I am building a software where I have users who are responsible for managing contracts. Each user can only see the contracts that they are responsible for.
Now, I want to implement a share functionality where a user can decide to share some of the contract details with another user, so the other user can now see in his contracts list a shared contract.
But first, I want to make sure that I implement this correctly in terms of the database.
So at the moment, I have the following with regards to the relation between the users and contracts:
user (1) manages contracts (1..*)
And to implement the share functionality, I added the following:
user (0..*) can see contracts (0..*)
Which resulted in a new table that I called SharedContracts. This table will store the userID of the user who will now have access to the contract and contractID of the shared contract.
So what will happen now is that whenever user A decides to share his contract details with user B, the SharedContracts table will be used to store this data.
And the next time user B logs in, the system will check if he has a shared contract by querying the SharedContracts table. The the system will select all contractIDs that are associated with his userID.
I want to know if this is the correct way to implement a functionality like this? Is there any other way? Can I run into some problems if it stays like this?
I think your proposed architecture would be fine. The only modification I would suggest is including the IDs of both the user who shared the contract as well as the recipient of the share in the SharedContracts table. This will allow for the user who shared a contract to revoke that share at a later date.
SharedContracts
+----------+------------------+------------+
| SharerId | ShareRecipientId | ContractId |
+----------+------------------+------------+
| 1 | 2 | 1 |
+----------+------------------+------------+
Related
I'm currently making website for selling stuff and my system requires some specific user rank's to have workers under them. So i was thinking if it could be possible to make some database design like this ( See picture below) and add user_id with worker_id (foreign keys pointing to user_id key) and then retrieve through a query how many workers a user has.
Adding a picture to understand my idea.
Thanks.
Okay, I am going to try and explain this in a way that will make sense in the question that I am needing help with. Let's say that I have over 100 locations that I am pulling data from in a report that I have built already.
The following columns have the correct data coming through for each location:
User | Active | Admin | Organization | Department
User Column: This is where the name of the user is display
Active: This is if that user has an active account on that location
Admin: This is if that user has an admin account at the location
Organization: This is to display the organization for that particular location provides
Department: This is to display in what department of where the user works
Before I get into the question, I have a parameter set up to where the person receiving the report will have to choose the location that they are wanting to see before the report is shown. Another way to state that is to say the parameter is set to show only those users in that location once a locations is selected.
The question I have for a client is that some users are admins and those admins have access over 2 organizations. But some new users are not attached to an organization just yet. Is there a way for me to format a column/subreport to show those individuals that are not attached to an organization? I would be eternally grateful for someone to walk through the logic with me.
In this case let me be more specific about the problem
I've got a peoples table(with customer & supplier) and I've got a users table(for users who can login).
Currently I have this DB structure
Customers -> Organisations -> linked through rel_customer_addresses to address table.
(as 1 customer could have delivery_address, invoice address etc.)
Users -> Tenants -> linked through rel_users_addresses to the address table
(as 1 user could have delivery_address, invoice address etc.)
Now I've got in the invoice table customer_key. The problem is when the user himself is the customer and the invoice is from one of his customers. How do I indicate my web app to look up user and not the customer?
Since you're looking at 2 separate entities (customers and users), I would go ahead and use 2 separate tables and have them share a unique identifier (i.e., username, SID).
That way there's no chance of one seeing information from the other without the appropriate permissions.
There are several ways to control this, but the logic is something like this.
If userID exists in table user, do this.
If userID exists in table customer, do this.
If userID exists in table user AND table customer, do this.
That way you can control the situation completely either independently or together. In other words, you could grant special permissions to userID that is found in table customer, or just make it completely separate (similar to say, how facebook makes a separate 'identity' for pages vs the account it's registered to).
Hope that helps!
I am trying to model friendships using the Parse.com javascript API (essentially backbone models). I am using the built in Parse.com User Class. I have a mySQL / relational DB model background, and finding it tricky changing my thinking to a non-sql / denormalized way.
It should support the standard facebook style methods:
- user a can request user b's friendship
- user b can accept or ignore the friendship request
For a given user I want to be able to fetch a collection of their friends (accepted friendships in both directions).
I had been considering using a Friendships model and referencing the user models as initiators and acceptors:
initiator | acceptor | status
==========+==========+========
user a | user b | accepted
user b | user c |
user c | user a | accepted
I am unsure if this is the best way, and also unsure about securing it with ACLs. I am concerned that both users in a friendship will need to be able to update the row - in order to remove a friendship. Also, user b should not be able to make requests to the Parse API that would reveal another user's friendships.
To query for a user a's friends I would do two queries, one for where user a is the acceptor, and one for the initiator.
Can someone please comment if this is an acceptable way to model this, or if not why not and suggest improvements.
Thanks!
Update 8/8/12:
A problem I see here:
If I set an ACL on each row in the Friendships Class so the initiator may write the row, and it is publicly readable - then the acceptor will not be able to update the row to status = accepted.
Could a friendship be modeled as two rows in the table?
eg:
initiator | acceptor | status
==========+==========+========
user a | user b | requested
user b | user a | accepted
No idea how I would query that to get a given user's friends however!
I decided to implement this with Parse CloudCode to simplify the data security, and lock down all client write access to the Friend class.
I have three cloud code functions... friendRequest, friendDelete, friendAccept. These functions operate with the master key for doing all write-operations on the friend class. Read ACLs are added to each row for both users in the friendship - so you can only view your own friendships.
I'm a noob, development wise and logistically-wise.
I'm developing a site that lets people take a test...
My client wants the ability for a user with the roll/privledge "admin" (a step below a super-admin) to be allowed to create users and only see/edit the users that they create...
The users created in that "category" or group need some information that their superior provides.
For example, I log in as a "manager", I have the ability to invite people to take the test, and manage those people. Before adding those people, I will have filled out a short survey about myself...
Right now, the users that are invited will be asked some of the same questions as the manager. I'd like to cut down the redundancy by using the information put into the database by the manager and apply it to the invited users.
How do I set up my database to work with this criterion? I'm a little confused about how to do this! Let me know if I can add more details...
(This is a mysql and php app)
I am sure there are several ways to do this but here is one that comes to mind.
In the "users" database, I am sure you have a column to specify which manager is assigned to the user by some kind of user key. Well If this field has a value, then pull the info from that users (manager user) record.
Example:
table 'users'
key----name------managerid-----questionone------questiontwo----
1-------randy-----0------------------california----------c++--------------
2-------bob--------1------------------nevada------------------------------
Since record(key)1 has managerid == 0 then use questiontwo record to answer "Question 2".
Since record(key)2 has managerid == 1 then pull questiontwo from record(key)1 and use that for answer to question two.
You could either insert this information into the record or use it from the manager record dynamically as needed, which thought the space is still being used in the database, would be helpful since manager data might be updated and you might not want to have to update all records with that share the managerid wheh info is changed.
Make sense?