Is just a question about laravel seeding, if I want to make my app portable, it is a good practice to save app-work-essential data in DatabaseSeeder laravel class?
If not? How could I do it?
Seeding is used to bootstrap the application. If the data is just enough to get the application up, seeding is the official way to do this; especially if you are in an environment using Continuous Integration/Deployment. The paradigm is that you, as developer, shouldn't have to have direct access to the database to install or update the application. I don't necessarily believe that needs to be true, but it is a nice ideal to shoot for, as it means the code will be more portable.
One very important exception is based on the idea that the seeder is typically versioned, so it shouldn't contain sensitive or private information. Things like real user password hashes (a temporary admin password is alright), HIPAA, FERPA, social security numbers, bank account information, etc. etc.
Related
I am looking for a solution that lets me interconnect several databases.
But let me explain it with the exact example:
I have a main domain (front page for public clients) and four sub-domains (development, management, client, ...) in the clients webhosting.
Each domain has its own database and runs different software (WordPress, dolibarr, sysPass, our own software), but all databases are stored on the same mySQL server.
If a CRUD is made, I want that the other databases also "do" something with that data.
Basically, automation.
For example - a user on development.subdomain.xyz sets a project task to "finished".
When the UPDATE is done to the "development" database, I want an INSERT with parts of that data into the "management" database and an UPDATE towards the "client" database.
I could write up some script that connects to all four databases and does the operations necessary.
But that feels a little hard to maintain if multiple users shall have access to this "logic" system?
I could also use the provided API's and process the data (again in a script form rather than implementing a whole UI).
That feels like adding an unnecessary, extra security concern and again hard to maintain?
If I want to add additional functionality - like sending an Email as well, that would even make it harder for non-coders to interact.
So I found several of these "Low-Code Business Process Management" tools and now I'm at a loss.
Is that what I'm looking for? Can you throw me some tags, keywords or links to guide my search for possible solutions?
I do not even know how to call such a system or search for it - which stops me from progressing.
Thank you for all tips :)
Can someone explain to me why you can't connect to a MySQL DB directly through dart from a security point of view?
There is no hard guideline on whether to connect frontend directly to backend or not. It is just a design practice that has been widely accepted and evolved over many years.
Typical app structure consists of
FRONTEND -> SOME MIDDLE LAYER -> BACKEND
Where your middle layer handles all the interactions/processing with the database and the frontend uses this functionality with some sort of API structure. Having this layer is extremely helpful when the application goes to scale, it gives an added abstraction to the frontend.
It is not advisable to directly fuse your frontend(your flutter app), to the DB(MySQL) because any efficient hacker might use basic man-in-middle attack to know your DB structure/connections/queries(There are some pretty effective decompilers present out there), and alter your data and you might not even get to know what caused the data to update unless you've applied some checks on DB layer.
Also, your frontend logic needs to be more of end-user centric than to handle the data of the user. Any backend system(java, node, etc) gives you added functionality & freedom to parse and present the data from either side.
You can use the sqlite package available to store basic data, like your session tokens, your app configurations etc, but it is advisable to keep the main user data like the logins, etc in a separate place, or better yet, you can use the firebase plugin to store data in document structure in the cloud.
I am working on a project and one of the key components is creating customized user profiles. I already have a schema design for the user data that will generate said profile. But I am lost on how the technology works.
I am mostly front-end so it has been sort of overwhelming. The goal is to allow multiple user profile creations and so far I have only seen that this can be achievable via NodeJs or PHP. I have not found any guides.
I am not sure if I am asking the right questions.
Any help is appreciated. Thank you.
Since you mention you already have schema for the user table, I assume you are going to design your own database and backend node.js API to handle user profiles. You may want to build authentication functionalities in the future. If you are not familiar with Node.js yet, I recommend you to start with https://www.tutorialspoint.com/nodejs/index.htm. It's a good tutorial for beginners.
The whole purpose of a back-end node.js API is building numbers of service with specified route. Once a http request is made to a particular path, it takes parameters and execute some script. In you case the scripts will do something in database containing user profile data, for example, add a row in your data table. This operation is equivalent to creating a new user. Then, the API send response to front-end.
Keep in mind maintaining user profile data is nothing special than regular data. You should be able to pick it up with a couple of days training if you know javascriopt. But if you have to build authentication functionality you need more technologies.
