Search Results

Search found 1424 results on 57 pages for 'roles'.

Page 11/57 | < Previous Page | 7 8 9 10 11 12 13 14 15 16 17 18  | Next Page >

  • Do I must expose the aggregate children as public properties to implement the Persistence ignorance?

    - by xuehua
    Hi all, I'm very glad that i found this website recently, I've learned a lot from here. I'm from China, and my English is not so good. But i will try to express myself what i want to say. Recently, I've started learning about Domain Driven Design, and I'm very interested about it. And I plan to develop a Forum website using DDD. After reading lots of threads from here, I understood that persistence ignorance is a good practice. Currently, I have two questions about what I'm thinking for a long time. Should the domain object interact with repository to get/save data? If the domain object doesn't use repository, then how does the Infrastructure layer (like unit of work) know which domain object is new/modified/removed? For the second question. There's an example code: Suppose i have a user class: public class User { public Guid Id { get; set; } public string UserName { get; set; } public string NickName { get; set; } /// <summary> /// A Roles collection which represents the current user's owned roles. /// But here i don't want to use the public property to expose it. /// Instead, i use the below methods to implement. /// </summary> //public IList<Role> Roles { get; set; } private List<Role> roles = new List<Role>(); public IList<Role> GetRoles() { return roles; } public void AddRole(Role role) { roles.Add(role); } public void RemoveRole(Role role) { roles.Remove(role); } } Based on the above User class, suppose i get an user from the IUserRepository, and add an Role for it. IUserRepository userRepository; User user = userRepository.Get(Guid.NewGuid()); user.AddRole(new Role() { Name = "Administrator" }); In this case, i don't know how does the repository or unit of work can know that user has a new role? I think, a real persistence ignorance ORM framework should support POCO, and any changes occurs on the POCO itself, the persistence framework should know automatically. Even if change the object status through the method(AddRole, RemoveRole) like the above example. I know a lot of ORM can automatically persistent the changes if i use the Roles property, but sometimes i don't like this way because of the performance reason. Could anyone give me some ideas for this? Thanks. This is my first question on this site. I hope my English can be understood. Any answers will be very appreciated.

