I'm trying to seach for an artifact using "File List" API http://server:port/api/storage/folder1/folder2?list&deep=1&depth=3&listFolders=1
The actual artifact is inside the sub-folder(lets say, folder3) of folder2. But the response for this api call is like,
{
"uri": "some uri"
"created": "some time stamp"
"files": [ ]
}
file list is empty in the response, but there are many files inside folder 3.
One reason for this can be lack of permissions. The file list API will only returns items which the requesting user have read permission for.
In your case, since the same user is able to get the artifact info for /folder1/folder2/folder3/filename but not the file list for /folder1, there might be a permission target which prevents the user from reading the content of folder1 of folder2. This can happen if a permission target has an exclude pattern, for example folder1/*.
If you have Artifactory admin rights, you can check this from the UI by looking at the effective permissions tab for folder1, folder2, folder3.
Related
Once someone shares the getDownloadUrl() link with the token parameter, anyone can access the object, the same as they would a public object. Is the only difference that that token can be revoked / changed? Or is it also easier to scrape / list objects in the bucket if they are public and don't require a token? I'm trying to understand the purpose of having a non expiring token.
If you are referring to security rules by "making public" (or making the bucket public) then that just states who can request the download URL. If the bucket is private or the security rules don't allow anyone to access it, then they cannot request the download URL. However is by chance the manage to get the correct token and URL then they will be able to access that file.
To summarize, if someone who is not authorized to get a file, they would have to rely on someone who can request the donwload URL to access it (they cannot directly get one themselves).
If you make set permissions of your bucket to "Public to internet" from Google Cloud console, then if you visit root URL of the bucket you can see the contents:
By default, Firebase Storage's permission is set to "Not public" so no worries about that.
Edit:
If you allow list (requires rules_version="2") then contents of your directory can be listed similar to this:
{
"prefixes": [],
"items": [
{
"name": "Files/-Mf1kIafT6BnVnhgDQT2.pdf",
"bucket": "[PROJECT_ID].appspot.com"
},
{
"name": "Files/-Mf1pmCQMBNEdkQAnUjk.pdf",
"bucket": "[PROJECT_ID].appspot.com"
}
]
}
Reference: Granular Operations
I’ve created a GitHub app and installed it in my account, giving it access to a private repository in my account. The GitHub app has read permission to metadata.
I then generated a JWT and used it to create an installation access token, following the steps here.
I tried using this token to search for keywords in the above private repository using the GitHub search API as follows:
https://api.github.com/search/code?q=abc+in:file+repo:username/private-repo
However, this returns the following response.
{
"message": "Validation Failed",
"errors": [
{
"message": "The listed users and repositories cannot be searched either because the resources do not exist or you do not have permission to view them.",
"resource": "Search",
"field": "q",
"code": "invalid"
}
],
"documentation_url": "https://docs.github.com/v3/search/"
}
I tried using this access token to fetch the repositories for this GitHub app installation and that returned the private repo successfully in the response. I assume this means that the installation has access to the private repo and the token works as expected.
API used: https://api.github.com/installation/repositories.
Why does the search fail then?
Raised a ticket with GitHub support. Their response:
The query failed because the GitHub App does not have permission to
read the content of the private repository. The Metadata read
permission will allow you to search for repositories but does not have
sufficient scope to read the content of the repository(private).
The docs list the search API under Metadata, but it should be under Content permissions. Granting Content read permissions to the GitHub app solved the issue.
In my case the problem was the value of the "q" field. When I dropped the +repo argument I was able to search code just fine. I'm still not sure why the +repo did not work (it worked fine on the command line) but it turns out I didn't need it anyways since the repos were constrained to where the app was installed and I could also filter the results if needed.
I want to add repository URI and set it to observe mode, so I tried to change default URI I/O mode from Read/Write to No IO. I tried diffusion.uri.edit, in repository key description, it said:
This transaction type must be present when creating a new URI and must
not be present when editing an existing URI.
I tested it with web conduit/method/diffusion.uri.edit. In transactions, I use
[
{"type": "uri","value": "ssh://git#05.mm.net/diffusion/TESTPROCESS/test-process.git"},
{"type": "io","value": "none"}
]
It report Validation errors:
When creating a repository URI, you must specify which repository the
URI will belong to.
I also tried add repository key such as
[
{"type": "uri","value": "ssh://git#git.missfresh.cn:test/test-process.git"},
{"type": "io","value": "none"},
{"type": "repository","value": "PHID-REPO-c7jajliasqtxoclryfim"}
]
It will create a new URI. What's the correct value for diffusion.uri.edit?
I found the answer. The transactions parameters are correct, but objectIdentifier is needed also, its value is the URI ID.
I have a 90-day trial and I am registered at (Evaluation 2018-06-29).
But when I request with my correct copied app id and app code I get the below error.
{
"response": {
"_type": "ns2:RoutingServiceErrorType",
"type": "PermissionError",
"subtype": "InvalidCredentials",
"details": "This is not a valid app_id and app_code pair. Please verify that the values are not swapped between the app_id and app_code and the values provisioned by HERE (either by your customer representative or via http://developer.here.com/myapps) were copied correctly into the request.",
"metaInfo": {
"timestamp": "2018-08-15T18:52:35Z",
"mapVersion": "8.30.86.153",
"moduleVersion": "7.2.201832-36299",
"interfaceVersion": "2.6.34"
}
}
}
Can anyone help, especially someone from here api developer support team?
Go into your account projects and add a new project explicitly for the Freemium plan. Then you should be able to generate a new JavaScript/REST App ID and App Code. If you are using one of the mobile SDKs you would generate a new id / code there as well.
(1) Copy and Paste
I'm not certain this is what may be happening for you, but one of my codes had a leading underscore and it was very easy to copy and paste it incorrectly into my source code.
(2) Domain Protection
Also make sure that if you checked "Secure app credentials against a specific domain" that you are calling the routing service from the same domain.
(3) Shell Interpolation
Without more detail about how you are making the calls to the routing service (curl, postman, javascript, ios, android, etc.) it may also indicate where to offer advice.
For example, if you are using curl make sure your parameters have surrounding quotes as & will be interpreted by a shell such that ?app_id=your-app-id&app_code=your-app-code is not interpreted properly. That could generate the response you saw as the shell took your app_code parameter away before curl could make the request only passing the app_id.
App Search API Validation Tool of "Apple" is not validating my domain.
https://search.developer.apple.com/appsearch-validation-tool
I am using universal links but "Link to Application" is showing me "Error".(http://www.awesomescreenshot.com/image/1719847/330979a43c4c6b2766da1e703447ee04)
Here is my "apple-app-site-association" file code.
{"applinks": {"apps": [],"details": {"XXXXXXXXXX.com.streatmanagement.threadshare": {"paths": ["*"]}}}}
Can someone please solve my query or send the sample of "apple-app-site-association" valid code?
Apple's API validation tool compares your website's association file to a store listing. If your app is not yet publicly available the error you listed will be displayed.
Your apple-app-site-association has a small typo where you specify the details (it should be an array). I also assume you're replacing the XXXX's with your app ID.
{
"applinks": {
"apps": [],
"details": [
{
"appID": "APPID.BUNDLEID",
"paths": [ "*" ]
}
]
}
}
Even if you get this error from Apple's validation tool, you can test Universal links. If your Universal Link does not work on your test device you need to inspect the device logs when you fresh install it and make sure your apple-app-site-association is available at the root of your site via https with no redirects. Sometimes there is issue if the content-type is not application/json (but the file name should remain exactly apple-app-site-association).