I am designing an Banking application ,kindly help me to develop how can I block a user who is accessing his/her bank account concurrently from two separate browsers(systems).Suppose the user is withdrawing money from his/her account concurrently from two browsers at the same type ,how can I stop the user from doing so?
Add a flag column named SessionActive datatype int with the customer table.
Let the column value be 0 when the user did not log into his account anywhere.
If an user log into his/her account from a browser, he/she could be authenticated to his/her account only when the flag is 0 ie. SessionActive=0.
Update the flag to 1 ie. set SessionActive = 1 soon after he logged into his account.
Update the flag to 0 ie. set SessionActive = 0 when he/she log out.
Related
I do have my GA4 property connected to Bigquery. I use my own user_id for tracking - its available once someone logs into my app.
For some reason, when I'm trying to build a report User ID string vs Unique Users, some ID's have more than 1 Unique User reported. Showing an example on the attached image.
Why is that and how I can fix that situation? I'd expect that one ID = One User
User ID vs Number of Users
I am using firebase sdk with Expo. In order to link users accross sessions and different devices we use the following setUserId(user._id).
This occurs after a user logs in and authenticates.
On logout I call setUserId(null).
My questions is: does setting the user id to null erase the previous user tracking data from GA. Should I be setting to null at logout? I can't find any concrete documentation on how setting to null impacts the data collection.
The goal is to track unique users across months, years etc. Is the above configured correctly or is there some issue with setting to null on logout.
You can remove the User ID by setting it to null or replace it with a new user ID. userID is just a user property that goes with all events after it is set so you need to set it to null when user logs out and set a new user ID when a different user logs in.
From documentation:
The value of the user property. Values can be up to 36 characters long. Setting the value to null removes the user property.
https://firebase.google.com/docs/reference/android/com/google/firebase/analytics/FirebaseAnalytics#setUserId(java.lang.String)
in auth0 the user is active only if has authenticated in the last 30 days.
I have not found how to modify this value programatically
Is there a way to modify this value from 30 to 60 ?
Auth0 uses the concept of "active user" to determine how many users are using your applications, in order to charge you for the different pricing plans: https://auth0.com/pricing
If users don't log in for 30 days they will not count towards this total, but they will still be able to log in any time they want. This value can't be modified, for obvious reasons.
I'm trying to modify the access control list of Leave Requests to approve under Leave managements module.
I need to make the Leave Requests to approve menu only accessed by each employee's manager.
ea. if the company has 10 employees under Sales/marketing and 5 employees under IT department. I need the sales manager access his 10 employees' leave requests only and not able to access the rest of company's employees who are not under his authority.
To do it, I modified the record rule domain definition of Leaves officer from [(1,'=',1)] to [('employee_id.parent_id,'=',user.id)]
but it didn't work. How to fix it?
In Your case basically your are totally pass the wrong domain for the record rules.
You are previously using the domain like
[(1,'=',1)] = > Access the all the model record for that model
[('employee_id.parent_id,'=',user.id)] = > Access the Manager parent_id as current user employee only
But in your are accessing only with the manager user only not to access its related user.
so you must have to add the below domain in your record rules:
['|',('employee_id.user_id','=',user.id),('employee_id.parent_id.user_id','=',user.id)]
Basically the manager its self as employee of the company and employee having to attached with its related user.
first Need to understand the following relation :
1. employee_id :
which is indicate the each leave related with one employee.
2. parent_id :
which is indicate the each employee related with one manager for hr.holidays model w[('employee_id.parent_id,'=',user.id)]particular model.hich is called the leave request
3. user_id :
If you want to access the login to the particular employee then and then you must have to set the related user for each employee form.which is labeled as Related User.
4. user :
Which is indicate the global user name means current user which you are currently logged in.
5.id :
means unique id for each record
In your case how the domain will work ?
first it will check the current logged in user as attached current leave employee related user or not.
and then then find the user ids which are having with the same employee attached with the same managers.
It means it will perform the OR operation of SQL Statement for both of the domain.