    Read the article

  • Webcast Q&A: ING on How to Scale Role Management and Compliance

    - by Tanu Sood
    Thanks to all who attended the live webcast we hosted on ING: Scaling Role Management and Access Certifications to Thousands of Applications on Wed, April 11th. Those of you who couldn’t join us, the webcast replay is now available. Many thanks to our guest speaker, Mark Robison, Enterprise Architect at ING for walking us through ING’s drivers and rationale for the platform approach, the phased implementation strategy, results & metrics, roadmap and recommendations. We greatly appreciate the insight he shared with us all on the deployment synergies between Oracle Identity Manager (OIM) and Oracle Identity Analytics (OIA) to enforce streamlined user and role management and scalable compliance. Mark was also kind enough to walk us through specific solutions features that helped ING manage the problem of role explosion and implement closed loop remediation. Our host speaker, Neil Gandhi, Principal Product Manager, Oracle rounded off the presentation by discussing common use cases and deployment scenarios we see organizations implement to automate user/identity administration and enforce closed-loop scalable compliance. Neil also called out the specific features in Oracle Identity Analytics 11gR1 that cater to expediting and streamlining compliance processes such as access certifications. While we tackled a few questions during the webcast, we have captured the responses to those that we weren’t able to get to here; our sincere thanks to Mark Robison for taking the time to respond to questions specific to ING’s implementation and strategy. Q. Did you include business friendly entitlment descriptions, or is the business seeing application descriptors A. We include very business friendly descriptions.  The OIA tool has the facility to allow this. Q. When doing attestation on job change, who is in the workflow to review and confirm that the employee should continue to have access? Is that a best practice?   A. The new and old manager  are in the workflow.  The tool can check for any Separation of Duties (SOD) violations with both having similiar accesses.  It may not be a best practice, but it is a reality of doing your old and new job for a transition period on a transfer. Q. What versions of OIM and OIA are being used at ING?   A. OIM 11gR1 and OIA 11gR1; the very latest versions available. Q. Are you using an entitlements / role catalog?   A. Yes. We use both roles and entitlements. Q. What specific unexpected benefits did the Identity Warehouse provide ING?   A. The most unanticipated was to help Legal Hold identify user ID's in the various applications.   Other benefits included providing a one stop shop for all aggregated ID information. Q. How fine grained are your application and entitlements? Did OIA, OIM support that level of granularity?   A. We have some very fine grained entitlements, but we role this up into approved Roles to allow for easier management.   For managing very fine grained entitlements, Oracle offers the Oracle Entitlement Server.  We currently do not own this software but are considering it. Q. Do you allow any individual access or is everything truly role based?   A. We are a hybrid environment with roles and individual positive and negative entitlements Q. Did you use an Agile methodology like scrum to deliver functionality during your project? A. We started with waterfall, but used an agile approach to provide benefits after the initial implementation Q. How did you handle rolling out the standard ID format to existing users? A. We just used the standard IDs for new users.  We have not taken on a project to address the existing nonstandard IDs. Q. To avoid role explosion, how do you deal with apps that require more than a couple of entitlement TYPES? For example, an app may have different levels of access and it may need to know the user's country/state to associate them with particular customers.   A. We focus on the functional user and craft the role around their daily job requirements.  The role captures the required application entitlements.  To keep role explosion down, we use role mining in OIA and also meet and interview the business.  It is an iterative process to get role consensus. Q. Great presentation! How many rounds of Certifications has ING performed so far?  A. Around 7 quarters and constant certifications on transfer. Q. Did you have executive support from the top down   A. Yes  The executive support was key to our success. Q. For your cloud instance are you using OIA or OIM as SaaS?  A. No.  We are just provisioning and deprovisioning to various Cloud providers.  (Service Now is an example) Q. How do you ensure a role owner does not get more priviliges as are intended and thus violates another role, e,g, a DBA Roles should not get tor rigt to run somethings as root, as this would affect the root role? A. We have SOD  checks.  Also all Roles are initially approved by external audit and the role owners have to certify the roles and any changes Q. What is your ratio of employees to roles?   A. We are still in process going through our various lines of business, so I do not have a final ratio.  From what we have seen, the ratio varies greatly depending on the Line of Business and the diversity of Job Functions.  For standardized lines of business such as call centers, the ratio is very good where we can have a single role that covers many employees.  For specialized lines of business like treasury, it can be one or two people per role. Q. Is ING using Oracle On Demand service ?   A. No Q. Do you have to implement or migrate to OIM in order to get the Identity Warehouse, or can OIA provide the identity warehouse as well if you haven't reached OIM yet? A. No, OIM deployment is not required to implement OIA’s Identity Warehouse but as you heard during the webcast, there are tremendous deployment synergies in deploying both OIA and OIM together. Q. When is the Security Governor product coming out? A. Oracle Security Governor for Healthcare is available today. Hope you enjoyed the webcast and we look forward to having you join us for the next webcast in the Customers Talk: Identity as a Platform webcast series: Toyota: Putting Customers First – Identity Platform as a Business Enabler Wednesday, May 16th at 10 am PST/ 1 pm EST Register Today You can also register for a live event at a city near you where Aberdeen’s Derek Brink will discuss the survey results from the recently published report “Analyzing Platform vs. Point Solution Approach in Identity”. And, you can do a quick (& free)  online assessment of your identity programs by benchmarking it against the 160 organizations surveyed  in the Aberdeen report, compliments of Oracle. Here’s the slide deck from our ING webcast: ING webcast platform View more presentations from OracleIDM

    Read the article

  • Should I be using WAI-ARIA in my HTML website builds?

    - by DBUK
    Should I be using WAI-ARIA in my website builds? Will it have any benefit? Is anyone adding 'role' to their code at the moment? The tab, link, checkbox and slider roles, plus many more, aren't available yet for HTML5. From looking at the list of what is available (see below), and what will be coming in the future, it looks like we might be applying roles to a huge amount of tags on our pages. Its not an issue especially if it brings benefit to users using readers etc Also, a side question, will search engines give any benefits to sites using WAI-ARIA? List of safe roles to use (I think) • role="article" • role="banner" • role="complementary" • role="contentinfo" • role="form" • role="heading" • role="main" • role="navigation" • role="search" Examples of usage: <header role="banner"></div>for a main header, banner only allowed once per page <header role="heading"></div>- for all headers after the main one <aside role="complementary"></aside> <form role="search"></form>

    Read the article

  • Using the ASP.NET Membership API with SQL Server / SQL Azure: The new &ldquo;System.Web.Providers&rdquo; namespace

