I have an angular app with two distinct sections to it. Each section belongs to a type of user. There are some commonalities but for the most part rather different. For example:
/receptionist
- View Diary
- Answer Phone
- Make Tea
/ceo
- View Diary
- Announce Earnings
- Strategize
Both the ceo and the receptionist need the functionality for viewing the diary. I was thinking wanting to change the modules loaded (and the routing) depending on who logged in.
if (user.type === 'receptionist') {
app = angular.module('receptionistApp', ['diary', 'phone', 'tea']);
else {
app = angular.module('ceoApp', ['diary', 'earning', 'strategy']);
}
I am wanting to do this because there is some overlap, but not a lot. And each app is actually quite big.
I am not wanting to achieve anything security wise here. Each app will have different types of users and roles. Those will be secured through WebApi. I just wanting to avoid loading all of the modules when 45% of them will be of no interest to the other app.
Yes.
Also, (and you probably won't need this) you can load modules even more dynamically, and initialize AngularJS yourself instead of having it load instantly. You can remove the ng-app directive, and do a manual initialization.
angular.element(document).ready(function() {
angular.module('myApp', []);
angular.bootstrap(document, ['myApp']);
});
Related
I would like to check if the user added my widgets to the Home Screen, is there an API for this? I could not find one. WidgetCenter.getCurrentConfigurations returns all available widgets served by the app, not the used ones.
The reasons I look for such an API are:
I would like to report usages of the widgets.
I would like to decide if I should trigger timeline reloads via WidgetCenter when state changes happen in the app.
Method WidgetCenter.shared.getCurrentConfigurations does return the number of user configured widgets:
WidgetCenter.shared.getCurrentConfigurations { widgets
if let widgets = widgets, widgets.count > 0 {
// User did configure at least one widgets
}
}
This is also according the documentation:
Retrieves information about user-configured widgets.
Unfortunately, I don't think such an API exists (yet).
For 1. I would write something that identifies the widget in a shared user defaults container. Hooks for that would be getSnapshot(for:,in:,completion:) or getTimeline(for:,in:,completion:) with context.isPreview == false. Now the difficult part is that you don't get any id for the widget so you cannot distinguish two widgets with the same configuration (afaik).
For 2. I think this is (and will be) opaque, so you just tell the WidgetCenter to reload specific or all configurations and when no widget is currently placed on the home screen nothing happens.
I have a custom resource-tool (ledger entry tool) that modifies values of a resource as well as insert additional rows into related resources.
"Account" is the main resources.
"AccountTransaction" and "AccountLog" both get written to when a ledger entry is created. And through events, the account.balance value is updated.
After a successful post of a ledger entry (using Nova.request) in the resource-tool, I would like the new balance value updated in the account detail panel, as well as the new entries in AccountTransaction and AccountLog to be visible.
The simple way would be to simply reload the page, but I am looking for a more elegant solution.
Is it possible to ask these components to refresh themselves from within my resource-tool vue.js component?
Recently had the same issue, until I referred to this block of code
Nova has vuex stores modules, where they have defined storeFilters.
Assigning filters an empty object and then requesting them again "reloads" the resources. Haven't done much more research on this matter, but if you are looking for what I think you are looking for, this should be it.
async reloadResources() {
this.resourceName = this.$router.currentRoute.params.resourceName || this.$router.currentRoute.name;
if (this.resourceName) {
let filters_backup = _.cloneDeep(this.$store.getters[`${this.resourceName}/filters`]);
let filters_to_change = _.cloneDeep(filters_backup);
filters_to_change.push({});
await this.$store.commit(`${this.resourceName}/storeFilters`, filters_to_change);
await this.$store.commit(`${this.resourceName}/storeFilters`, filters_backup);
}
},
I am currently building out my iOS 10 app with user profiles, which should hold certain achievements and experience points (similar system to StackOverflow). I have already built my Facebook Login, FIRAuth etc. At the moment I am thinking about the data structure of Firebase's DB. I have read through the Firebase Guide for flat data structures and some general Firebase data guides like the one from Ray Wenderlich.
This is what users can already do:
login with Facebook (...) and get picture, name etc. (already handled via FIRAuth)
visit a profile page, which shows their name and profile picture (already handled in a ProfileViewController)
This is my to-do list:
basic achievements via badges/titles similarly to StackExchange/StackOverflow e.g. user has done action XY 20 times => badge for 20 times for action XY; I was thinking of either:
a) having an array/list in each of the users' profile, which holds all of the gathered badges (as strings) OR
b) having a single boolean var for each achievement within the user profiles
a second achievements tracker, which tracks the general usage of the app - something like a levelling system in RPG games with experience points so just an Int value for every profile in terms of the DB
My question:
How would you combine the FIRAuth profiles with the database to hold the aforementioned badges (could be up-to 50-60 achievements) and the separate levels/xp points of the users?
Keep in mind that I am new to the modelling of JSON DBs. I don't want a solution in terms of code etc. for the functions in question - just a helping hand for the data structure of the user profiles.
I would also be looking into the extension of the user profiles in the future (messaging etc.) and I should be able to send notifications to all users who have certain levels/achievements in the future (and this makes me lean towards b)) - so too much nesting is out of the question already.
