Is it possible to create databases with PouchDB that are available to all users of the App and have databases as well that are tied to specific users?
My simple App is essentially as follows:
The App is for a micro brewery. It contains a list of the brewery's currently available beers. This is the database that needs to be available to all App users
Every user can create a bookmarked list of beers they want to drink and beers they have tried. This is the database that needs to be specific to each user.
If a user is logged in to the App with admin privileges they will be able to add/remove beers to/from the database of beers that is available to all users.
I am using the SuperLogin Node.js server for user authentication and the App is implemented using the ionic 2 framework.
You can create two (or as many as you like) databases with PouchDB, so yes, you can do what you want to do.
The " list of the brewery's currently available beers" database should be on a CouchDB server and PouchDB can access that when the user is online. You can sync that to a PouchDB in the user's web browser if you want but not provide them with any function to write to it.
The "list of beers they want to drink and beers they have tried" database can be in the users web browser only. If you want to let them store that online as well you need to make both a CouchDB user and a database for them.
Check out pouchdb-authentication for more info and look into "Admins", "Members", and "Roles" there and in the CouchDB docs as well.
Related
I am developing an app in which user stores their data. I want to add option to allow user to connect their database (on their server) to the django project so that they can store their sensitive information. Eg:-
Data stored on my app database -> Name, Username, Email
Data stored on user database -> Phone, Bank Details etc.
I cannot configure user database credentials in settings.py as it will be dynamic and different for different users.
So, how do i accomplish this?
You can't have different databases for different users. The database is for the site.
In terms of security, people have access to the data you allow them to in the database. So if security is important, just structure the data in such a way that people can store what they need & only access what they're supposed to.
It sounds to me like you need to think about your database design to accomplish what people need, and then ensure the project keeps data restricted to the correct people.
I use sqlalchemy to solve the problem. I also integrated batch script and django views to create tables. If any one has the same issue, i can share the code.
Here is the quick link of sqlalchemy: https://www.sqlalchemy.org/
I am creating backend for a messaging application. I want it to be mostly a web app so would have to store the list of people with whom a user chats and all the messages in the server. However, I also wanted to have the ability to extend it and use the same backend for a mobile app. So I was thinking of having a separate database or table for every user and only open the connection to it when a user connects to the backend using WebSocket. However, according to this post, it seems that in most cases, it is better to have a single table and have many to one relation. So what would be the best choice in my usage? Also, how can I go about implementing that in Django?
We have merchants with campaigns in our project. Currently, we - as superuser - manage all merchants' campaigns. However, some merchants require access to campaign management so that they can control the process and set new campaigns themselves.
There is a possibility to create the second admin site and set permissions so that only merchants can log in. However, what we need is - to filter only the campaigns owned by logged in merchant and also, when creating a new one the merchant_id should be prefilled and readonly.
Is it possible to do it using the second django admin site or should I create a special frontend interface for this purpose? Is it possible to set permissions per user-object pair (in django admin)?
Edit: I found django-guardian https://github.com/django-guardian/django-guardian/blob/devel/README.rst that should be able to do what I need.
My company has decided to use FreeIPA in order to make available Single Sign On feature for our employees. I am not familiar at all with Kerberos/LDAP and similar because i have never used those technologies before.
We have 70 users - they have Windows OS machines and SSO should be used for several Python (Django) web apps, WordPress web sites and possibly for Roundcube web email and OpenVPN access. They don't have access to web servers at all so SSH accounts are not important for this story.
Our python web app has database table with users' data which is in relation with some other tables and it is very important for us to have every single user added to those tables (via our web app interface) because otherwise our app will not work properly.
Having that in mind, i would like to know if there is a way somehow to reference user from FreeIPA's database to our web app's and wordpress' databases, example below:
Not every user has access to every web app and not every user has the same privileges in those apps.
We have already defined user privileges in every web app separately and everything works perfect, so main aim is just to make avaliable SSO for our users. I don't want to bother with user groups and privileges in FreeIPA system, will be i able to avoid that?
When user gets Kerberos ticket i want those web apps to recognize his/her account which is referenced to corresponding user account in FreeIPA database, and so has certain privileges in those apps.
In this scenario it is obvious that i will have to add every new user two times - in FreeIPA database and in web app's database, but that's not a problem, i just want to connect/reference those user accounts somehow.
EDIT to Michael Ströder's answer:
As i see, i would have to add every existing user manually to FreeIPA with "--uid" command because FreeIPA gives those attributes to every user automatically. I agree, i would not use user names for UID but only integers. So, i have imagined to make it like this - i would have to link every user's uid number to application's DB user's table ID column. Let say, if John has UID #7 he should also have ID #7 in WordPress wp_users table, and that looks fine to me. I think i could easily manage this in my custom python app, but i'm unsure how to manage this in WordPress, is there some plugin that could be use for such things? I've found AuthLDAP but i'm not sure if that is the right way to do it? Thanks in advance
The usual way is to have unique and persistent user names (String), usually stored in attribute uid in FreeIPA (or other LDAP servers) and use this as key in your application's DB table.
Note that uid does not contain the POSIX-UID (Integer) which is actually stored in attribute uidNumber.
I'd strongly recommend not to derive user names stored in uid from personal names because these often change. Also you should never reuse user names.
FreeIPA also has attribute nsUniqueId which contains a UUID generated during creation of the entry. It will not be modified during life-time of the entry. If you want to use that you have to take care that entries are not deleted/re-created by an external identity management systems all the time.
(Other LDAP servers are using standard attribute entryUUID).
I am developing a C# program and I need to show Users and Roles list in it from Liferay database.
Is there any service to fetch these information for me?
You should check out the Liferay JSON Web Services to get this kind of information (without having to query the DB directly).
If you go to http://your-liferay-server-url.com/api/jsonws you can see all the Web Service end points that Liferay provides, and that you can make calls to.
If you however want to directly query the Liferay database then look at the following tables:
groups_roles
groups
role_
user_
users_roles
usergrouprole
That should be all of the tables in the DB that you need to get the info, and you may not even need all of those tables for what you need.