    - by Harish Ranganathan
    The Membership API came in .NET 2.0 and was a huge enhancement in building web applications with users, managing roles, permissions etc.,  The Membership API by default uses SQL Express and until Visual Studio 2008, it was available only through the ASP.NET Configuration manager screen (Website – ASP.NET Configuration) or (Project – ASP.NET Configuration) and for every application, one has to manually visit this place to start using the Security and other settings.  Upon doing that the default SQL Express database aspnet.mdf is created to store all the user profiles. Starting Visual Studio 2010 and .NET 4.0, the Default Website template includes the Membership API controls as a part of the page i.e. When you create a “File – New – ASP.NET Web Application” or an “ASP.NET MVC Application”, by default the Login/Register controls are enabled in the MasterPage and they are termed under “ApplicationServices” setting in the web.config file with connection string pointed to the SQL Express database. In fact, when you run the default website and click on “Logon” –> “Register”, and enter the details for registration and click “Register”, that is the time the aspnet.mdf file is created with the tables for Users, Roles, UsersInRoles, Profile etc., Now, this uses the default SQL Express database within the App_Data folder.  If you want to move your Membership information to some other database such as SQL Server, SQL CE or SQL Azure, you need to manually run the aspnet_regsql command and specify the destination database name. This would create all the Tables, Procedures and Views required to handle the Membership information.  Thereafter you can change the connection string for “ApplicationServices” to point to the database where you had run all the scripts. Now, enter “System.Web.Providers” Alpha. This is available as a part of the NuGet package library.  Scott Hanselman has a neat post describing the steps required to get it up and running as well as doing the basic changes  at http://www.hanselman.com/blog/IntroducingSystemWebProvidersASPNETUniversalProvidersForSessionMembershipRolesAndUserProfileOnSQLCompactAndSQLAzure.aspx Pretty much, it covers what the new System.Web.Providers do. One thing I wanted to clarify is that, the new “System.Web.Providers” add a lot of new settings which are also marked as the defaults, in the web.config.  Even now, they use SQL Express as the default database.  But, if you change the connection string for “DefaultConnection” under connectionStrings to point to your SQL Server or SQL Azure, Membership API would now be able to create all the tables, procedures and views at the destination specified (i.e. SQL Server or SQL Azure). In my case, I modified the DefaultConneciton to point to my SQL Azure database.  Next, I hit F5 to run the application.  The default view loads.  I clicked on “LogOn” and then “Register” since I knew there are no tables/users as of then.  One thing to note is that, I had put “NewDB” as the database name in the connection string that points to SQL Azure.  NewDB wasn’t existing and I would assume it would be created before the tables/views/procedures for Membership are created. Once I clicked on the “Register” to register my first username, it took a while and then registered as well as logged in me in.  Also, I went to the SQL Azure Management Portal and verified that there exists “NewDB” which has just been created I could also connect to the SQL Azure database “NewDB” from Management Studio and found that the tables now don’t have the aspnet_ prefix.  The tables were simply Users, Roles, UsersInRoles, Profiles etc., So, with a few clicks and configuration change, I could actually set up the user base for my application on SQL Azure and even make the SessionState, Roles, Profiles being stored in SQL Azure database. The new System.Web.Proivders also required MARS (MultipleActiveResultSets=true) setting since it uses Entity Framework for the DAL operations.  Also, the “Project – ASP.NET Configuration” screen can be used to further create/manage users/roles etc., although the data is stored on the remote database. With that, a long pending request from the community to have the ability to configure and use remote databases for Application users management without having to run the scripts from SQL Express is fulfilled. Cheers !!!

    Read the article

  • Cannot import resource > "app/config/security.yml" from "/app/config/config.yml"

    - by tirengarfio
    Im getting this error: FileLoaderLoadException: Cannot import resource "app/config/security.yml" from "/app/config/config.yml". The file security.yml is on the right path. This is my security.yml file: jms_sapp/confiapp/config/security.yml secure_all_services: false exprapp/confiapp/config/security.yml security: encoders: Symfony\Component\Security\Core\User\User: plaintext role_hierarchy: ROLE_ADMIN: ROLE_USER ROLE_SUPER_ADMIN: [ROLE_USER, ROLE_ADMIN, ROLE_ALLOWED_TO_SWITCH] providers: in_memory: memory: users: user: { password: userpass, roles: [ 'ROLE_USER' ] } admin: { password: adminpass, roles: [ 'ROLE_ADMIN' ] } firewalls: dev: pattern: ^/(_(profiler|wdt)|css|images|js)/ security: false login: pattern: ^/demo/secured/login$ security: false secured_area: pattern: ^/demo/secured/ form_login: check_path: /demo/secured/login_check login_path: /demo/secured/login logout: path: /demo/secured/logout target: /demo/ #anonymous: ~ #http_basic: # realm: "Secured Demo Area" access_control: #- { path: ^/login, roles: IS_AUTHENTICATED_ANONYMOUSLY, requires_channel: https } #- { path: ^/_internal/secure, roles: IS_AUTHENTICATED_ANONYMOUSLY, ip: 127.0.0.1 }

