Validate incoming data with unique check from database in hapijs with JOI - hapi.js

Is there any way in which I can validate API parameter with JOI plugin which can check uniqueness with database field. For example we can validate any parameter or incoming data in Laravel with specific validation rules as given below.
'email' => 'unique:users,email_address'
Name of table: users
Name of column: email_address
required validation: unique
with the help of this validation rule in Laravel we can validate email address to be unique with respect to specific column in database. Similar kind of validation I need to put in hapijs.

Related

reactjs: material-table: how to do serverside validation when adding or editing

I am planning to use material-table. Its a simple table with a column name
I have seen some tutorials how to do CRUD operation using material-table.
But i want to check the name is unique from server side, not on client side.
and pass the error if the name is not unique.
Can we do these things with material table

How to create a unique number in Sanity.io?

I have a field of the type number defined on a document in my schema. When the user inputs a number, I want a validation which verifies that no another document of the same type has the same number assigned to this field. How am I able to do this?
There's no out of the box solution to check for uniqueness. Currently the only input that does this is the slug field. However, you can create your own custom validation that uses the client to check for other documents with the same number for the specific field.
You can read more about custom validation in the docs. To import the client, you can add this to the top of your schema import client from 'part:#sanity/base/client'. Then, write a GROQ query to look for the number and validate accordingly.
Hope that helps!

How to create relationships in a RESTful API

I have 2 tables, User table and User_token table, they are one to one/none relatonship, not sure how to create this RESTful API.
i prefer to setup
# to get user attributes
GET /users/123
# to get user's token
GET /users/123/token
or should i create
# to get user attributes and token by JOIN the table
GET /users/123
the argument we have here, if we are doing the first setup, which i like it, it takes thousands of API requests compare to second one
that is depend you requirement.
for example if you need User Attributes and Token every time than
# to get user attributes and token by JOIN the table
GET /users/123
is better.
other wise another approach is good to get required data when needed.
REST has nothing to do with your database structure.
Your resources can contain properties or sub-resources. Every resource has at least one resource identifier (URL).
So in your case the GET /users/123 is a valid solution.

XACML Policy with Multiple Resources with Multiple Rules and Multiple Actions

In a multiple decision profile scenario I want to create a policy for a particular Tenant and for the root resources like Customer. Here my scenario is like I have a Tenant T1 and Tenant T1 is allowed to access Root resource Customer. Customer is the Top level resource and it will contain sub child resources like: Sub-Resources: name, email. In my scenario how can i create a policy so that i can enforce multiple rules for each sub resources like:
Rule-1:
Admin Permit access to resource-
{name: create,read,update,delete},
{email: create,read,update,delete}
Rule-2:
Employee Permit access to resource-
{name: read,update},
{email: read}
Please share the policy structure and the Request format for the same.
In the request format i want to pass only the Tenant Id and the Root level resource Customer .
In this scenario, what you would want to do is pass in the field id you are interested in.
The request would be: "Can Alice view the name field of customer record #123"?
You could express this as a multiple decision request e.g.:
"Can Alice view the name, email, and job title fields of customer record #123"?
Either way your policy would be field-centric. It would protect a given field or set of fields. You could actually define a set of non-sensitive fields and a set of sensitive fields. You could also even write the policy in terms of field metadata. Instead of saying "a user can view field 'email'", you could write "a user can view a field if the user's clearance > field's sensitivity".
Alternatively, you could also use Reverse Query - that's specific to Axiomatics' APIs though. Reverse Query lets you do the following type of requests / responses:
Q: list the fields Alice can view
A: name, email

Suborganizations and Unique id

I can succesfully authenticate my application with ApacheDS
But now i use only one domain.
I want to add subdomains or sub organizations under root domain.
For example a root organization as
dc=example,dc=com
and sub organizations dc=x
another sub organization dc=y
Now i can authenticate users using uid attribute
like:
user-search-filter="(uid={0})"
i use login name like user1, without an # extension
But i want to have suborganizations and i want to use user1#x.example.com
Is it possible and how?
My application is a spring application but i think subject is independent from my application side.
The attribute defined in the LDAP standards track for email addresses is mail, rfc822mailbox, or 0.9.2342.19200300.100.1.3 as defined in RFC4524. Perhaps your filter should be an attribute assertion using one of those types, for example, user-search-filter="mail={0}".
I am not sure what is meant by "manually". LDAP does not have a concept of organizations, only entries that might belong to an organization. These entries might have a mail attribute if the entry belongs to an objectClass that allows or requires the mail attribute. In other words, if your filter is mail={0} (which might become mail=user1#x.example.com), then a search using that filter (given the appropriate base object and scope) will return all entries that have a mail attribute with the value user1#x.example.com irrespective of where that user is located and irrespective of the value of the uid attribute.
If the users in an organization can identified some other way, perhaps by organization or other attribute, then the filter could be:
(&(uid={0})(o=x))
or
(&(uid={0})(o=y))
One way or another, the users' entry must be identifiable by the contents of the entry. The primary key in an LDAP database is the distinguished name (uid=abc,dc=x,dc=example,dc=com) but attributes in the entry can be used to tighten the filter. Some alternatives are:
use unique identifiers (all uid or mail values are unique in the database, therefore, only one is ever returned to a search request)
use an attribute to identify users in an organization (like o in the example filters above)
use a dynamic group to generate a list of users in an organization.
consider using an extensible match filter to make values in the distinguished names be part of the filtering process
see also
using ldapsearch - the article is about the ldapsearch command line tool, but the concepts are useful when constructing search requests
mastering search filters