We are embedding PowerBI reports for out-of-organization users using the PowerBI JavaScript API. When using edit mode, it seems that save conflicts are not handled in any way. The situation is quite rare for us, but nonetheless it should be handled properly. For example:
User A opens a report in edit mode
User B opens the same report, makes an edit, and saves
User A then saves his/her changes after user B, effectively overwriting user B's changes
I would have assumed, that there would be at least an informative message displayed in this kind of situation (e.g. with optimistic locking), but it doesn't seem to be the case.
I am wondering if there is something in the APIs themselves that we are missing?
There is not special locking between 2 customers or clients editing and saving at the same time. you can notice that the save operation is saving the differences done in edit, such that you would get the aggregation of the 2 edits.
Power BI Embedded in these cases acts no different than the PowerBI.com website.
However, in cases where the edits might conflict and cannot be resolved in Power BI automatically, you might get a 400 (Bad Request) response when doing the save operation, with the proper IError object transferred to the application via the JS SDK.
Related
[Disclaimer: I'm not sure if this kind of question is accepted here as it is about a piece of software deployed already. Rest assured I didn't drop any confidential information. Also do tell me if I violated any rules in SO by posting this so I can take it down immediately]
I have a working Learning Management System web application and I recently received a bug report about a button not showing. After investigating, I have proved that the user was not using the web app as intended. When taking an exam, he was opening multiple tabs to exploit the feature that informs him whether the answer was correct or not. He then will use this information to eliminate the wrong answers and submit all the right answers in another tab/window.
I'm using Rails 4.2. Is there a way to prevent multi-tab browsing? I'm thinking like if a user is signed in and he attempted to open a new tab of the webapp, he should see something like "Please use one tab" and all the features/hyperlinks/buttons are disabled.
Here's a screenshot of how I proved he was using multiple tabs. Notice that there are multiple logs of the same attempt # because the current implementation allows saving a study session and resuming later (this is the part that's exploited). The opening of multiple tabs searches for the most recent attempt session and continues from there. This is also the reason why most of the sessions don't have a duration value -- the user only finishes a study session for one tab (by clicking a button that ends the study session). The system cannot compute for the duration because the other sessions don't have an end timestamp.
-
This is what a single-tab user looks like:
This is more of an application misuse issue more than a bug.
You should add protection not only from multi tab, but for multi browsers aw well, so it can't be purely FrontEnd check.
One of the solutions could be using ActionCable to check if a user has an active connection already and then act accordingly.
Another, for example, generate a GUID in JS and pass it with every answer. If its different from previous answer, it means user opened a new window.
But of course the solution would depend on your current architecture, without knowing how do you currently organise client-server communication it's hard to give exact and optimal solution.
I found an answer here. I just placed this js in the application view to prevent any extra instance of the website.
Thanks for everyone who pitched in.
Is there a strategy/approach that can be built to bring an ASP.NET MVC application into "single user mode" gracefully? By "single user mode" I mean something that when activated will block all new user access/logins, but allow existing users to complete their sessions and log out.
SCENARIO: I need to republish an active MVC application during the day in order to patch errors. Since we are conducting a new release I need to be able to do these patches sometimes a few times a day to squash bugs. Our users are all over the world and I don't have the ability to contact them individually to tell them of the patch, especially if it is a quick fix that is needed. So far I've just been republishing which means for some users their sessions will be destroyed, they will get errors when trying to navigate from one screen or form to another, etc.
What I would like is a feature that will let me log in as the site admin (custom Identity auth), flip a switch, and from that point forward (unless I flip the switch again) no new logins will be accepted. I would also need the ability to monitor sessions and ideally mark individual sessions for termination immediately if necessary, which I'm not sure is possible out of the box at all.
If there is no NuGet package or at least some code sample out there that can do it I'm considering rolling my own. One approach is giving the app admin a screen to set a boolean Application variable that is then checked during each user's login. If that Application variable is true then the authentication logic redirects the user to a friendly message that logins are disabled. Session management would be trickier, maybe have the base controller update an Application variable (dictionary?) on each page load, and then the admin can view a screen that shows a list of those sessions and can flag them for termination? And then the next time a flagged user loads a screen the base controller logs them out since they were flagged for termination. But I'm not sure if there will be threading/deadlock/etc issues with everyone accessing this Application variable repeatedly like that.
For reference, the application is used by about 3-5K different users per day, about 25-30k screen/page views per day. Backend is a combination of Oracle and SQL Server but that shouldn't matter, unless it would be better to track the session info in the DB.
This is not a hard requirement, but the impact on the users when the site goes down can be severe, so I want to make it as graceful as possible. Right now it is crude.
I've worked on several iOS apps, some of them utilize Core Data, and some of them don't. While I consider myself having a basic to somewhat good understanding of Core Data, there's always something that makes me doubt the usefulness of it. I've done a lot of reading on the subject, and the general consensus seems to be the advantages of using it outweighs the disadvantages. I recently submitted an app without using Core Data, and always planned on going back to update the project to utilize it when I have the time for some optimization work. Now's the time, but I wonder if it makes sense for the app I'm working on, and maybe I am not using it correctly all along. Please advise and point out what I am missing.
The project I am working on is a social networking app, which also has a front-end site. We have standard features like a newsfeed, event listing, the ability to follow/unfollow someone, and a map with POIs at user's location. Currently, we're using pagination whenever needed when requesting data from server.