    Read the article

  • Reuse security code between WCF and MVC.NET

    - by mrjoltcola
    First the background: I jumped into MVC.NET from the Java MVC world, so my implementation below is possibly cheating, I don't know. I avoided fooling with a custom membership provider and I just implemented the base code needed to authenticate and load roles in my LogOn action. Typically I just need to check roles programatically, and have no use for all of the other membership features, so I didn't originally think I needed a full Membership provider. I have a successful WCF project with a custom authentication and authorization layer that I did at least write per the proper API. I implemented it with custom IPrincipal, UserNamePasswordValidator and IAuthorizationPolicy classes to load from an Oracle database. In my WCF services, I use declarative security: [PrincipalPermission(SecurityAction.Demand, Role="ADMIN")]. The question (on the ASP.NET/MCV.NET side): All my reading indicates I should implement a custom Membership/Roles provider, and use [Authorize(Roles="ADMIN")] on my controller actions. At this point, I don't have a true Membership provider, but I'm using the same User class that implements the IPrincipal interface that works with the WCF security. I plan to share common code between the WCF and ASP.NET modules. So my LogOn action is not using the FormsService (and I assume this is bad). I had commented it out, and just used my "UserService" to access the Oracle db. Note my "TODO" comment below. public ActionResult LogOn(LogOnModel model, string returnUrl) { log.Info("Login attempt by " + model.UserName); if (ModelState.IsValid) { User user = userService.findByUserName(model.UserName); // Commented original MemberShipService code, this is probably bad // if (MembershipService.ValidateUser(model.UserName, model.Password)) if (user != null && user.Authenticate(model.Password) == true) { log.Info("Login success by " + model.UserName); FormsService.SignIn(model.UserName, model.RememberMe); // TODO: Override with Custom identity / roles? user.AddRoles(userService.listRolesByUser(user)); // pull in roles from db if (!String.IsNullOrEmpty(returnUrl)) return Redirect(returnUrl); else return RedirectToAction("Index", "Home"); } else { log.Info("Login failure by " + model.UserName); ModelState.AddModelError("", "The user name or password provided is incorrect."); } } // If we got this far, something failed, redisplay form return View(model); } So can I make the above work? Can I stick the IPrincipal (User) into the CurrentContext or HttpContext? Can I integrate the custom IPrincipal I've already created without writing a full Membership/Roles Provider? I currently stick the User object into the session and access it from all MVC.NET controllers with "CurrentUser" property which grabs it from the session on demand. But this doesn't work with the [Authorize] attribute; I assume that is because it knows nothing about my custom Principal in the session, and is instead using whatever FormsService.SignIn() produces. I also found that session timeouts screw up the login redirect, the user doesn't get forwarded, instead we get a null exception accessing User from the session, and I assume it is related to my "skipping steps" to get a quick implementation. Thanks.

    Read the article

  • Authorization and authenthication for WinForm application

    - by Adrian
    Hi! I'm starting to develop windows application and I've been looking around for some authenthication and authorization solution available, but no luck so far. I have to be able to allow admin create users and roles, assign users to roles and define access to controls on form for specified roles (button enabled/disabled etc). Is there any solution out there or maybe someone could give me short description of solution he's using? Adrian

    Read the article

  • Repeater and add columns to header and itemtemplate on page load

    - by sdmiller
    I haven't used repeaters for much more than showing data from a datatable. I am building a grid that that shows a list of users and columns of roles that the user has been assigned, shown with checkboxes (shown with true/false below but pretent they are checkboxes). ex. |Rep Name|Caller|Closer|Manager|SuperUser| |Bob |True |true | false | false | |Tom |false |false |True | True | Basically using it for roles management. However the roles may change later on so I want to load the roles(headers and items) dynamically into the repeater. I am not sure how to do this or if it is even possible. I figure you grab a list of current role possibilities and load them into the headertemplate but I am not sure how to match those with the itemtemplate and how to create checkboxes and place them in the itemtemplate. Sorry if it is a rudementary question.... I appreciate any advice!

    Read the article

  • How to : required validator based on user role ASP.Net MVC 3

    - by user70909
    Hi, i have a form where i have the field "Real Cost" i want to customize its appearance and wither it should be validated based on user role. to be more clear is say the client want to show his field in the form or details page and also make it editable for users in Roles "Senior Sales, Manager" but not other roles, so can anyone please guide me of the best way ? should i write custom required validation based on user in role, and if so can you please provide the right implementation of it? some may tell me create custom model for this, but i think it would be hassle plus the Roles will be dynamic so it is not predefined set of roles. i hope i was clear enough

    Read the article

  • Binding menu items to a sitemap.

