in on every command (find, update, updateOne, insert, insertMany, etc.) to particular collections (some collections are generic tenant wide collections). We are using the MongoDB driver (rather not use Mongoose).
Currently, we have to remember to add the tenant id whenever we use a command, but this is a bit dangerous as it is possible to miss adding the tenant's id...
Thanks!
Out of the box Mongo does not come with this feature set.
Mongoose actually shines for these kind of things with its middleware infrastructure.
If mongoose is not an option you can look into these smaller hooks implementations:
https://www.npmjs.com/package/mongohooks
https://www.npmjs.com/package/mongodb-hooks
They give you something to work with I believe.
In the end we created a helper function which we passed the data to. The helper then adds the tenant's id to any commands nessasay and send the command to MongoDB.
This allows us to control when to restrict by tenant per collection per command type.
We are using Spring Integration Aggregator to aggregate list of line item for a given order. Now we do store group message info in db. But what we noticed is that it is using UUID kind of value as group_key in table INT_MESSAGE_GROUP table. Is it possible to customize this to use order id (always unique in our system) so that we can troubleshoot aggregation issue in production envt by running query against the db by order id.
I did noticed that internal it is using Correlation key as group key but not sure why it did not used our Correlation key(which is order id) since we configured our custom Correlation strategy in aggregator configuration.
Fyi we are using spring integration 4.1.2
since we configured our custom Correlation strategy in aggregator configuration.
The AggregatingMessageHandler has a logic:
Object correlationKey = this.correlationStrategy.getCorrelationKey(message);
...
UUID groupIdUuid = UUIDConverter.getUUID(correlationKey);
So, if your correlationStrategy is correct, you have correlationKey as your order id.
Although yes, it will be still as an UUID in the DB.
That's because an UUID is exactly CHAR(36) and fully compatible between different RDBMS vendors.
We have an open JIRA on the matter, but I fully don't believe that it is reasonable to blow DB with custom String keys with different lengths.
Consider to find (or write) some DB function to build similar UUID based on your order id key for those troubleshooting queries.
Or... just provide some Groovy script for your customers to get that UUID string using java.util.UUID.nameUUIDFromBytes('myOrderId'.bytes).toString() from Java!
I'm working on two Domino databases that contain XPages :
the 1st database is a public database,
the 2nd one is restricted to a group (let's say the HR team)
I'm building an XPage in the public DB and I need to populate a sessionScope variable with the data of the HR's database (for example the HR id of the user)
So, as the normal users will not have access to the HR DB, a #Dblookup is not allowed.
Using sessionAsSigner method needs to re-sign all elements of the db each time a developer is modifying a XPages component (otherwise the sessionAsSigner element is unknown).
Then, how to query a database that I do normally not have access ?
Do I have to call an agent with higher access than the connected users ?
And then, how to populate the sessionScope variable ?
Any help will be greatly appreciated
There are a few options, but as Knut says, without a shadow of a doubt, the best practice approach is to use sessionAsSigner.
Source control can be used to allow multiple developers to work on their own instance of the design. Swiper can be used to suppress signatures from the source control repository to minimise conflicts.
All other options I can think of (e.g. periodic exports, using a runOnServer agent) will take longer to code, be more complex and will require you, as the developer, to manage the security implications of exposing the data.
I am still quite new to MVC, and still trying to wrap my head around the security of MVC.
At the moment, it seems that each 'Action' in controller is restricted by the Roles/Users values listed in the 'Authorize' attribute if present. In a way, this is hardcoded, and will require code change each time the roles link to each controller 'Action' is changed.
I am wondering, is there a way I can use a database to store these values, and retrieve it dynamically instead?
Eg of tables in DB :
- Table to store Action/Role links
- Table to store all Actions
- Table to store all Roles
- Table to store Role/User links
- Table to store all Users
This way, I need not hardcode the required roles for each 'Action' with an 'Authorize' attribute. A change in DB will suffice.
Is the above possible?
Thanks!
Yes, you can do that, but not without writing some custom code.
Take a look at the Thinktecture Resource/Action based authorization. It will allow you to plug in your own AuthorizationManager class.
I'm investigating ServiceStack's Authorization feature and want to use Couchbase as my data store. I understand there isn't an IUserAuthRepository implementation for Couchbase so I'd have to develop my own, which isn't a problem.
The issue I am having is if I store the built-in UserAuth object as-is, CB it uses the Id field as the document identifier. This is a problem because I believe the identifier should be object type specific, otherwise a separate 'bucket' would be required to prevent conflicting id's across different objects. I don't really want to have lots of buckets unless I have to.
My preference would be to have the document id set to the type of the object plus the object specific identifier.
eg Using Id "UserAuth_1234" or using UserName "UserAuth_MikeGoldsmith"
Is my assumption of trying to re-use a bucket for different application objects valid or should I be thinking about a bucket per object-type / namespace?
Any direction would be welcome, both from Couchbase and ServiceStack enthusiasts.
Thanks
Additional Info
Ok, so from John's answer I will assume my additional property for the object type is valid.
I found this post where Mythz suggests the BootStrapApi example extends the AuthUser with custom properties. However, to me it looks like the AuthUser is persisted twice, first as the AuthUser and again as the User object (both times using the OrmLiteAuthRepository). Am I right?
Essentially, I want to utilise the SS auth feature, but control the POCO object that will be saved into Couchbase. Can someone give some direction if this is possible and if so, what I need to implement / hook into?
I tried implementing a Couchbase version of IUserAuthRepository, however it uses the UseAuth concrete type so I can't use my own object.
I also tried hooking into the OnAuthenticated method of AuthUserSession but at this point the UserAuth POCO will have been persisted using the register IUserAuthRepository.
I'm happy to use the CredentialsAuthProvider as I just want username/password authentication. More could be added later.
Thanks again!
Buckets are loosely analogous to databases in the relational world, so generally they shouldn't be mapped to application objects. I'm not familiar with ServiceStack's auth feature, but your suggestion to use meaningful, prefixed keys seems reasonable and is a common approach for providing document taxonomy.
Keep in mind that in Couchbase, there's no field in the document that's considered an "id" or "key" field. The key used to store the document is available in metadata, but is not part of the JSON document itself. So if you're able to take advantage of views, then you could also store a document with a type attribute and then query by some non-id property. In other words, the key in the key value doesn't have to be the way you retrieve the user auth document.
Also, there are developers who use key prefixing as a way to provide document taxonomy for views, so you're key pattern above would work for that too. My preference is a type property, but that's no more valid than your suggestion.
I've come across the ServiceStack UseCase examples, with one that addresses my Custom Authentication issue directy.
I was able to override the TryAuthenticate method and use my own UserRepository that backs onto Couchbase.