My understanding of why Core Data is great:
Easier to manage data with complicated relationship
Easier to access data without having to pass them around
Easier to manipulate, fetch, and sort your data
Better memory utilization
Improve perceived performance by preloading data stored locally until latest data's received
The problem I am having is, since I am using pagination when requesting for data instead of requesting for all at once. The data stored locally is only a subset of the current state in the database. Let's use newsfeed as an example. If I do the following, it will cause some problems:
User manually refresh the newsfeed -> Controller notifies model that it needs the latest 20 items -> Model requests for the latest 20 items in the newsfeed and save them as NSManagedObject -> Model notifies controller that data is ready -> Fetch the latest 20 items to show in UITableView
If user A refreshes the newsfeed, background the app, and then user B deletes his post in the newsfeed (let's say it was 10th item) before user A foregrounds the app again to refresh the newsfeed. In user A's newsfeed, B's post will still be up there because according to the createdAt attribute, it's indeed one of the latest 20 items.
To fix this problem, I can think of a few solutions:
Add a flag to the item to indicate it's removed
Always discard local data when new data arrives
Disable pagination
Instead of using the workflow described above, always present the requested data only instead of fetching the latest
Solution 1 means custom code is required to deal with different clients since browser doesn't need deleted items but iOS client does. However, even though it can work, it can potentially mess up the pagination mechanism and can cause weird behaviours in the client. For example, if a large amount of items gets removed, the latest 20 items will contain only a few items that will actually show up in the newsfeed on the client when user refreshes it. As user follows more people, more stories will be inserted in his newsfeed as well. This solution won't work very well in this situation.
Solution 2 totally defeats the purpose of using Core Data in the first place unless I am missing something.
Solution 3 means the client always needs to request for all data. This is nearly impossible to do because as you get more data, the time to retrieve and process them will make the app slow and unresponsive. It also doesn't make sense from technical and UX point of view.
Solution 4 also kinda defeats the purpose of using Core Data because it's the same workflow when we only store data in memory. You can still fetch and find objects but they might be invalid on the server already at the time of access.
Am I missing something? How is Core Data supposed to be used in this scenario? How do you ensure data consistency when the client doesn't have all the data? Thanks you in advance.
I am trying to create an application which will provide IT services for different organizations.
I have a long form for creating a user where I have to search all users within that organization through LDAP. This turns out to be a time consuming process. I can search all users and later put them into a list and use that list in a different situation. But the problem is that at the same time any administrator can modify or delete a user. I have thought of putting the list into an application scoped bean. But I have a different organization as well, which has totally different set of users.
What is the appropriate solution in such a situation?
I would say this is not something that can be handled by the scope if you are running multiple instances of a JSF application that all access a single database.
This should be handled by a lock on the object in the database, i.e. when you load the editing view for a user, the user object is locked for editing to the others (like a boolean column named locked). Saving or canceling editing, releases the lock (or it expires if the user forgets to do any of it).
Application scoped data are visible to all users of your application. That is, if you put some list in application scope, and later reference it in view, it will be the same instance for every user. Also, you should beware of severe concurrency issues imposed by such approach.
Most probably, you scoping problems will end when you'll put your list of users in session scope, where it most naturally fits. You'll load the list of users of a particular organization when a user with appropriate rights demands it in some view.
From this point you'll face the actual problems that you're worried of, and those are problems that arise in a multiuser environment concurrently accessing shared resources (like administrators modifying users in your example). One of the things that you're afraid of, as it can be followed from your question, is the 'last commit wins' strategy, under which edits made in time by another users before the last user committed the edits will be lost, or overwritten, by the last commit.
This type of problems can be solved by introducing some type of 'locking' on the database level. Basically there are two types of locking: optimistic and pessimistic.
What Is proposed in another answer is an example of pessimistic locking, under which no one is allowed to access the data unless database lock is released. The seip is as follows: user who is going to update the data places an exclusive lock preventing other users from manipulating data until the lock is released. The idea behind is that the users will update the database resources synchronously and that possibility must be ruled out no matter how frequent those conflicting updates actually happen.
Another option - optimistic locking assumes that many users can access and modify data simultaneously, without locking the database resources. This is typically achieved by storing record version in the database. When a conflict occurs, a user can be prompted about that, preventing information loss. The idea behind is that though conflicting updates are possible, they will in fact be rare, and in any case the user will be notified of that conflict.
Note that the setup without locking, or 'last commit wins' strategy is basically the same as optimistic locking, when the final user always chooses to overwrite the data.
As you can see, there are some approaches to choose from. So first learn about them yourself, then maybe your not-so-like-question will vanish. And if not - you'll be able to come back and post a new question on concrete topic with concrete problem so that we won't speculate but will concentrate on helping you.
Wondering if its possible (technically and licensing) to create a website for a Customer to view reports, report bugs, track progress of products we are creating for them (we are using VS2010 and TFS2010).
Cheers, Nick.
Hopefully one of the MSFT guys will weigh in here, but if I recall, providing access to "real-time" data via a web site is not allowed. Putting static data into a status report is allowed, I believe, as long as the person creating the data has a CAL.
There's an exception to the CAL requirement for creating work items and the subsequent view of those work items. This would allow non CAL-ed users to be able to submit things like bug reports.
From a technical standpoint-- yeah, it is not only possible, but relatively easy to do with the API.