    - by Ricardo Deano
    Hello all..this is driving me nuts. I have a navigation menu I would like to display based upon user roles (using.net membership) After several hours and headaches (from banging my head against the desk) I was wondering if someone can point me in the error of my ways. Page: <body> <form runat="server"> <div class="page"> <div class="header"> <div class="loginDisplay"> <asp:LoginView ID="HeadLoginView" runat="server" EnableViewState="false"> <AnonymousTemplate> <a href="~/Login.aspx" ID="HeadLoginStatus" runat="server">Log In</a> </AnonymousTemplate> <LoggedInTemplate> Welcome <span class="bold"><asp:LoginName ID="HeadLoginName" runat="server" /></span>! [ <asp:LoginStatus ID="HeadLoginStatus" runat="server" LogoutAction="Redirect" LogoutText="Log Out" LogoutPageUrl="~/Open/Close.aspx"/> ] </LoggedInTemplate> </asp:LoginView> </div> <div class="clear hideSkiplink"> <asp:Menu ID="NavigationMenu" runat="server" CssClass="menu" IncludeStyleBlock="False" Orientation="Horizontal" DataSourceID="AugustSiteMap" /> <asp:SiteMapDataSource ID="AugustSiteMap" runat="server" ShowStartingNode="false"/> </div> </div> SiteMap: <?xml version="1.0" encoding="utf-8" ?> <siteMap xmlns="http://schemas.microsoft.com/AspNet/SiteMap-File-1.0" > <siteMapNode url="~/Default.aspx" title="Home" description="Home"> <siteMapNode title="Open Pages" description="Open Pages"> <siteMapNode url="~/Open/Login.aspx" title="Login Page" description="Login Page" roles="*"/> <siteMapNode url="~/Open/Close.aspx" title="Thank you for using Valpak Data Solutions Online Reporting" description="Thank you for using Valpak Data Solutions Online Reporting" roles="*"/> </siteMapNode> <siteMapNode title="Logged In Open Pages" description="Logged In Open Pages"> <siteMapNode url="~/Landing.aspx" title="Landing Page" description="Landing Page" roles="*"/> <siteMapNode url="~/ContactUs.aspx" title="Contact Us" description="Contact Us" roles="*"/> </siteMapNode> <siteMapNode title="Restricted Pages" description="Resticted Pages"> <siteMapNode url="~/Restricted/ProductSearch.aspx" title=" Product Search" description=" Product Search" roles="*"/> <siteMapNode url="~/Restricted/ReportOutput.aspx" title="Report Output" description="Report Output" roles="Admin"/> </siteMapNode> </siteMapNode> </siteMap> Webconfig: <roleManager enabled="true" /> <siteMap defaultProvider="XmlSiteMapProvider" enabled="true"> <providers> <add name="XmlSiteMapProvider" description="AugustSiteMap" type="System.Web.XmlSiteMapProvider " siteMapFile="AugustSiteMap.sitemap" securityTrimmingEnabled="true" /> </providers> </siteMap> How can I ensure that when the user is logged in, the appropriate menu items are displayed on the Landing page? Please excuse my ignorance. Still new to all of this and my current method of 'trial and error' has seen me reach suicide levels this morning!

    Read the article

  • Get list of users belonging to a role using Authorization Manager (AzMan)

    - by Sam
    Using ASP.NET (C#) I have set up Authorization Manager to allow me to handle roles on a website. Added users to roles is simple Roles.AddUserToRole("DOMAIN\\UserName", "role"). However I want to list the users belonging to a role, but since they are stored as SID's, displaying them would not be that helpful. To get the users, I am thinking XML would have to be used, although is it possible to use COM Interop to both do that and get the user name? Either way, how can I get the users belonging to a role? The table to manage roles would basically be like this: Role User ---- ---- admin DOMAIN\UserName [delete] DOMAIN\UserName2 [delete] [add user text box] news DOMAIN\UserName3 [delete] [add user text box]

    Read the article

  • Find Object in Many-to-Many Szanario - Grails

    - by Oliver
    Hello, i got this situation: - class user with hasMany Roles and belongsTo Roles - class Role with hasMans User how can i get the roles belongs to a user, object user is given, how can i get objects in a many-to-many szanario? findByX doesn't work, it's affect just one table, but i need a "find" or something else to find Object overall / over many tables. can anyone help me? and excuse my no propper english^^

    Read the article

  • Need Help on entity framework

    - by Sarathi1904
    I have 3 tables(Roles,Actions and RoleActionLinks). Roles table has few columns(RoleID,RoleName,Desc). Actions table has few colums(ActionID,ActionName,Desc). In RoleActionLink is created for store the association between Roles and Actions and this table has the columns such as RoleID,ActionID When I created the data model(edmx). it shows only Role and Action as entity. i did not find RoleActionLink table. but even there is no direct relation between Roles and Actions table, both tables are automatically related using RoleActionLink table. When i create the new Action, a action record should be populated in Action table(this is works fine). At the same time, i need to populate record in RoleActionLinks table. But i dont have the entity to populate. Please tell me how to accomplish my needs.

    Read the article

  • Linq-to-SQL: How to shape the data with group by?