I am very new to database design and structuring - I have had no formal training and am purely self taught so I apologize in advance if this is a bland question.
I am designing a web app and am thinking to the future as users will have to be able to interact with each other sharing part of their data. I am wondering if there is a standard convention to controlling access to tables in MySQL and how I should generally tackle this problem with code written in NodeJS, ExpressJS, KnexJS, and BookshelfJS.
For example: a user will be matched with another user, both users will be able to see location, favourite book, etc but not able to see last name, birth date. etc.
How do I control this?
If anyone could point me to a few resources they have found helpful that would be great as well.
You seem to have learned a bit of MySQL and its access control features. Well, database user level access control IS NOT used by modern applications -- that could make resource management, like connection pools, very hard to implement. Usually SQL databases backing web applications have a single or, at most, two users: one for general data access and one for admin purposes.
The kind of access control you mentioned MUST be handled by your application code, YOUR code. There are libraries that help take care of authentication (e.g. passport) and authorization but ultimately it is YOUR CODE responsibility.
So my answer to your "How do I control this?" question is:
With YOUR code.
This is the whole point of Software Development.
First a bit about the environment:
We use a program called Clearview to manage service relationships with our customers, including call center and field service work. In order to better support clients and our field technicians we also developed a web site to provide access to the service records in Clearview and reporting. Over time our need to customize the behavior and add new features led to more and more things being tied to this website and it's database.
At this point we're dealing with things like a Company being defined partly in the Clearview database and partly in the website database. For good measure we're also starting to tie the scripting for our phone system into the same website, which will require talking to the phone system's own database as well.
All of this is set up and working... BUT we don't have a good data layer to work with it all. We moved to Linq to SQL and now have two DBMLs that we can use, along with some custom classes I wrote before I'd ever heard of Linq, along with some of the old style ADO datasets. So yeah, basically things are a mess.
What I want is a data layer that provides a single front end for our applications, and on the back end manages everything into the correct database.
I had heard something about Entity Framework allowing classes to be built from multiple sources, but it turns out there can only be one database. So the question is, how could I proceed with this?
I'm currently thinking of getting the Linq To SQL classes all set for each database, then manually writing Linq compatible front ends that tie those together. Seems like a lot of work, and given Linq's limitations (such as not being able to refresh) I'm not sure it's a good idea.
Could I do something with Entity Framework that would turn out better? Should I look into another tool? Am I crazy?
The Entity Framework does give a certain measure of database independence, insofar as you can build an entity model from one database, and then connect it to a different database by using a different entity connect string. However, as you say, it's still just one database, and, moreover, it's limited to databases which support the Entity Framework. Many do, but not all of them. You could use multiple entity models within a single application in order to combine multiple databases using the Entity Framework. There is some information on this on the ADO.NET team blog. However, the Entity Framework support for doing this is, at best, in an early stage.
My approach to this problem is to abstract my use of the Entity Framework behind the Repository pattern. The most immediate benefit of this, for me, is to make unit testing very simple; instead of trying to mock my Entity model, I simply substitute a mock repository which returns IQueryables. But the same pattern is also really good for combining multiple data sources, or data sources for which there is no Entity Framework provider, such as a non-data-services-aware Web service.
So I'm not going to say, "Don't use the Entity Framework." I like it, and use it, myself. In view of recent news from Microsoft, I believe it is a better choice than LINQ to SQL. But it will not, by itself, solve the problem you describe. Use the Repository pattern.
if you want to use tools like Linq2SQl or EF and don't want to have to manage multiple DBMLS (or whaetever its called in EF or other tools), you could create views in your website database, that reference back to the ClearView or Phone system's DB.
This allows you to decouple your web site from their database structure. I believe Linq2Sql and EF can use a view as the source for an Entity. If they can't look at nHibernate.
This will also let you have composite entities that are pulled from the various data sources. There are some limitations updating views in SQL Server; however, you can define your own Instead of trigger(s) on the view which can then do the actual insert update delete statements.
L2S works with views, perfectly, in my project. You only need to make a small trick:
1. Add a secondary DB table to the current DB as a view.
2. In Designer, add a primary key attribute to a id field on the view.
3. Only now, add an association to whatever other table you want in the original DB.
Now, you might see the view available for the navigation.