I'm trying to integrate custom table for authentication and role into PAS.plugin.sqlalchemy.
After customisation model.py I did manage to get my user table schema as we have in existing user table. But while installation of this pas, its create numbers tables inculding property table. Property table linked with user table through foreign key. I don't have any property table in existing scenario.
By seeing my trackback I can see while doing SQL fetch pas looks for users and property table as join query. we have data in our user (web_contact_auth) table but not in property table.
u'SELECT TOP 1 web_contact_auth.contact_number AS web
_contact_auth_contact_number, web_contact_auth.password AS web_contact_auth_pass
word, principals.id AS principals_id, principals.type AS principals_type, princi
pals.zope_id AS principals_zope_id, web_contact_auth.password_reset_token AS web
_contact_auth_password_reset_token, web_contact_auth.password_reset_expiry AS we
b_contact_auth_password_reset_expiry \nFROM principals JOIN web_contact_auth ON
principals.id = web_contact_auth.contact_number \nWHERE web_contact_auth.contact
_number = ?' ('admin',)
My questiones are:
how should I create data in property table ? Is there anyway that I can ignore property table and just fetch data from user table only.
Adavance Thanks your time for reading/reply.
Regards
WEBBYFOX
Just don't activate that plugin. I don't have a properties table. In /acl_users/plugins/manage_active, Properties Plugins, I have sql as the last option. I don't see anything else obvious.
Related
I'm sorry if my question sounds confusing.I just started learning web2py recently,in this exercise I'm trying to make a simple users management webpage with the admin can assign the users theirs work lists,note and deadline
db.define_table('auth_manager',Field('name','string',requires=IS_NOT_EMPTY()))
db.define_table('manager',Field('user','string','reference user.name'),
Field('workname','text',requires=IS_NOT_EMPTY()),
Field('deadline','date'),)
db.manager.deadline.requires=IS_DATE_IN_RANGE(format=T('%Y-%m-%d'),
minimum=now,maximum=now+datetime.timedelta(60))
I thought of adding the manager's username in auth_manager table using appadmin's new record function.This is my user table
db.define_table('user',Field('name','string',requires=IS_NOT_EMPTY()),
Field('password','password'),
Field('workname','text'),
Field('deadline','date'),
format='%(name)s')
I wanted to insert workname and deadline into user table right after I add those form on manager but I couldn't find any other methods except the update or update_or_insert functions but both don't work because those fields can't be empty and their ids aren't the same value and multiple references to a single table don't work .
One last question,I want to use web2py's RBAC but the first & last name fields are often unnecessary if I want to use a full name field is there other way to do it?
Sorry for the long post,I hope I made my question clear.
You can use the tables from auth and let web2py to handle everything in between.
The following code should resolve your problem:
db.define_table('manager', 'reference auth_user'),
Field('workname', 'text', requires=IS_NOT_EMPTY()),
Field('deadline', 'date'))
I have two database tables that one is the master one and the other one the Detail table.
I use dbexpress SQLQuery component for Master table, a Datasetprovider & a clientdataset. I checked Autorefresh, Cascade Deletes, Cascade Updates for the Datasetprovider of the Master Table. I also set on the updateData event of the Datasetprovider all the fields of the Master Table with the flag "pfInUpdate"
apart from the key field that I also set "pfInKey" & "pfInWhere" flags.
SQLQuery1.Active:=true;
SQLQuery1.sql.Clear;
SQLQuery1.SQL.Add('select table1.*,');
SQLQuery1.SQL.Add('table2.AKRO_B_ID,table2.AKRO_B_EETT,table2.AKRO_B,
...');
SQLQuery1.SQL.Add(' from PATH1 as table1');
SQLQuery1.SQL.Add('left join PATH2 as table2 ON
(table1.LINK_ID = table2.LINK_ID)');
ClientDataset1.Active:=True;
ClientDataset1.Open;
ClientDataset1.LogChanges:=True;
Datasource1.Enabled:=True;
I use dbexpress SQLDataset component for Detail table, a Datasetprovider & a clientdataset.
I use the following syntax on the Create Event of the main form for Detail Table Components:
SQLDataSet1.CommandText:='SELECT * FROM PATH2 WHERE LINK_ID=LINK_ID';
ClientDataset2.Mastersource:=DataSource1;
ClientDataset2.MasterFields:='LINK_ID';
ClientDataset2.IndexFieldNames:='LINK_ID';
SQLDataSet1.Active:=TRUE;
SQLDataSet1.Open;
ClientDataset2.Active:=True;
ClientDataset2.Open;
ClientDataset2.LogChanges:=True;
Datasource2.Enabled:=true;
The problem is that when I made a change on the Master Table the Post event works fine but when I made a change on the fields of the Detail table that does not work and the detail table remains unchanged. It seems also that the insert command doesn't have any effect on the two Database tables. Hence what is the right way to configure all the components in order the master detail structure to work fine?
I've been trying to implement an authorization layer on top of ActiveRecord. Let me explain how that is supposed to work.
Databases
Consider a database table Invoices with the following fields
InvoiceId
CustomerId
... other fields
There will be an auxiliary table InvoicePrivileges with the fields
ObjectId (referring to an invoice id)
SubjectId (referring to a customer id in this case)
Subject type (to handle multiple kinds of users - customer, admin, operator, etc)
Read (boolean)
Write (boolean)
Authorization checks
To be able to read an invoice, the entity attempting to read the row or set of rows must have a set of entries in the InvoicePrivileges table (where InvoicePrivileges.object_id refers to an InvoiceId) with InvoicePrivileges.read = true.