    - by Cheeso
    I have an example database, it contains tables for Movies, People and Credits. The Movie table contains a Title and an Id. The People table contains a Name and an Id. The Credits table relates Movies to the People that worked on those Movies, in a particular role. The table looks like this: CREATE TABLE [dbo].[Credits] ( [Id] [int] IDENTITY (1, 1) NOT NULL PRIMARY KEY, [PersonId] [int] NOT NULL FOREIGN KEY REFERENCES People(Id), [MovieId] [int] NOT NULL FOREIGN KEY REFERENCES Movies(Id), [Role] [char] (1) NULL In this simple example, the [Role] column is a single character, by my convention either 'A' to indicate the person was an actor on that particular movie, or 'D' for director. I'd like to perform a query on a particular person that returns the person's name, plus a list of all the movies the person has worked on, and the roles in those movies. If I were to serialize it to json, it might look like this: { "name" : "Clint Eastwood", "movies" : [ { "title": "Unforgiven", "roles": ["actor", "director"] }, { "title": "Sands of Iwo Jima", "roles": ["director"] }, { "title": "Dirty Harry", "roles": ["actor"] }, ... ] } How can I write a LINQ-to-SQL query that shapes the output like that? I'm having trouble doing it efficiently. if I use this query: int personId = 10007; var persons = from p in db.People where p.Id == personId select new { name = p.Name, movies = (from m in db.Movies join c in db.Credits on m.Id equals c.MovieId where (c.PersonId == personId) select new { title = m.Title, role = (c.Role=="D"?"director":"actor") }) }; I get something like this: { "name" : "Clint Eastwood", "movies" : [ { "title": "Unforgiven", "role": "actor" }, { "title": "Unforgiven", "role": "director" }, { "title": "Sands of Iwo Jima", "role": "director" }, { "title": "Dirty Harry", "role": "actor" }, ... ] } ...but as you can see there's a duplicate of each movie for which Eastwood played multiple roles. How can I shape the output the way I want?

    Read the article

  • declarative authorization and has_and_belongs_to_many

    - by Michael Balsiger
    Hi, I have a little problem with declarative-authorization. I have a User and Role Model with a has_and_belongs_to_many association. I've created a Role named :moderator in my authorization_rules.rb Is it possible that a User with the Role Moderator only gets the Users that have the Moderator Role assigned to it?? -- User.with_permissions_to(:index) I thought it would be possible like that: role :moderator do has_permission_on :users, :to => :index do if_attribute :roles => contains { ????? } end end I also created a named_scope in my User Model because I thought it would help... class User has_and_belongs_to_many :roles named_scope :by_role, lambda { |role| { :include => :roles, :conditions => {"roles.name" => role} } } end Does anyone knows if it's possible to do this with declarative_authorization? Thanks for your help!

    Read the article

  • Rails validation count limit on has_many :through

    - by Jeremy
    I've got the following models: Team, Member, Assignment, Role The Team model has_many Members. Each Member has_many roles through assignments. Role assignments are Captain and Runner. I have also installed devise and CanCan using the Member model. What I need to do is limit each Team to have a max of 1 captain and 5 runners. I found this example, and it seemed to work after some customization, but on update ('teams/1/members/4/edit'). It doesn't work on create ('teams/1/members/new'). But my other validation (validates :role_ids, :presence = true ) does work on both update and create. Any help would be appreciated. Update: I've found this example that would seem to be similar to my problem but I can't seem to make it work for my app. It seems that the root of the problem lies with how the count (or size) is performed before and during validation. For Example: When updating a record... It checks to see how many runners there are on a team and returns a count. (i.e. 5) Then when I select a role(s) to add to the member it takes the known count from the database (i.e. 5) and adds the proposed changes (i.e. 1), and then runs the validation check. (Team.find(self.team_id).members.runner.count 5) This works fine because it returns a value of 6 and 6 5 so the proposed update fails without saving and an error is given. But when I try to create a new member on the team... It checks to see how many runners there are on a team and returns a count. (i.e. 5) Then when I select a role(s) to add to the member it takes the known count from the database (i.e. 5) and then runs the validation check WITHOUT factoring in the proposed changes. This doesn't work because it returns a value of 5 known runner and 5 = 5 so the proposed update passes and the new member and role is saved to the database with no error. Member Model: class Member < ActiveRecord::Base devise :database_authenticatable, :registerable, :recoverable, :rememberable, :trackable, :validatable attr_accessible :password, :password_confirmation, :remember_me attr_accessible :age, :email, :first_name, :last_name, :sex, :shirt_size, :team_id, :assignments_attributes, :role_ids belongs_to :team has_many :assignments, :dependent => :destroy has_many :roles, through: :assignments accepts_nested_attributes_for :assignments scope :runner, joins(:roles).where('roles.title = ?', "Runner") scope :captain, joins(:roles).where('roles.title = ?', "Captain") validate :validate_runner_count validate :validate_captain_count validates :role_ids, :presence => true def validate_runner_count if Team.find(self.team_id).members.runner.count > 5 errors.add(:role_id, 'Error - Max runner limit reached') end end def validate_captain_count if Team.find(self.team_id).members.captain.count > 1 errors.add(:role_id, 'Error - Max captain limit reached') end end def has_role?(role_sym) roles.any? { |r| r.title.underscore.to_sym == role_sym } end end Member Controller: class MembersController < ApplicationController load_and_authorize_resource :team load_and_authorize_resource :member, :through => :team before_filter :get_team before_filter :initialize_check_boxes, :only => [:create, :update] def get_team @team = Team.find(params[:team_id]) end def index respond_to do |format| format.html # index.html.erb format.json { render json: @members } end end def show respond_to do |format| format.html # show.html.erb format.json { render json: @member } end end def new respond_to do |format| format.html # new.html.erb format.json { render json: @member } end end def edit end def create respond_to do |format| if @member.save format.html { redirect_to [@team, @member], notice: 'Member was successfully created.' } format.json { render json: [@team, @member], status: :created, location: [@team, @member] } else format.html { render action: "new" } format.json { render json: @member.errors, status: :unprocessable_entity } end end end def update respond_to do |format| if @member.update_attributes(params[:member]) format.html { redirect_to [@team, @member], notice: 'Member was successfully updated.' } format.json { head :no_content } else format.html { render action: "edit" } format.json { render json: @member.errors, status: :unprocessable_entity } end end end def destroy @member.destroy respond_to do |format| format.html { redirect_to team_members_url } format.json { head :no_content } end end # Allow empty checkboxes # http://railscasts.com/episodes/17-habtm-checkboxes def initialize_check_boxes params[:member][:role_ids] ||= [] end end _Form Partial <%= form_for [@team, @member], :html => { :class => 'form-horizontal' } do |f| %> #... # testing the count... <ul> <li>Captain - <%= Team.find(@member.team_id).members.captain.size %></li> <li>Runner - <%= Team.find(@member.team_id).members.runner.size %></li> <li>Driver - <%= Team.find(@member.team_id).members.driver.size %></li> </ul> <div class="control-group"> <div class="controls"> <%= f.fields_for :roles do %> <%= hidden_field_tag "member[role_ids][]", nil %> <% Role.all.each do |role| %> <%= check_box_tag "member[role_ids][]", role.id, @member.role_ids.include?(role.id), id: dom_id(role) %> <%= label_tag dom_id(role), role.title %> <% end %> <% end %> </div> </div> #... <% end %>

