I am looking for a way to hide elements from certain user based on his roles in MEAN.js
e.g hide the "delete post" button from users who are not Admin etc..
Thanks
Mean.js stores user roles in user.roles array and it is available to you from Authentication service, which is included in default template for the controllers.
In controller you can do:
$scope.authentication = Authentication;
And you can use it like
<button ng-if="authentication.user.roles.indexOf('admin') > -1" type="button">
Delete
</button>
in your view to show anything specific to admin users in mean.js. This will hide this button from the users other than admin.
Related
Is there any way where we can add animation on a specific button click in RASA. The buttons are created in actions.py file of RASA chatbot.
You'd need to have a custom frontend in order to do that. The code for the actual visual component of the chat doesn't come from Rasa (though it integrates with a few via connectors), so you can connect it to your own chat widget with animations on the buttons.
You can do this in custom actions. I believe you need to fetch that data from your DB. When the user asks give me mobile no. xx, first you need to capture the name of that person in a slot.
Then in your custom actions make your API call to the DB or however you want to fetch the user details. Use:
# Fetch the data and store in the format used by buttons.
buttons = [{"title": "Shakir Sadiq", "payload": "/intent_name"}, {"title": "Shakir Sadiq", "payload": "/intent_name"}]
dispatcher.utter_button_message("There are 2 people with the name Shakir:", buttons)
Once the user selects a button again trigger custom actions and fetch his details.
I want to connect to our own oauth2 server, so I wrote an oauth2 login extension, there is the code when I get account information from oauth2 server.
$user = User::newFromName($username);
$user->setEmail($email);
$user->load();
if (!($user instanceof User && $user->getId())) {
$user->addToDatabase();
}
$user->setToken();
$user->setCookies();
$this->getContext()->setUser($user);
$user->saveSettings();
It will create user data if the user does not exist, but sometimes login will fail if you are not logout by click logout button, and I totally have no clue to solve this problem.
I found MediaWiki has login API, but it required a password and seems not has user auto-creating feature, any reference to accomplish it?
In MediaWiki 1.27+ login should be done by writing a PrimaryAuthenticationProvider (before 1.27 there was no non-hacky way to do it for non-password-based logins). See the inline documentation in that class, or this patch which provides similar functionality for OAuth1.
Following scenario:
I have a multi tenant web application in Yii2' advanced template.
This application has three portals:
- backend
- dashboard
- frontend
Each portal has its own user table for authentication.
(-frontend_user,
-dashboard_user,
-backend_user)
Frontend and dashboard can reached with the tenant's name at the end, e.g.:
When a user tries to login to dashboard or frontend I have to check if they have a right to login.
This happen via contingency table (e.g.: dashboard_user_tenant)
Now I want to build a rbac for the dashboard application.
But roles should not hang at the dashboard user but at dashboard_user_tenant (the contingency table),
because rights can change in each tenant's dashboard.
Yii2 has its own rbac system, but as I understand so far, it doesn't fit on my needs.
Any chances to customize Yii2's rbac or is it better to build my own custom solution? Maybe my own component?
I hope my description is clear enough :)
I had a similar desire in one of my projects, but I didn't create my own full RBAC system, instead I overwrote a way of checking for the roles
In my User component class, I extend the \yii\web\User, and also overwrite the can() function of that class. That lets me use my own way of checking for the appropriate permissions. For example
<?php
namespace app\modules\users\models;
use Yii;
use yii\web\User as WebUser;
use app\modules\users\models\UserPermissionManager;
class User extends WebUser
{
public function can( $operation, $params = [], $allowCaching = true )
{
if(Yii::$app->user->isGuest)
{
return false;
}
return ( new UserPermissionManager() )->has( $operation );
}
}
In the UserPermissionManager class, it queries a database table that is full of permissions such as "users:access", "users:edit", etc
They all have a certain user level assigned to them which relates to the user level I have set in my Users database table.
All the can() function needs to do is return true or false, depending on if this user has the permission to do what it's being asked. You can handle this however you like really.
It's quite a big system to explain fully in one post but I hope it's helped slightly, feel free to let me know if I can explain anything any better!
I would like users to be able to sign up a website made with Zotonic. According to the release notes of version 0.5.0, I should use the mod_signup module.
What is the correct way to use this module in a website? I've tried to create a "signup" page and to include the templates of mod_signup, without success.
When you enable the mod_signup module you will be able to use the signup form on the '/signup' page. Check the dispatch rules of mod_signup.
You will also need to enable mod_emailer and (optionally) mod_acl_simple_roles (disable mod_acl_adminonly).
Available config keys are:
mod_signup.request_confirm set to 0 or 1 to disable or enable confirmation e-mails
mod_signup.member_category set to the category for the new members (defaults to person)
mod_signup.member_visible_for the visibility of the new members, defaults to 0 (world viewable), choose 1 for only visible for members.
When some user create an object in the admin panel, I want that the author field of that object to be the user's name (The user that created it). How can I do it ?
I have something like this :
author = models.ForeignKey(User)
I want to know what user created each object.
Sounds like you want to do what James Bennett (one of the Django core contributors) describes how to do here.