I know that webhooks are available in Herald > Webhooks in Phabricator, but I can't figure out how to grant access to this function. When I click the button I see the message: You do not have permission to create these objects.
Does anyone know how to grant access to create webhooks?
You can promote an user from standard user to Administrator to grant access to Phabricator webhooks.
Users must have the "Can Create Webhooks" permission to create new
webhooks.
― Phabricator Webhooks documentation
If you need further customization, visit this URL and change the default:
http://example.com/applications/view/PhabricatorHeraldApplication/
Related
Is there a way to make admin not able to delete user from Active Directory? I need to disable this feature some how in global properies or else. I want admin only to create users,edit them and disable them, but not delete. The version of Alfresco is Community 5.2. Thanks in advance.
I guess you mean the other way around:
Is there a way to prevent admin from deleting users which have been created by ldap sync?
or do you mean:
Is there a way to revoke permission to delete any user?
Do you understand the difference between a user which has been created by ldap sync and a user manually created in the Alfresco admin UI?
There is no (easy and supported) way I know of to restrict admin permissions or for a member of the group ALFRESCO_ADMINISTRATORS. The ROLE_ADMINISTRATOR has always any permission.
There maybe a way to achieve what you expect in a customization module implementing a new behavior which disallows user deletion in a specific zone or by creating your own permissionGroups/permissions in a customPermissionDefinitions, setting the new introduced permissions on the user zones to specific groups but that kind of customization would be hard to maintain on later updates/upgrades.
EDIT:
What is your use case for allowing (end) users to create new users inside Alfresco although you have an user directory (AD) in place?
If your aim is to support external users, managed by specific internal user groups you may add another directory like samba4 which your internal users may get permissions to create/delete users (that's what we actually do from/thru our CRM system) or if you prefer integrations with OAuth2 providers such as Google, Facebook, Github you may take a look on the Spring Cloud Gateway for the Alfresco platform project
We have developed a signup via LinkedIn app.
We currently get the default “lite profile” but need access to the “basic profile”
We’ve tried reaching out to all parts of LinkedIn but to no avail.
The links to the Partner Program Page also seem deprecated.
Can someone please share how we can get the upgraded permissions pls?
To access any of the basic profile fields, your application must request the r_basicprofile member permission. Check out the field names here
To access email address your application must request the r_emailaddress member permission with field name email-address
I am trying to create a simple node app and I using service account to automate the OAuth Flow. While am able to successfully do this, am not able to retrieve the report from Google Analytics using this service account. I get the following error message,
{
"error": {
"code": 403,
"message": "User does not have any Google Analytics account.",
"status": "PERMISSION_DENIED"
}
}
I can't add this service account to the Analytics account as my owner account (under which I created this service account) has only read-only access. So how do I proceed? How can I grant this service account the same read-only access as my owner account? When I login into Google Analytics using my owner account, I am not able to perform any User Management as it has limited access.
Please help me on how to proceed here.
Thanks
If using a service account, there is no way to proceed other than finding someone with user management permissions and have him add the account.
It is hard to see why you would expect it to be otherwise; the purpose of the permission system is to prevent unauthorized access, and it would do a pretty poor job if it suddenly allowed you to exceed your privileges by adding a user.
As per the answer from Eike, you cannot add a Service Account if you lack the permissions to do so.
There is an alternative approach which allows you to use your own account, i.e. no service accounts anywhere. This basically involves you obtaining a Refresh Token, and using that to authenticate your access. You can follow the steps at How do I authorise an app (web or installed) without user intervention? (canonical ?) to do this.
I want to give some developer rights to check if the jobs are complete without granting full admin rights.
I have seen people saying to add the user to SQLAgentReaderRole role. Is there any additional permission that the role will have other then just viewing job status.
is there a way to get the list of currently listed developers on a face book connect application i want to use this to validate if a user is authorized to sublmit new contenet and create events through the connect website or do i need to couple this with a forms authorization account to handle permissions
or is there a better way over all to handle this
To check if a user is a developer of some specific app you can run such FQL:
select application_id from developer where developer_id=me() and application_id=<APP_ID>
To check if a user granted your app some specific permission you can use this FQL (not sure if this would be helpful in your case though):
select uid from permissions where uid=me() and <PERMISSION_NAME>=1
where <PERMISSION_NAME> is one of these.