Using the structure below, you can retrieve a particular user's achievements by observing the children of the user's achievements path. However this only get's you the keys of the achievements.
Given you have a user with the uid 1j6Ft1BT30TFG403obvGfjOHE4th, for each child in user-achievements/1j6Ft1BT30TFG403obvGfjOHE4th, you can use the child keys to observe the value of each achievement at achievements/-KQpsPExLsKdnVHMliiP.
{
"users": {
"1j6Ft1BT30TFG403obvGfjOHE4th": {
"username": "john"
}
},
"user-achievements": {
"1j6Ft1BT30TFG403obvGfjOHE4th": {
"-KQpsPExLsKdnVHMliiP": true
}
},
"achievements": {
"-KQpsPExLsKdnVHMliiP": {
//
}
}
}
Basically this comes up as one of the related posts:
Isn't it dangerous to have query information in javascript using breezejs?
It was someone what my first question was about, but accepting the asnwers there, i really would appreciate if someone had examples or tutorials on how to limit the scope of whats visible to the client.
I started out with the Knockout/Breeze template and changed it for what i am doing. Sitting with a almost finished project with one concern. Security.
I have authentication fixed and is working on authorization and trying to figure out how make sure people cant get something that was not intended for them to see.
I got the first layer fixed on the root model that a member can only see stuff he created or that is public. But a user may hax together a query using extend to fetch Object.Member.Identities. Meaning he get all the identities for public objects.
Are there any tutorials out there that could help me out limiting what the user may query.?
Should i wrap the returned objects with a ObjectDto and when creating that i can verify that it do not include sensitive information?
Its nice that its up to me how i do it, but some tutorials would be nice with some pointers.
Code
controller
public IQueryable<Project> Projects()
{
//var q = Request.GetQueryNameValuePairs().FirstOrDefault(k=>k.Key.ToLower()=="$expand").Value;
// if (!ClaimsAuthorization.CheckAccess("Projects", q))
// throw new WebException("HET");// UnauthorizedAccessException("You requested something you do not have permission too");// HttpResponseException(HttpStatusCode.MethodNotAllowed);
return _repository.Projects;
}
_repository
public DbQuery<Project> Projects
{
get
{
var memberid = User.FindFirst("MemberId");
if (memberid == null)
return (DbQuery<Project>)(Context.Projects.Where(p=>p.IsPublic));
var id = int.Parse(memberid.Value);
return ((DbQuery<Project>)Context.Projects.Where(p => p.CreatedByMemberId == id || p.IsPublic));
}
}
Look at applying the Web API's [Queryable(AllowedQueryOptions=...)] attribute to the method or doing some equivalent restrictive operation. If you do this a lot, you can subclass QueryableAttribute to suit your needs. See the Web API documentation covering these scenarios.
It's pretty easy to close down the options available on one or all of your controller's query methods.
Remember also that you have access to the request query string from inside your action method. You can check quickly for "$expand" and "$select" and throw your own exception. It's not that much more difficult to block an expand for known navigation paths (you can create white and black lists). Finally, as a last line of defense, you can filter for types, properties, and values with a Web API action filter or by customizing the JSON formatter.
The larger question of using authorization in data hiding/filtering is something we'll be talking about soon. The short of it is: "Where you're really worried, use DTOs".
I have an in app purchase issue... I have an iPad app I'm upgrading. Previously used MKStoreKit. Started to upgrade to the latest version, but it turned out to be too complicated and too different to just "plug-in". Created a new "store kit" from scratch, which is much simpler and is built for iOS5+ and is ARC compliant.
Scenario: I have 3 spots to purchase. 1) is a full upgrade from a popover; 2) is an "icons" popover, which allows the user to purchase sets of icons for use in the app; 3) is a "backgrounds" popover, which allows the user to purchase sets of backgrounds for use in the app. All are in different views within the app.
Obviously, the available items all have to be available, but they also need to be segregated into the different popovers.
I have a "store manager" and a helper for the manager. The manager has a class method which includes all of the products listed in a set, and are accessed via a single "productIdentifier" variable in the manager. The actual items (images) are included in the app and are connected to an SQL database. I have played with additional sets, and have used subarrayWithRange. I have the correct number of sets showing in the popovers, although they are not showing the correct count, nor the correct images in each set.
I am looking for suggestions on how to separate these products into their unique "categories", while retaining the product identifier class of the manager, so that they feed back to the manager. I'm not looking for someone to solve it "for me"... I fully believe in solving one's own issues. I'm merely looking for a few suggestions in steering me in the correct path.
Should I create separate class methods for each type of purchase? Subsets within the main set?
Have any suggestions on how I could solve this issue? Any and all are appreciated.
I was able to solve this issue by using a refresh table method. I simply use different ranges for the 3 different spots.
-(void)reloadData
{
_products = nil;
[TJ_IAPHelper.sharedInstance requestProductsWithCompletionHandler:^(BOOL success, NSArray *products)
{
// by using subarrayWithRange, we limit what is displayed in the table
// those items that actually correspond to the background sets
// from the Apple store
_purchaseableBackgrounds = [products subarrayWithRange:NSMakeRange(0, 6)];
if (success)
{
_products = _purchaseableBackgrounds;
[self.tableView reloadData];
}
[self.refreshControl endRefreshing];
}];
}