Creating tables that work with current user tables, and handling user access rights.

[Kenneth McDonald]

First, allow me to apologize for some of the questions in here--they're really, really basic. While I'm familiar with the standard Web concepts and relational DBs, I have never actually built anything in a Web framework until now. So as well as Lift, there's a lot of non-Lift stuff I'm learning also, and I can't really separate the two. Apologies.

So what I'm attempting to do is design a wiki, and one of the requirements will be that a user can have different roles--administrator, editor, author. If it was just a matter of designing the users table and the roles table and linking them, I'm sure I could do so from the examples that are all over the place. However, Lift already has user tables and functionality built in, and I'd like to use that; so where do I look to figure out how to build a Roles tables such that there will be a One to Many relationship from the Users table (I'm guessing there's just one) to the Roles table. More succinctly, how do I refer to/work with the Users table?

Next question, one of the really basic ones. Given that someone has logged on and is making a request of some sort, how do I authenticate them? Obviously when the logged on, some sort of identity token was sent out, and is coming back with the request, but I don't know any of the mechanics of that. Are cookies still used for this? Is there some other mechanism? It's been a __long__ time since I've worked with Web protocols. And is there a standard place in the codeset for a Lift project where user authentication for requests is carried out?

OK, this one is a bit more reasonable. Obviously Lift has some sort of default DB built in (though I guess it could be as simple as a HashMap). Is it Derby? I don't anticipate the demands on the DB being too high for what I'm doing, and it would be nice if I could just go with the default and have one less thing to worry about.

Final question, just for curiosity. Let's say I needed to build a Lift project using MongoDB. Would I need to make changes to the built-in user functionality to get it to work with a non-RDBMS, or will it do so automatically? If so, I should really track down that code and have a look.

As always, many thanks

Ken McDonald

[Byron Weber Becker]

Pretty new myself, so can't answer everything...

On 2011-07-17, at 10:11 PM, Kenneth McDonald wrote:

> Next question, one of the really basic ones. Given that someone has logged on and is making a request of some sort, how do I authenticate them? Obviously when the logged on, some sort of identity token was sent out, and is coming back with the request, but I don't know any of the mechanics of that. Are cookies still used for this? Is there some other mechanism? It's been a __long__ time since I've worked with Web protocols. And is there a standard place in the codeset for a Lift project where user authentication for requests is carried out?

The most common approach is to use HttpBasicAuthentication. That's both a class in Lift
that uses a standard web authentication protocol -- pops up a username/password box on the
user's browser. See section 9.9 of Exploring Lift or Listing 7.3 in Lift in Action.

> OK, this one is a bit more reasonable. Obviously Lift has some sort of default DB built in (though I guess it could be as simple as a HashMap). Is it Derby? I don't anticipate the demands on the DB being too high for what I'm doing, and it would be nice if I could just go with the default and have one less thing to worry about.

Most of the examples that I've seen have been configured with h2. I'm using postgres myself.
I've seen many references to MongoDB on the mailing list.

Byron

---------------------------------------------------------
Byron Weber Becker Voice: 519-888-4567 x34661
School of Computer Science Fax: 519-885-1208
University of Waterloo Office: DC3105
Waterloo, ON N2L 3G1

Advising FAQ: http://www.cs.uwaterloo.ca/current/faq/index.shtml

[David Pollak]

On Sun, Jul 17, 2011 at 7:11 PM, Kenneth McDonald <ykke...@gmail.com> wrote:

First, allow me to apologize for some of the questions in here--they're really, really basic. While I'm familiar with the standard Web concepts and relational DBs, I have never actually built anything in a Web framework until now. So as well as Lift, there's a lot of non-Lift stuff I'm learning also, and I can't really separate the two. Apologies.

So what I'm attempting to do is design a wiki, and one of the requirements will be that a user can have different roles--administrator, editor, author. If it was just a matter of designing the users table and the roles table and linking them, I'm sure I could do so from the examples that are all over the place. However, Lift already has user tables and functionality built in, and I'd like to use that; so where do I look to figure out how to build a Roles tables such that there will be a One to Many relationship from the Users table (I'm guessing there's just one) to the Roles table. More succinctly, how do I refer to/work with the Users table?

See  abstract class MappedLongForeignKey

You have an FK reference from the Roles take to the PK of the User table.
 

Next question, one of the really basic ones. Given that someone has logged on and is making a request of some sort, how do I authenticate them? Obviously when the logged on, some sort of identity token was sent out, and is coming back with the request, but I don't know any of the mechanics of that. Are cookies still used for this?

The JSESSIONID cookie is managed by the container.  You use SessionVar to access stuff that's related to the session, all the other mechanics are taken care of for you.
 

Is there some other mechanism? It's been a __long__ time since I've worked with Web protocols. And is there a standard place in the codeset for a Lift project where user authentication for requests is carried out?

SiteMap is where you express HTML page-level protection.
 

OK, this one is a bit more reasonable. Obviously Lift has some sort of default DB built in (though I guess it could be as simple as a HashMap).

It does not.  Lift has Mapper which can talk to an RDBMS.  You specify the JDBC connection information in Boot.scala or a properties file.  By default, Lift projects use the H2 relational database, but are in no way tied to that database.
 

Is it Derby? I don't anticipate the demands on the DB being too high for what I'm doing, and it would be nice if I could just go with the default and have one less thing to worry about.

I use PostgreSQL in production for every project I do that requires a relational database.  H2 is nice for development, but sometimes in production, doing a command-line query is nice.
 

Final question, just for curiosity. Let's say I needed to build a Lift project using MongoDB. Would I need to make changes to the built-in user functionality to get it to work with a non-RDBMS, or will it do so automatically? If so, I should really track down that code and have a look.

ProtoUser can be extended to use either Mapper (RDBMS) or Record (including the MongoDB implementation for Record).
 

As always, many thanks

Ken McDonald

--
You received this message because you are subscribed to the Google Groups "Lift" group.
To view this discussion on the web visit https://groups.google.com/d/msg/liftweb/-/uA9UtzUH498J.
To post to this group, send email to lif...@googlegroups.com.
To unsubscribe from this group, send email to liftweb+u...@googlegroups.com.
For more options, visit this group at http://groups.google.com/group/liftweb?hl=en.

--
Lift, the simply functional web framework http://liftweb.net

Simply Lift http://simply.liftweb.net
Follow me: http://twitter.com/dpp
Blog: http://goodstuff.im

[Naftoli Gugenheim]

Btw H2 actually got a command line console, finally!

[Naftoli Gugenheim]

Do you really want Roles to be a table in the database, not an Enumeration in code?

If the latter, you can just use a MappedEnumList.

--