I would like to get a list of all the active users using API. When I use :
GET /workspace/{workspaceId}/users
I get a list of all the users, I wanted to use their "status" field to filter them out. The problem is all the users have "ACTIVE" status, no matter what their real status is (active or inactive).
I suppose it some sort of bug, right? Or is there some other way to get a list of active users?
status of user refers to the state in the system, i.e. whether has verified email address or not. It does not refer to the status of the user in any given workspace.
That information can be read from the list of memberships that is returned in the response. Filter the memberships by the id of the workspace and read its status.
Typically, the url would look like this: GET /workspace/{workspaceId}/users?active=true. The web service would handle this query string parameter like below:
public List<User> Get(bool active)
{
var users = GetActiveUsers(); // Call to database which has a query to get only active users.
return users;
}
Related
I'm making app using firebase on back-end part. User can log in myApp using google account and can backup their data.
I want to delete some doc at cloud when user uninstall myApp.
collection ID is user email.
So I need to know user email but I don't know how to get this.
exports.appUninstall = functions.analytics.event("app_remove").onLog((event)=>{
const userEmail = event.user.email;
database.doc(userEmail + "/user_logged_in").delete();
return console.log("Deleted user_logged_in because user uninstalled app");
});
I don't think this is possible with the structure you currently have. As you can see here, the onLog() returns a AnalyticsEvent object that has a UserDimensions object inside of it, however, that object stores the userId and an object with the userProperties.
I can' t say for sure that this userProperties will store the email of your user so you can fetch in firestore, so you need to test this. If not, you will have to find a way get the user document with it's userId, maybe by adding it to the document itself on creation.
This would be easier if you changed the documentId to be the userId instead of the email, if you do that you can simply use the mentioned userId of the event to get the document and delete it.
In Google App maker, I am trying to create a Form Dropdown widget populated with all users (emails or names) that I have put in the "only allow access to specific users" section under DEPLOYMENTS. Basically, a list of all users who are allowed to use the app.
Does anyone know if this is possible (either through Scripts or bindings) to access this information from within a "Page"?
There is no official way to do this. Nevertheless, the official documentation states:
Enter the email addresses of specific users (Google Accounts), groups (Google Groups), or both.
That means that instead of adding user by user, you can simply add a google group and then users that require access can be added to the group and as well can be removed if they no longer require it.
Then, you would simply get the list of the users who have access by getting the list of members in the group. For that, you can use the getUsers() method of the Groups Service to retrieve a list of direct members in the group.
You'll have to run that via server script and here is a snippet of how it should be:
function listGroupMembers() {
var GROUP_EMAIL = "examplegroup#mydomain.com";
var group = GroupsApp.getGroupByEmail(GROUP_EMAIL);
var users = group.getUsers().map(function(member){
return member.getEmail();
});
return users;
}
I want to run a function on each user.
I know how to target a user logged in (this.userId client-side or Meteor.userId server-side) but not all the users - regardless they are logged in or not.
The idea is to check if a date type field (profile.Actu), so in the profile user schema, is passed by more than 15 days. If yes, send a mail to a profile.recipients (also a field (email type) in the profile.user schema.
Then I will run this function by a cron task, like every day, on each user, in order to check if that function must send a mail if the date (profile.Actu) is, that day, passed... Hope you understand the idea.
Can anyone help me ? I'm very new to meteor, so my question may look naive... Thanks.
You should run this on the server. There is a method called
Meteor.users()
Which will return you a list of all the users, which you iterate over. http://docs.meteor.com/api/accounts.html#Meteor-users
If you want to do this on a regular basis, you should use a package like synced-cron https://atmospherejs.com/percolate/synced-cron to do the job.
and in case you need a reference for sending emails, look here http://docs.meteor.com/api/email.html
I am going to develop a rest service using Web API. For that we have a requirement that we have a number of parents who can able to login to the application as a parent. There is an access token provided for each user who accessing the application after successful login.
There is a service available for each parent to get the list of teachers who are teaching their child. There may be more than one child for a parent. The list of childid available at the client when parent get logged in.
So we need to pass childid with accesstoken of the user to the api. Which is the best method to pass. Is it a GET or POST including childid as json body?
What is the best method for creating service like this. GET or POST? including accesstoken in HEADER or any other way. like inside json?
One way of implementing this might be to give each user (parent) Claims representing their parentage of each child. These would then be added to the user's principal in the manner described in this article. Some data store (for example, a database table) would record which users (parents) are parents of which children. Finally, in the API action method, compare the id of the child whose information is requested to the list of child claims on the user's principal, and if the id isn't present, return a 4xx status code (probably a 403 Forbidden).
Something like:
// Cast the Thread.CurrentPrincipal
IClaimsPrincipal icp = Thread.CurrentPrincipal as IClaimsPrincipal;
// Access IClaimsIdentity which contains claims
IClaimsIdentity claimsIdentity = (IClaimsIdentity)icp.Identity;
// Access claims
if(claimsIdentity.Claims
.Where(c => c.ClaimType == "name-of-your-custom-claim")
.Select(c => c.Resource.ToString())
.Contains(childId)) { return new HttpResponseMessage(HttpStatusCode.Forbidden);
Should work. Haven't tested the code or checked that it compiles; it's an example to give the gist. I may clean it up later.
Let's assume I implemented token based authorization with a custom filter attribute as described here.
Let's also assume, I have a controller that returns tasks:
public IEnumerable<Task> Get()
{
// return tasks for authorized user
}
Now, how would I go about returning only the tasks for the authorized user? Passing the user ID as a query parameter is not an option - it is forbidden to request the tasks of a different user.
you could enrich the HttpRouteData from your action filter and read it in the controller action. actionContext.ControllerContext.RouteData.Values.Add("UserId", someVaue );
You could also use the System.Runtime.Remoting.Messaging.CallContext class ( GetData and SetData )
In the code in the sample you linked to, they are encrypting the user's name in the token. In the filter they are getting this token from an http header, decrypting it back to the username, and querying it against an AuthorizedUserRepository.
AuthorizedUserRepository.GetUsers().First(x => x.Name == RSAClass.Decrypt(token));
You can certainly use a userid instead of the name, and work against a real repository instead of this sample one. You could either do all of this over again in the controller action or constructor, or you could pass it along the route data or some ThreadStatic property. If you want to get really fancy, you could implement claims based security and set a claim on the current thread's principal. Really it doesn't matter how you pass it along.
Ultimately you would just use this value in a where clause of a query or linq statement to filter down to the data you want the user to be allowed to access.