Using the google calendar API, can I make one user's single calendar event visible to all other users who visit their page or account?
You have to modify the Access Control List of a resource
https://developers.google.com/calendar/v3/reference/acl
Specifically the scope.type property.
To one of the following
"default" - The public scope. This is the default value.
"user" - Limits the scope to a single user.
"group" - Limits the scope to a group.
"domain" - Limits the scope to a domain.
and then the scope.value - The email address of a user or group, or the name of a domain, depending on the scope type. Omitted for type "default".
an example would be
PUT https://www.googleapis.com/calendar/v3/calendars/calendarId/acl/ruleId
read more here
Related
I try to manage the access rights for users to edit or view different articles.
Articles can be created dynamically and the rights should be editable for every article.
In my case, I have a User object and multiple other objects (Article, and more...).
I need to check if a User can read or write any kind of object.
I actually see there is a method Voters, but they only can manage User groups?
Can somebody help me?
A Voter can decide almost anything - usually it's based on a user's permission, but it doesn't have to be - I've used one as a 'feature flag' check, with a value fetched from a configuration, or database entry to show something - or not, as an example.
The page on voters has an example on viewing, or editing a database record (a Post entity, via a $this->denyAccessUnlessGranted('edit', $post);.
In your instance, the voter would be passed the 'attribute', the object (Article, etc) you want to check on, and gets the current user from a service. If that user has the appropriate permission to read/edit/delete the Article or other object, it returns true.
In Google App maker, I am trying to create a Form Dropdown widget populated with all users (emails or names) that I have put in the "only allow access to specific users" section under DEPLOYMENTS. Basically, a list of all users who are allowed to use the app.
Does anyone know if this is possible (either through Scripts or bindings) to access this information from within a "Page"?
There is no official way to do this. Nevertheless, the official documentation states:
Enter the email addresses of specific users (Google Accounts), groups (Google Groups), or both.
That means that instead of adding user by user, you can simply add a google group and then users that require access can be added to the group and as well can be removed if they no longer require it.
Then, you would simply get the list of the users who have access by getting the list of members in the group. For that, you can use the getUsers() method of the Groups Service to retrieve a list of direct members in the group.
You'll have to run that via server script and here is a snippet of how it should be:
function listGroupMembers() {
var GROUP_EMAIL = "examplegroup#mydomain.com";
var group = GroupsApp.getGroupByEmail(GROUP_EMAIL);
var users = group.getUsers().map(function(member){
return member.getEmail();
});
return users;
}
I'd like to add a property to a Firebase user object. The user documentation says that I can only store additional properties using the Firebase real time database.
I am unsure on how this can works in practice.
What does the following mean in practice?
You cannot add other properties to the Firebase User object directly;
instead, you can store the additional properties in your Firebase
Realtime Database.
I interpret it as following:
"you cannot modify properties of a FIRUser object but you can combine this with additional objects"
I found the set function documentation which I interpet in this way:
var userRef = ref.child("users");
userRef.set({
newfield: "value"
});
Is this a sensible approach?
You're almost there. In the legacy Firebase documentation, we had a section on storing such additional user data.
The key is to store the additional information under the user's uid:
let newUser = [
"provider": authData.provider,
"displayName": authData.providerData["displayName"] as? NSString as? String
]
// Create a child path with a key set to the uid underneath the "users" node
// This creates a URL path like the following:
// - https://<YOUR-FIREBASE-APP>.firebaseio.com/users/<uid>
ref.childByAppendingPath("users")
.childByAppendingPath(authData.uid).setValue(newUser)
I've added a note that we should add this information in the new documentation too. We just need to find a good spot for it.
According to the Custom Claims documentation,
The Firebase Admin SDK supports defining custom attributes on user accounts. [...] User roles can be defined for the following common cases:
Add an additional identifier on a user. For example, a Firebase user could map to a different UID in another system.
[...] Custom claims payload must not exceed 1000 bytes.
However, do this only for authentication-related user data, not for general profile information, per the Best Practices:
Custom claims are only used to provide access control. They are not designed to store additional data (such as profile and other custom data). While this may seem like a convenient mechanism to do so, it is strongly discouraged as these claims are stored in the ID token and could cause performance issues because all authenticated requests always contain a Firebase ID token corresponding to the signed in user.
Use custom claims to store data for controlling user access only. All other data should be stored separately via the real-time database or other server side storage.
Please let me know how to create class based dynamic quota. In http://apigee.com/docs/api-services/content/rate-limit-api-traffic-using-quota url, I see a sentence like "(To make this work, you would need to add a custom attribute called developer_segment to your access token profiles.)"
Please let me know the steps to create "developer_segment" in access token profiles ? Is it to be created "OAuth" api proxies or the API proxy which is to be consumed.
Also share if you have any other way to create class based dynamic quota.
Thanks,
Damodaran
"developer_segment" is the custom attribute set in the access-token, custom attribute has been set by configuring the attribute in the 'GenerateAccessTokenPolicy'. In the following link, http://apigee.com/docs/api-services/api/oauth-flow-variables, sample policy '' sets the attribute '1' as 'value1' and attribute '2' as value 2.
During verification of access tokens these attribute-values can be accessed as flow variables (accesstoken.).
Note:
In ref="accesstoken.developer_segment",ref can point to any variable it need not be an attribute in accesstoken.
I am using asnet membership.
There is a role named member. In root there is a site-visitor page, on that page in page load I want to check whether member is logged-In or not i.e. profile variable has set OR not.
How can I check that?
I gave search on google as well but failed to get correct answer.
i am setting profile like -
HttpContext.Current.Profile.SetPropertyValue("UserName", UserName);
If you need to find the logged user as you indicate I want to check whether member is logged-In or no
You can use HttpContext.User Property
System.Web.HttpContext.Current.User
if(User.Identity.IsAuthenticated)