    Read the article

  • Binding Listbox Items

    - by Sergio
    Hi, I have a user with it's roles, it's an entitycollection. I have a ListBox that has all possible roles, and I have them like checkboxes, but I want to bind the IsChecked property of each one to check if the user has the role. Something like IsChecked={Binding Roles.Contains}

    Read the article

  • Ruby on Rails updating join table records

    - by Eef
    Hey, I have two models Users and Roles. I have setup a many to many relationship between the two models and I have a joint table called roles_users. I have a form on a page with a list of roles which the user checks a checkbox and it posts to the controller which then updates the roles_users table. At the moment in my update method I am doing this because I am not sure of a better way: role_ids = params[:role_ids] user.roles.clear role_ids.each do |role| user.roles << Role.find(role) end unless role_ids.nil? So I am clearing all the entries out then looping threw all the role ids sent from the form via post, I also noticed that if all the checkboxes are checked and the form posted it keeps adding duplicate records, could anyone give some advice on a more efficent way of doing this?

    Read the article

  • managing classes when everything is relative to a user in nhibernate (orm)

    - by Schotime
    Firstly I have three entities. Users, Roles, Items A user can have multiple Roles. An item gets assigned to one or more roles. Therefore a user will have access to a distinct set of items. Now there is a few ways I can see this working. There is a Collection on Users which has Roles via a many-to-many assoc. Then each Role in this collection will have its own collection of Items. So for each user I would have to get the User (using nhib and fetch the roles and items with it) then either do a selectMany on the Items in each Role to get all the Items for the user or do a couple of foreach's to port the data to a view or dto model. Create a db trigger to automatically insert into another table that just has the relationship between user and items so that on my User entity I only have a Items collections which has all the items assigned to me. Some other way that i can't think of yet, because I'm new to nHibernate. Now i know that the trigger doesn't feel right but I'm not sure how to do this. We also have some hierarchy later where a user may be in charge of a group of users. If anyone could shed some light on how they go about these scenarios in nhibernate or another orm that would be great, or point be in a direction. I know that in the past you would have to enter all combinations into a table so that the query worked, but when you know sql its not too bad. If you need any other info then let me know. Cheers

    Read the article

  • group_concat on an empty join in MySQL

    - by Yossarian
    Hello, I've got the following problem: I have two tables: (simplified) +--------+ +-----------+ | User | | Role | +--------+ +-----------+ | ID<PK> | | ID <PK> | +--------+ | Name | +-----------+ and M:N relationship between them +-------------+ | User_Role | +-------------+ | User<FK> | | Role<FK> | +-------------+ I need to create a view, which selects me: User, and in one column, all of his Roles (this is done by group_concat). I've tried following: SELECT u.*, group_concat(r.Name separator ',') as Roles FROM User u LEFT JOIN User_Role ur ON ur.User=u.ID LEFT JOIN Role r ON ur.Role=r.ID GROUP BY u.ID; However, this works for an user with some defined roles. Users without role aren't returned. How can I modify the statement, to return me User with empty string in Roles column when User doesn't have any Role? Explanation: I'm passing the SQL data directly to a grid, which then formats itself, and it is easier for me to create slow and complicated view, than to format it in my code. I'm using MySQL