Example, a query to fetch a bunch of invoices from the DB
SELECT invoice.*
FROM Invoices invoice
LEFT JOIN InvoicePrivileges privilege
ON invoice.invoice_id = privilege.object_id
AND privilege.subject_id = <user_id>
AND privilege.subject_type = <user_type>
WHERE privilege.read = TRUE;
The same condition applies when trying to update an invoice, except the last WHERE condition becomes WHERE privilege.write = true.
Implementation
I can use the Arel library to create these constraints with ease. However, where do I implement these methods in such a way that all ActiveRecord save and update actions include these constraints?
I don't mind writing a bit of code to enable this. I'm looking for pointers as to how best to go about it.
Create a gem and require it after ActiveRecord gem. In your gem open up ActiveRecord classes and override the interested methods.
module ActiveRecord
class Base
def save(*)
if(authorised?)
super
else
raise NotAuthorisedError.new("Your meaningful message!")
end
end
end
end
The original code from Rails source is in Persistence class. All persistence methods usually use create_or_update method internally. So, you might consider overriding that method instead. But, you need to look through the code and see if that's a good idea.
I have a windows application. I am trying to insert a record through a DataContext. It has Unique identifier in the table. Even I am executing a trigger after insertion. So I am making a select query in the end of the trigger to get the auto generator number and to avoid auto-sync error. As it's a windows application I can keep the Context for longtime. When I create a new object ( for example order) and do the same previous operation, upon SubmitChanges operation, it shows cannot have duplicate key. Why can't I use this same Context to Insert the second record? Or do I need to create a new Context to insert a new Record?(Does this Unit of work Concept comes here?). Creating new Context is bad idea as I need to load all data again..
Any thought?
Some code sample to explain my situation:
CallCenterLogObjCotext = (CallCenterLogObjCotext == null ? (new CallcenterLogContext) : (CallCenterLogObjCotext));
CallDetail newCallDetailsOpenTicket = new CallDetail();
newCallDetailsOpenTicket.CallPurpose = (from callpuposelist in CallCenterLogObjCotext.CallPurposes
where callpuposelist.CallPurposeID == ((CallPurpose)(cbcallpurpose.SelectedItem)).CallPurposeID
select callpuposelist).FirstOrDefault();
Lots of settings like this ...
CallCenterLogObjCotext.CallDetails.InsertOnSubmit(newCallDetailsOpenTicket);
CallCenterLogObjCotext.SubmitChanges();
As I mentioned above, this is a click on Open Ticket button on windows form. I change the values of fname, lname and all in the textboxes available on that form and clicked the same button.
So it will call the same method again. I get the below specified error:
System.Data.Linq.DuplicateKeyException: Cannot add an entity with a key that is already in use.
You can insert more than one row with the same context object, see http://weblogs.asp.net/scottgu/archive/2007/05/19/using-linq-to-sql-part-1.aspx, http://msdn.microsoft.com/en-us/library/bb425822.aspx, and other numerous online examples. The duplicate key issue could be a linq to sql configuration issue, or a database integrity error, i.e. such as if you have a natural primary key on a table and are trying to insert a row with the same natural primary key more than once.
I have been reading carefully through the MediaWiki documentation but I have not been able to find out how to create new groups.
When I look at Special:Userrights, I see only 3 groups :
Bots, Sysops, Bureaucrats
I would like to create my own custom groups, so I can use some extensions like the http://www.mediawiki.org/wiki/Extension:Group_Based_Access_Control.
Can someone tell me how it's done, or point me to some documentation?
You can add permissions for new groups to your LocalSettings.php file and they will automatically appear in the Special:UserRights page.
For example, I wanted to disallow editing by regular users but create a "Trusted" group that was allowed to edit. The following code creates a "Trusted" group that is equal to the "user" group, except that "Trusted" users can edit but "user" users cannot.
$wgGroupPermissions['Trusted'] = $wgGroupPermissions['user'];
$wgGroupPermissions['user' ]['edit'] = false;
$wgGroupPermissions['Trusted']['edit'] = true;
$wgGroupPermissions['sysop' ]['edit'] = true;
On the Special:UserRights page, I can now check the "Trusted" box to make users trusted.
You can alter the appearance of the group name by creating the following messages:
(For a group named ninja:)
MediaWiki:Group-ninja (content: Ninjas)
MediaWiki:Group-ninja-member (content: ninja)
MediaWiki:Grouppage-ninja (content: Project:Ninjas)
This will insure that the group will be referred to as "Ninjas" throughout the interface, and a member will be referred to as a "ninja", and overviews will link the groupname to Project:Ninjas.
(source: http://www.mediawiki.org/wiki/Manual:User_rights#Examples)
Here you will find a List of Permissions. http://www.mediawiki.org/wiki/Manual:User_rights
I beleive I have found the answer, I just need to add the UserGroup and the permission to the wgGroupPermissions array in the LocalSettings.php file.
$wgGroupPermissions['TomatoUsers']['read'] = true;
$wgGroupPermissions['TomatoUsers']['edit'] = false;
I don't have the reputation to vote up the first answer (which can also be added to extension initialization files), but for when you get to adding users to your groups you may want to consider directly editing the database (ie. if you need to sync the wiki groups with external information). If you open the database "wikidb" the "PREFIX_user_groups"* table contains the mapping between user IDs (ug_user) and group names (ug_group). This table, combined with the "PREFIX_user"* table's name information (user_name) and ID information (user_id), give you all the information to add and remove large numbers of users from groups.
* Replace "PREFIX" with the database prefix you used for your wiki.