I hope my answer may helpful for you :)
Background
Gmail allows '.'s and +filters allowing for an infinite number of email addresses all pointing to the same gmail account.
i.e. the following all point to the same gmail account:
user#gmail.com
u.ser#gmail.com
user+spam#gmail.com
u.ser+spam#gmail.com
Problem
We have a table on our production environment that hold all registered user's data including their email address.
Currently the gmail email addresses on this table contain a mix of the the above variations.
Problem 1 - If the user tries to log back in, after they have created their account ,using their a different variation of his email address than we have on record this user will not be found.
Problem 2 - The user is able to create different accounts on out site using the many variations of gmail email address.
Possible solutions:
One proposed solution would be to create a function...
CREATE FUNCTION STANDARDIZE_EMAIL (
#Email varchar(255)
)
RETURNS varchar(255)
AS
BEGIN
-- we make the email lowercase since email addresses are
-- case independent
SET #Email = LOWER(#Email)
-- if it is a gmail email address then we remove periods and filters from the username
IF RIGHT(RTRIM(#Email), 10) = '#gmail.com'
BEGIN
-- remove domain
SET #Email = REPLACE(#Email, '#gmail.com', '')
--remove periods from username
SET #Email = REPLACE(#Email, '.', '')
-- remove '+' and filter
IF CHARINDEX('+', #Email) > 0
SET #Email = SUBSTRING(#Email, 0, CHARINDEX('+', #Email))
-- add back the domain
SET #Email = #Email + '#gmail.com'
END
RETURN (#Email)
END
Example use:
SELECT * FROM table
WHERE STANDARDIZE_EMAIL(Email) = STANDARDIZE_EMAIL(#Email)
inb4: Running a process to standardize all the emails currently on the table is not an option as there could be duplicates, and users would lose the gmail +filter functionality
Is standardizing the email address on every record as we search through too expensive on the db?
Another proposed solution is to add a GmailEmail field to the table, and upon registering the user for the first time save a copy of the standardized version of his gmail email address to this second field which can be used for comparisons when they log back in.
Id rather not have to go to this extent if possible.
Anyone have any ideas? I welcome any and all input.
Is standardizing the email address on
every record as we search through too
expensive on the db?
Yes. Even if this table takes less than 8 pages of storage space, Yes, it is too expensive.
Do you need to track the email address in all the myriad forms entered by the users? If so, having the second "clean" column is perhaps ugly, but probably necessary. (Creating a calculated column based on your function would perform as poorly as the original soluation.)
If you do not need to maintain the addresses precisly as entered (each time) by the users, why not:
Clean the existing data using your function, e.g. UPDATE... set EmailCol = dbo.STANDARDIZE_EMAIL(EmailCol)
Apply the rule to clean email addresses whenever they are added to the database
I'd like to point out that these characters ! # $ % & ' * + - / = ? ^ _ { | } ``~ are all valid in an email address. You'd be introducing a problem for any systems that actually have mailboxes that don't map "+ suffixes" and periods to the same mailbox.
I think it's reasonable for a user to expect user+spam#example.com and user#example.com to be treated as unique addresses.
My recommendation would be to create a "standardized" email field, (which starts as empty) using the function you've provided. Upon a user logging in, the system can:
Standardize the email they used to login
See if the email exists in the "standardized" field
If it does, let them in
If not, check to see if the "unstandardized" email exists
If it does:
Mark that style as their preferred email style
Create the "standardized" field
Let them in
If not:
Reject the login
This has the advantage of slowly migrating users to the new system, and (transparently) getting their preferred email to use as their login. Note, of course, that users using multiple accounts under variants of their GMail address will not be able to access their other accounts; since you seem to want to prevent this I'm going to call it a feature.
You might want to add a check at the beginning, so if the standardized field exists and the unstandardized field exists (and they don't match) you could inform the user about what happened and deal with it appropriately.
You could create a computed column that would standardize the email.
I know you said it's not an option, but you may need to take another look at standardizing the column - until you do, you'll have inconsistent data in your database.