I want to add anonymous voting to my website, no login required. I'm trying to do an update on the client with Collection.update, but get Access Denied or update failed: Internal server error. What's the correct way to allow anyone to update a collection? Cheers!
Ok, the solution is to use anonymous user, and there's a neat package for that https://github.com/artwells/meteor-accounts-guest
Or, as suggested in the comments, use allow/deny rules.
Related
I have created a repository and checked the Anonymous check box. However when I try to access it the repository link directly with no login, I was redirected to the login page. Anyone can help on this? Many thanks.
I have the same issue. After seeing no answers to your question I fired up the source code and started debugging. My conclusion is this is not supported.
The action methods are decorated with WebAuthorize, a custom attribute that inherits from the usual AuthorizeAttribute.
Unfortunately, the base AuthorizeAttribute returns an HttpUnauthorizedResult for anonymous users and so it doesn't appear to be able to use this software without being logged in. Which regretfully is kind of pointless as I want anonymous access and don't want user account registration to be enabled or required.
Short of changing the source code, this doesn't seem to be possible. Back to the drawing board...
I have a set of API endpoints which is redirected to the respective Xquery modules using a custom rewriter(that uses rest:rewrite) and custom error handler (that uses $error:errors). The HTTP calls are of GET and POST methods.
When I try to access the API with a non-admin user(app specific user without admin role), I'm getting 404 not found error.
But when I assign the admin role to this user, I'm able to get the results.
As per my understanding, we should not assign the admin roles to app specific user in ML.
I need to know whether I'm missing any execute privileges or roles to be assigned for this user. Or what could be done to resolve this issue?
I suspect you have uploaded your modules with document permissions causing the user you are using to not be able to execute the required code, which likely includes rewriter and error handler as well.
Check which modules database is behind the app-server that you are using, and use QConsole to check permissions of the modules you loaded. Compare the roles mentioned there with those of the user that you are using. Solution is then to either apply different permissions to your modules, or add extra role to your user.
HTH!
I can successfully create an update on projects but it seems that I cannot overwrite the thread creator by ownerID.
URL sample:
https://workfronturl/attask/api/note?updates={"noteText":"test","noteObjCode":"PROJ","objID"="projectid", "ownerID":"ownerIDxxxxafda"}&method=POST
Can the ownerID be forced to another user?
If I understand correctly, you want to make an update on behalf of a user. We do this all the time as we have a system that translates updates from another system to Workfront. If this does solve your problem, please be sure to write to Workfront and tell them that they need to leave this functionality in the API in the future. I have confirmed with them that this wasn't supposed to work this way.
So, with regards to solving the problem, you need to do the following:
Login as the user who you want to make an update on behalf of. You can do this without having the users password if you have an API key. Just run the login command as you normally would, but instead of passing in a password, send the username and apiKey.
This will return a sessionID. Use the session ID to authenticate when making your update.
If your system is caching credentials, don't forget to log out or all future updates, changes, whatever, will try to use that session ID.
If you are using Python, we built a function into the workfrontapi_plus (only Python3.x) python library to support exactly this called make_update_as_user. As a note, I haven't managed to publish the documentation for this yet, but the doc strings are there and fully filled out with instructions.
I have successfully implemented the LDAP authentication in APEX 4.2. I am now trying to extend the functionality by using the policy that users are locked after trying to login x times.
This is correctly used in my LDAP server, a user can not login after trying (atm) 3 times. The problem is that APEX displays this as a failed login instead of a message that the user is locked, so the user has no way of knowing why he can't login.
How can this be displayed accordingly?
I am using PL/SQL, for which the package DBMS_LDAP.simple_bind_s doesn't indicate the reason why the login failed. So I checked out the DBMS_LDAP_UTIL package because this gives more return values. Is this the way to go by adding a procedure checking if the user is locked out, or is there another way?
I can't get the DBMS_LDAP_UTIL.authenticate to work though. I copied the existe_user function mentioned here: http://fdegrelle.over-blog.com/article-1311889.html
Running this says my Authentication failed, although I do use the correct user and password.
Any ideas to help me out? Thanks in advance!
If you want everything the password policy extension provides, you have to use the password policy extended operations and controls. In this case you need to use the password policy request control on the bind operation. Then you will get a password policy response control with the response, that will give you the information you need.
My users access Drupal through SSO and everytime the server authorizes them, it returns a set of permissions (groups/roles), according to which I need to dynamically set the User's forum permissions.
So for example if a User logs in and the SSO says that he has enrolled in a course, I need to give him specific permissions for that course's forum.
Obviously I need a custom module for that, but it's a little hard to start.
I'm thinking of using the ACL module's API, but I can find any documentation or tutorial online. Is there any?
Is there a better way to get around this?
I'd appreciate any help :)
(note: I know there are modules with GUI that have similar functionality but I need to do it programmatically)
We just put something exactly like this into place - we used the Rules module (with the User logged in trigger), checking the LDAP groups that the user is enrolled in, and assigned the role accordingly.
Check out Forum Access. It can restrict users based on their roles.
You could have your roles be something like "CSC221 Student". If a user has this role, they will be able to access the CSC221 forum.
Create a hook_user function ( see http://api.drupal.org/api/function/hook_user ) in your module.
Then using http://drupal.org/project/permissions_api set the appropriate permissions on the user.