    Read the article

  • TSQL - compare tables

    - by Rya
    I want to create a stored procedure that compares the results of two queries. If the results of the 2nd table can be found in the first, print 'YES', otherwise, print 'No'. Table 1: SELECT dbo.Roles.RoleName, dbo.UserRoles.RoleID FROM dbo.Roles LEFT OUTER JOIN dbo.UserRoles ON dbo.Roles.RoleID = dbo.UserRoles.RoleID WHERE (dbo.Roles.PortalID = 0) AND (dbo.UserRoles.UserID = 2) Table 2: Declare @RowData as nvarchar(2000) Set @RowData = ( SELECT EditPermissions FROM vw_XMP_DMS_Documents where DocumentID = 2) Select Data from dbo.split(@RowData, ',') For example. Table 1: John Jack James Table 2: John Sally Jane Print 'YES' Is this possible??? Thank you all very much. -R

    Read the article

  • ASP.NET MVC 2 Authorization Regex

    - by Hurricanepkt
    What i currently have is the following: namespace AzureCCCMVC.Controllers { [Authorize(Roles="Admin")] public class AdminController : Controller { //Stuff } } what I want to do is have roles for each client such as Roles { "DEMOAdmin", "GOOGAdmin" , "MSFTAdmin" } and be able to Authorize The Client name (from URL) and in that role I know I am doing a horrible job of explaining this... It is possible that I can have users that are users of several clients but only admin's of one ...

    Read the article

  • Security Resources Defining, Static/Dynamic

    - by mmontalvo
    I am implementing a simple(hopefully) security manager within an application. Is it better to have predefined(static) roles, custom roles(dynamic)? I am leaning more towards dynamic groups or roles only because then it would not require a redeploy to update the system. Also, what would be the best approach to define resources in general? The application has a database that can hold either the static or dynamic values.

    Read the article

  • when i create user it aoutomaticaly logged in to newly created user how can i prevent it?

    - by kalyani
    heloo public partial class CreateUser : System.Web.UI.Page { TextBox username; protected void Page_Load(object sender, EventArgs e) { Class1.OpenConn(); string[] rolesArray; if(!(IsPostBack)) { rolesArray = Roles.GetAllRoles(); rdButtonListRoles.DataSource = rolesArray; rdButtonListRoles.DataBind(); } if(IsPostBack) { Class1 cs = new Class1(); username = (TextBox)CreateUserWizard1.CreateUserStep.ContentTemplateContainer.FindControl("UserName"); ProfileCommon newProf; newProf = Profile.GetProfile(username.Text); TextBox MobileNo, name, Sirname; name = (TextBox)CreateUserWizard1.CreateUserStep.ContentTemplateContainer.FindControl("txtname"); Sirname = (TextBox)CreateUserWizard1.CreateUserStep.ContentTemplateContainer.FindControl("txtSirname"); MobileNo = (TextBox)CreateUserWizard1.CreateUserStep.ContentTemplateContainer.FindControl("MobileNo"); newProf.Name = name.Text; newProf.Sirname = Sirname.Text; newProf.MobileNo = MobileNo.Text; newProf.Save(); RoleDiv.Visible = false; } } protected void ContinueButton_Click(object sender, EventArgs e) { for (int i = 0; i < rdButtonListRoles.Items.Count; i++) { if (rdButtonListRoles.Items[i].Selected == true) { if (!Roles.IsUserInRole(username.Text, rdButtonListRoles.Items[i].Text)) { Roles.AddUserToRole(username.Text, rdButtonListRoles.Items[i].Text.ToString()); } } else { if (Roles.IsUserInRole(username.Text, rdButtonListRoles.Items[i].Text)) { Roles.RemoveUserFromRole(username.Text, rdButtonListRoles.Items[i].Text.ToString()); } } } Response.Redirect("ManageUser.aspx"); } protected void CreateUserWizard1_CreatedUser(object sender, EventArgs e) { } } plz give me the solution help me

    Read the article

  • Error while debug (role redirection)

    - by Chris White
    What is wrong with my role redirection, protected void Login1_LoggedIn(object sender, EventArgs e) { { if (Roles.IsUserInRole(Login1.UserName, "Aemy")) Response.Redirect("~/Admin/Home.aspx"); else if (Roles.IsUserInRole(Login1.UserName, "User")) Response.Redirect("~/Welcome/User1.aspx"); } } Error : The name 'Roles' does not exist in the current context

    Read the article

< Previous Page | 7 8 9 10 11 12 13 14 15 16 17 18  | Next Page >