i have something in mind, i have some user types, Building owner, building manager.
I want to create user as building manager, but i dont want they have access to login system. this user are only for some selectbox in my website, but i need to show them in my user index page.
what i think i can do is create normal user and with a before_save i create a new data in another table.
In a request i need to be able to setup in my building form more than one building manager. maybe the best are with nested form.. I think i will need to add building id to my user table. maybe they can be assigned more than one building.
for now, my db structure are like this :
table users with user data (username, password, email, first and last name, phone)
table usertype have userid, typename and accesslvl
But this problem give me some managing problem. They will not be associated with user data.
How can i resolve this? Does Device can block some user? I searched in the Devise docs, but nothing found.
Thanks for your help.
There is an approach where admin users can approve other user accounts for login. You could use a similar approach but programmatically approve the accounts you actually want to allow logins for. Details are here:
https://github.com/plataformatec/devise/wiki/How-To:-Require-admin-to-activate-account-before-sign_in
Related
I'm creating a multi tenant app that something like project management software.
In my structure, there is a User table that excluded from multi tenant.
User comes my sign-up page, fills the subdomain field called Company then I create a schema for this user. So, they can access their account as companyname.example.com. Everything is okay so far.
I also have an Account table to store subdomains with a creator user.
Now, I also created a table for Account permissions. This table includes Account_id and user_id. I did something like that because, user could join more than one Company with same email address.
Conclusion;
User table
Account table
Account_permissions (to check when someone try to login to specific company. Because, they have more then one company.)
Does this make sense ? Do you have any idea in this case ?
In my iOS application on the initial launch user can sign in with 3 different ways: email/pass, Facebook or Twitter. Registering with each of them will cause to create 3 different users.
Later in my app user should have the possibility to link accounts. For example, if he signed in with email/pass, then he should be able to link Facebook and Twitter.
Parse native -linkInBackground works great in case we have only one user, which is email/pass. But if we will already have Facebook or Twitter account created, the Parse SDK will reply with error, saying that this account is already linked to the social.
At first I thought that I've figured out the workaround:
Save the old user data
Delete the old user
Sign in (not link) with the social (say, Facebook)
Fill all the data from the saved user to the new one.
Everything went well with one social, but it appeared that the "authData" field, which is very important in my approach, is not contained in the [PFUser currentUser]. And so despite the fact that all other data is transferred successfully, the authData is not transferred, so that we don't have authentication data of the old user.
The question is: Is there a way to get authData from Parse, or is there any "legal" way to achieve my initial goal of merging (linking) two (three) users?
No, you can not access the auth data, just like you can't access the password when the user authenticates directly with email/pass. This is a security requirement and will not change.
Ideally you should add some logic which checks if the new user should be created or if a user with the specified details (probably email address) already exists. If it does then you can reject the new user creation and return a suggestion as to how the user should login.
Well, I've got it working in a bit different way than I wanted, but looks like it's a quite stable solution.
I've created a custom Parse Class, called, say, MyUser. This class has several fields, like: facebookUser, twitterUser, regularUser, anyOtherSocialUserYouWant. Each of them is a pointer to the _User class.
Now if we are signed as, for example, a regular user, the regular user is created. The same happens with the rest like Twitter or Facebook. By signing in with three different socials we will get three different parse users. That's okay.
Next somewhere in the app, user will press "Link to Facebook" button. We need to save the current user. Next we will make a query for both users if there is a MyClass object with pointers to one of those two users (first is the current user, the second is the new user after sign in). If there is no such MyClass object, we will create one and fill in two fields: regularUser and FacebookUser.
Later if user will try to link to Twitter, we will do the same, and the query will return existing MyClass object, which will have two fields with pointers to regular and Facebook users. We will just add a pointer to the newly signed in Twitter user to that MyClass object.
The only trick is with the data, which should be common for all of the users. It is easy enough with the appropriate query. We will need to do two queries (or one "OR" query, but looks like "OR" query is not working with pointers): first query for required object with "user" field of current user, and the second query (inner query) is for objects with "linkedUser" equal to current MyClass object.
And thus to maintain objects we will need to have two fields on each object: "user" and "linkedUser". First field will be used always, and the second field will be used only after linking.
And yes, after MyClass user is created you will need to check if objects for current user and newly registered user has this fields "linkedUser" and fill it with the MyClass pointer in case of that field is empty.
Hope this will help someone.
P.S.: Dear Parse.com developers, I really appreciate your work, but you should really think about creating the kind of mechanism to merge users.
I'm building an app that users have to register before they can view the content, I am using Parse for my database needs.
What I need is have a class of Users (Parse.User) for regular users and a class of Users (Parse.User) for admins. The regular users would only be able to access the app, the admins would only be able to access an admin website where they will add the content (products) that will show up in the app.
Is it possible to create 2 different classes of Users with Parse? Or should I create the admin user class manually (not using Parse.User)?
Thanks for the help! I'm pretty new at this databases and user thing haha
What you really want is to create a Role for Administrators. You can assign ACL permissions to this Role and it will be respected throughout Parse. As you add/remove Users from this Role they automatically have the permissions of their current Role(s).
You can read more about Roles in the documentation, there's a whole chapter about it.
I'm fairly certain that you can't create 2 different User classes. (Though I may be wrong.)
But regardless, the easiest way to do this would probably be to keep all the users in the same class and just add an admin boolean key to indicate whether or not the user is an administrator; then log the user in (to access the current user's keys) but only proceed with the actions following a successful app login if the admin value is set to false and, likewise, only proceed with the actions following a successful website login if the admin value is set to true. If the admin value indicates that the user shouldn't be logged in on that platform, don't proceed with the login and instead log the user out.
In my App, a user can take on more than one role. My solution to this is to have a User class and then a pointer for each type of user (could be a regular object pointer, but I use something similar). So there would be an "adminLink" pointing to the Admin role-specific object and a userLink pointing to the user role-specific object. The pointer designates the object containing the attributes relevant to that role (user or admin). Attributes common to all roles are stored in the User object.
"Roles" (capital R) are needed to control access to objects. So for each User, you may need to create a user Role and an Admin Role if the person performs both roles (small r). You have to have a reference for each Role. These can be stored either with the User object in separate attributes or in the role-specific user objects.
-Bob
I'm currently working on a rails app where I have two model classes, Account and User. I want to allow users to link their User with account information from other places.
What I want the user to be able to do is, under my edit user form, I have a list displaying the names of all linked accounts, and a text input for them to add more.
All I want them to do is fill in one field (account name) and hit a button, and the back end will hit a restful API for that account name, pull back relevant info, and populate an Account model object, linking to the current user.
For example, from the user page I would like the user to be able to type in their twitter handle, and in the back end I'd look up that twitter account id and associate it with that User in my database.
Where is the right place to have a hook so that I can take an input (twitter handle), fire off a helper method that populates a Account object, and then link that to my current user?
I'm not sure I understood exactly what you were asking but I'll try my best : If your account 'belongs_to' your User model, it would seem logical to use the create or update method (depending on your standard case) of your Accounts controller, to retrieve a JSON with the accounts datas, and that the client parse this answer (with some JS).
I have a table of users where each has a role (provided by the cancan gem). All new users are given the role of author.
I would like to be able to issue a sort of voucher code to certain users which when entered will change their role from author to admin.
Is there a way of doing this?
All the roles are already set up and can be changed by an existing admin by editing the users profile.
Thanks very much for any help its much appreciated!
Here is an idea:
Generate a token for each user in the system and store it in the database. Make a form where user can submit his code. Then, in a controller, you may add role you want, if the code supplied by user corresponds to the one written in the database.