Closed. This question needs to be more focused. It is not currently accepting answers.
Want to improve this question? Update the question so it focuses on one problem only by editing this post.
Closed 1 year ago.
Improve this question
I want to implement role-based permission in React. I have 3 different roles.
Operator
Supervisor
Admin
Each role has certain permissions.
Example: Operator can view user form but can not edit user. The supervisor can edit the form but can not delete the user. This is just an example. I have different 20-25 permissions. (either canView / canEdit).
enum permission = {
viewUser,
editUser,
viewReport,
modifyReport,
etc..
}
Post Data: { permissionType: permission.viewUser } // Backend will have already user role and id stored in service when user logged in, so no need to pass that.
Response may look like: { canView: true, canEdit: false }
My Question: Where and how can I create that enum and shared service (to make an API call at one place) so all the components can use that shared service to get the permissions and return results to component? I don't want to get all the permissions at once. As soon as I load the component, I want to make an API call and get specific permissions.
You can create a separate file for this (e.g permission.jsx) and import in any module needed
But I guess, this is not your question, more clarity will be better.
The other suggestion is to create an authorized component and wraps all the component that requires permission around it
Related
Closed. This question needs debugging details. It is not currently accepting answers.
Edit the question to include desired behavior, a specific problem or error, and the shortest code necessary to reproduce the problem. This will help others answer the question.
Closed 6 days ago.
Improve this question
Am an admin of a salesforce org. I have to remove a user from the weekly subscription of a dashboard from the backend. In the org setup, there is no option for admins to remove recipients from the UI.
I tried querying EntitySubscripton object by passing the dashboard id as parent id. The subscriberId field in the EntitySubscription returns only the users who follow a record and not the subscribed users of the dashboard.
Can anyone help in assisting on how to remove a particular subscribed user of a dashboard from the backend?
Closed. This question is opinion-based. It is not currently accepting answers.
Want to improve this question? Update the question so it can be answered with facts and citations by editing this post.
Closed last month.
Improve this question
I'm wondering what would be the best way of building an invitation system with roles with Firebase.
Taken this:
userA invites userB's email address to join his account, with role "READ_ONLY".
userB registers with his email address, accepts the pending invitation, and has access to userA's account with role "READ_ONLY"
The main question here is where should I store the invitations data?
As a dedicated collection "/invitations"?
As a sub-collection "account/{id}/invitations"?
Create a user with a dump password and keep the role in the user claims?
Something else 🤷‍♂️?
I'm afraid solutions 1 & 2 would cost too many reads each time a user registers.
Solution 3 would not be the best UX as user would have to reset his password after trying to register (because email address would already be in use)
Any thoughts?
Thanks
You can create a collection of invitations where you can store all invitations with :
user who invited
user who was invited
role
expiration
Send an email to the person who is invited invitation ID.
In case the email has an account and is login, he just needs to accept or reject it, otherwise, ask him for registration or login.
Closed. This question needs details or clarity. It is not currently accepting answers.
Want to improve this question? Add details and clarify the problem by editing this post.
Closed 2 years ago.
Improve this question
for the app I am creating I am using google as the sign-in and sign-up option. I need to access some user data in the app. I have the uid, or user id, for the user whose object I want to get. I was wondering if it is possible for me to access a google user object in my app's firebase database with uid, and if so, how?
Thank you in advance for the help
We can not get data from goole using firebase uid, You have to store data of google when you are doing signin and signup. You can store current logged in user by googleSignIn.currentUser.id. Usually people do the same at Google SignIn
Closed. This question is opinion-based. It is not currently accepting answers.
Want to improve this question? Update the question so it can be answered with facts and citations by editing this post.
Closed 2 years ago.
Improve this question
I've read several articles, they're saying do not go with JWT as they're not secure. Whereas going with session has a disadvantage that if server is restarted, session will be logged out.
So I want to know what would be the best choice to go with? JWT or Server Side Session, also please do share any reference links so that I could understand and implement.
I'm using MongoDB for user registration. So what should I choose JWT or Server Side Session?
There are no right and unique solution for your question.
You should analyze your use case and make right choice. In order to do that you can consider pros and cons for both solutions.
Type
Pros
Cons
JWT
1) Allow to scale your back-end with stateless authentication 2) You can use the same authentication provider for different applications
1) The JWT size could be larger than a session ID. It could affect network performance since it is included with each HTTP request. 2) The data stored in the JWT is readable by the client. This may be an issue. 3) In order to revoke a JWT before it expires you need to use a revocation list. This gets you back to the server side storage issues you were trying to avoid.
Server Side
1) Easy to code both the client and server. 2) Easy to destroy a session when someone logs out.
1) Scalability, because the sessions are stored in the server’s memory, scaling becomes an issue when there is a huge number of users using the system at once. 2) Every HTTP request requires a lookup to the data store
Closed. This question is off-topic. It is not currently accepting answers.
Want to improve this question? Update the question so it's on-topic for Stack Overflow.
Closed 10 years ago.
Improve this question
I want to add a mailchimp subscription form my drupal site to allow users to subscribe for newsletters based on categories, user will select the categories for newsletters and then subscribe for them.
mailchimp provides forms embed code for a particular campaign list but i want a single form for multiple campaign lists,sucbscriber can select campaign lists ( categories ) by using checkboxes.
i installed mailchimp module and tries webforms for subscription forms but had no luck.
Created different mailing lists on mailchimp and forms for all lists and embed them all on my site , but there is no such a feature available on mailchimp to create and embed a single form for all mailing lists.