Our former security admin team off-boarded terminated users by deleting their user profiles from the system. We have changed that policy but there is potential for duplicates. I am attempting to find user ids on the various module tables that are not on the OPRDEFN but having no luck.
I would like to query the major tables to return a list of all user ids to compare to the current OPRDEFN. From there, I can either have them added or create a reference list the admins to use prior to creating a new user id.
Does anyone have any tips or already written SQL? I am not the best SQL writer, I've tried several different things but nothings works.
Any help would be greatly appreciated.
Here you have a list of tables using the OPRID field. I have already formatted it in a way you can just run the result to get the Oprids.
Also, consider other columns like OPERATOR
SELECT 'SELECT DISTINCT OPRID FROM PS_'||RECNAME||';' FROM PSRECDEFN WHERE RECTYPE=0
AND RECNAME IN
(SELECT RECNAME FROM PSRECFIELD WHERE FIELDNAME IN ('OPRID','OPERATOR'))
AND RECNAME NOT LIKE '%AET'
AND RECNAME NOT LIKE '%TMP'
Also, you may just look at PSACCESSLOG, it will show you when someone access, so you may save time by querying it only
Related
I am creating a leave tracker app where I want to store the user ID along with the from date and to date. I am using Amazon's DynamoDB as the database, and the user enters a leave through a custom command.
Eg: apply-leave from-date to-date
I want to avoid duplicate entries in the database. For example, if a user has already applied for a leave between 06-10-2019 to 10-10-2019 and applies for a leave between the same dates again, they should get a message saying that this already exists and a new record should not be created for the same.
However, a user can apply for multiple leaves and two users can take a leave between the same dates.
I tried using a conditional statement as follows:
table.put_item(
Item={
'leave_id': leave_id,
'user_id': user_id,
'from_date': from_date,
'to_date': to_date,
},
ConditionExpression='attribute_not_exists(user_id) AND attribute_not_exists(from_date) AND attribute_not_exists(to_date)'
)
where leave_id is the partition key. However, this does not work and a new row is added every time, even if it is the same dates. I have looked through similar other questions, but haven't been able to understand how to get this configured correctly.
Any ideas on how I should go about this, or if there is a different design that I should follow?
If you are calling your code with the leave_id that doesn't yet exist in the table, the item will always be inserted. If you call your code with leave_id that does already exist in your table you should be getting An error occurred (ConditionalCheckFailedException) when calling the PutItem operation: The conditional request failed error message.
I have two suggestions:
If you don't want to change your table, you can create a secondary index with user_id as the partition key and then query the index for all the items where the given user has some from_date and to_date attributes.
Like this:
table.query(
IndexName='user_id-index',
KeyConditionExpression=Key('user_id').eq(user_id),
FilterExpression=Attr('from_date').exists() & Attr('from_date').exists()
)
Then you will need to check for overlapping leave requests, etc. (eg. leave request that starts before the one that is already in place finishes). After deciding that the leave request is a valid one you will call put_item.
Another suggestion and probably a better one would be to create a composite primary key on your table with user_id as a partition key and leave_id as a sort key. That way you could execute a query for all leave requests from a particular user without the need to create a secondary index.
I'm trying to work out how to use active record to return some data based on a nested model.
My relationship is setup as below:
User - Has many books
Book - Has many users
UserBook - belongs to user and belongs to book
I can access users through books like so:
book.users.first
book.users.second
etc.
I'd like to select all the books, that does not have a particular user.
I have generated a query like this, please note, the 'near', method is provided by the Geocoder gem.
Book.near(location, distance).joins(:users).where("users.id != #{#current_user.id}")
I believe the syntax is correct, no errors occur, however, the query still returns books with the current user.
The issue appears to be that if book.users contains a user id that is not current user id AND also contains the current user id, book is still returned.
I can get the desired result using code like this, but I presume there is a way to get ActiveRecord to do it for me.
search = Book.near(location, distance).reject do |book|
if book.users.include?(#current_user)
book
end
end
In any social network, you can follow a person, a post or anything, everything you followed will be displayed in your wall, now I wanna implement the same feature in asp.net mvc, but I have problem on design table to query all following things of a user. This is tables I designed:
[User(id,name,email,password)]
[Following(id,personId,followingId,source)]
[Post(id,title,description,authorId)]
So when a user followed other user,a new record will be pushed on Following table with followingId is userId, and source is "User" table, the same as with following a post with followingId is postId and source is "Post" table.
The problem is when fetch data from what your following, the query join many tables to return result if user followed more things than a Post, and Other User (such as a Tag, a Topic...). this will be not good performance and query time to return data to user.
Do you have any idea about this ? I'm very appreciate to hear your solution, thanks a lot!
Your database design is flawed, instead of one "link" table with a string to identify where the "Followed thing" resides makes it hard to query effectively.
Instead you need one link table per thing linked. SO in your simplified example you might have
[User(id,name,email,password)]
[Post(id,title,description,authorId)]
[UserFollowingUser(id, userId, followedUserId]
[UserFollowPost(id,userId,postId)]
Therefore to get all users following a post, or all posts followed by a user, or get all users following a particular user, or get all users followed by a particular user is easy as pie.
Does anyone have some code or a link as to how to create the user login name as a parameter during a sql query in ASP.NET?
Basically I want to use the default membership structure with a new field ClubID, then I want to add a new table called aspnet_Clubs which contains things such as Club Name, stadium name, Balance etc etc... and then use a relationship between ClubID and a field in the aspnet_Clubs table to tie things together.
Then when each user logs in they should see the clubs information specific to their loginID.
I know the syntax to use for the query, its getting the loginname parameter and being able to use/assign it as part of the search that is causing me the problem.
In general it is not recommended to break the default schema of the aspnetdb where the Membership data is stored. It can bring you to unexpected consequences in the future.
I had a similar question a couple of days ago, please check it here, may be you will be able to adopt something from the discussion to your situation.
In an ASP.NET WebForms application I would like to allow the end-user to browse selected raw data in an sql-server database.
However, I would like to restrict access for the user to only view some of the data based on the username.
I'm not sure how to do this in a way that is possible for the user to understand, since SQL is not necessarily known to the user.
What options do I have here?
As a basis for this I have considered creating one sql function per table in question. That function should return the data that the user is allowed to view, e.g.,
CREATE FUNCTION ufn_RawData_Employee(#username nvarchar(256))
RETURNS TABLE
AS ( SELECT * FROM Employee
WHERE [#username is allowed to view the given Employee] )
In a webpage the end-user might then type an SQL-like statement like
SELECT Name, HireDate FROM ((Employee))
where (([TableName])) then could be replaced by ufn_RawData_[TableName]([UserName]) before calling the database.
(For security reasons such calls could then be performed by a sql user whose only permissions are SELECT permissions to these functions.)
However, this approach might be too difficult for the end-user. I would like to know if an easier/user-friendlier solution exists for the end-user to browse selected raw data?
If you are only showing the user data from one table, or one view (which would probably be more useful) then yes you could store the name of that view in a table and retrieve it with a function. You could then display the data in pages, and make sure your standard select scripts have a built in search function if necessary.
There is no need for the user to write SQL if they are only getting data from one table or view. If you need to provide multiple potential tables/ views, then let them choose from a drop down, but it doesn't sound worthwhile to allow them to write their own SQL queries.