I am trying to create roles for my openstack installation. One of the first things I've tried is to allow all users to access a resource in my policy file, "identity:list_roles" for example. But no matter what I tried it will always say:
You are not authorized to perform the requested action, admin_required. (HTTP 403)
I've tried the following:
is_admin:0
True:%(user.enabled)s
True
not is_admin:1
role:_member_
and match more... is it even possible?
Thanks!
Well, after lots of testing and googling the answer is no, it is not possible.
To list roles, you mast be an admin in keystone v2 api and also within the same scope in v3.
Also I was testing on the v2 api while posting this question. V2 ignores the policy file, it has it's policies hard coded.
Related
First, thanks Hasura for incredible good product! I love it.
I have issue with derive action with Hasura Console. My use case:
I enable anonymous role for subscribe function (everybody can send email to subscribe)
I have configured permission on my subscribe table, everything is fine.
I want to validate the user input on server side, for example, validate email format. I have followed by this guide about derive action. I found no mistake here.
But I got the error "Type query_root must define one or more fields." when I hit "Derive action" at the first time.
According to this question, as I understand, I need to have object type for root query.
Of course, I will have object type for root query eventually. I can work around by giving some dummy queries for anonymous role. But I do not like that cheat anyway.
Any idea on that? Any help will be highly appreciated.
Edited:
My related current version:
Hasura 1.3.2
One click deployment using Docker on Digital Ocean.
I have seen many references to this issue spanning several years but 95% of it relates to Apache. I'm on NGINX hence can't try solutions involving the .htaccess file.
{"code":"woocommerce_rest_cannot_view","message":"Sorry, you cannot list resources.","data":{"status":401}}
Since nothing really covers NGINX for this problem I thought of starting a new thread
The first time it happened was when I tried to link Woobotify who automatically generates its own keys. While the keys were created it says it doesn't have read/write error (despite having the right permissions setup)
So I created a new set of keys from within WP and made a direct call (while logged in as admin of course)
as in ://site.com/wp-json/wc/v3/products/categories?consumer_key=ck_8a9b...etc to see if it was on the server-side or Woobotify's and still got the error
If you refer me to http://woocommerce.github.io/woocommerce-rest-api-docs/#rest-api-keys
I am too much of a newbie to make use of this information. I either need a step by step or I am willing to hire someone to make it work for me.
LEMP Stack on self-manage VPS
Here is example how I solve it
require "woocommerce_api"
woocommerce = WooCommerce::API.new(
"https://example.com",
"consumer_key",
"consumer_secret",
{
wp_json: true,
version: "wc/v3",
query_string_auth: true
}
)
OR simply For POSTMAN
https://example.com/wp-json/wc/v3/products?consumer_key={{csk}}&consumer_secret={{cs}}
The key is query_string_auth: true you need to force basic authentication as query string true under HTTPS
Recently I have been using firebase for my new app. Since you can define your own rules on firestore, I wanted to try that out.
To test these rules I am running the firestore emulator. When I try to authorize some test user I always get a timeout error. Wanting to solve the error by myself I've made some research.
I have found out that it is possible to see the "Firestore Rule Coverage Report" and inside there I've seen this:
But since I am new to firestore I did not know what this is and also after some googling I didn't find out how to solve this problem.
Firestore docs are a bit confusing. They state that the URL should be:
http://localhost:8080/emulator/v1/projects/<database_name>:ruleCoverage.html
However, they don't explain what <database_name> should be replaced with your project_id. Yes... reading the URL some might thing is obvious, but is really the argument name that should make it obvious. Plus, in Firestore databases are not created neither accessed by name.
SOLUTION:
<database_name> should be replaced by your project_id (this value is available in the files .firebaserc or google-services.json
So, if your project_id is my-amazing-app, your rulesCoverage url would be:
http://localhost:8080/emulator/v1/projects/my-amazing-app:ruleCoverage.html
My problem was that I executed loadFirestoreRules before every test. I changed it to run loadFirestoreRules only one time for all tests, and now it's working.
I followed the examples from https://github.com/firebase/quickstart-testing . Bu two examples for security rules, only the example for version 8 at https://github.com/firebase/quickstart-testing/tree/master/unit-test-security-rules is working. Although I am using JS SDK v9, but using the example for version 8 can help me testing my security rules just fine.
I suspect the root of the problem is that the expression is throwing an error. If the user isn't authenticated then request.auth will be null (and therefore request.auth.uid will throw a null reference error).
I would like to host my webapp on Firebase, since I'm using their services and functionalities since a long time (before Firebase was inside Google and since its static hosting service was named Divshot... ).
But I've got a demo domain from Freenom (.tk domain) and I was wondering how to connect this with firebase:
I can set only this paramater relative to TXT record:
dns management
so where should I define the parameters needed
google-site-verification=...
?
Thank You to all!
PS: I've already seen
Firebase hosting custom domain error
and related
firebase-talk Dqmz9Iuio54
and
and the question: how-can-i-verify-my-custom-domain-using-domains-google-com/39020649#39020649
but none of them seems to respond to my problem...
PS: I've come here from firebase support page where StackOverflow is the first choice.
Thank you!
Leave the "Name" field blank and fill "Target" with the google-site-verification=... value. Once you've done so, things should go through. One way to check is to run:
dig yourdomain.tk TXT
If you've done it correctly, you should receive back the google-site-verification=... value. It may take some time to propagate before it starts showing up.
DNS registrar / records host: delete TXT records pointing to
firebase.
firebase console: delete the custom domain.
firebase console: add custom domain.
copy the two TXT records from firebase to DNS host
DNS record host should include two entries with one yourdomain.tk and www.yourdomain.tk
Once the yourdomain.tk is added it'll show as empty and other entry will be shown as www.
The copy the two given A records to Freenom DNS records.
There will be 4 A records two for yourdomain.tk and two for www.yourdomain.tk.
Wait 24-48 hours to see if the changes work.
If it doesn't work, contact firebase support from the console; be sure to take screen shots of the DNS records and the firebase console. These will help the firebase support team to troubleshoot the problem.
Mean while you can check for the dns propagation by using below tutorial
The Firebase Hosting servers run what is essentially this command for verifying the TXT records for your domain:
dig -t txt +noall +answer yourdomain.tk
If you immediately run this command right now, you might not get results. If the Firebase servers are seeing the same in their DNS query, they will not be able to continue.
That means that either you didn't save/apply your changes yet, or they haven't propagated everywhere yet. The longer it takes for the changes to show up, the more likely it becomes that you still need to take some action at your DNS provider
I have created my first Facebook app in R. Its purpose is solely to retrieve marketing data from my Facebook pages. So far I have created this (no authentication problems):
require("Rfacebook")
load("fb_oauth")
## Start retrieving insight from VivaraDE
rawinsightsDE<-getInsights(object_id= "my_id", token = fb_oauth,
metric="page_impressions", period = "days_28", version="2.6")
When running this, R does return:
Error in FUN(X[[1L]], ...) :
No data available. Are you the owner of this page? See ?getInsights.
I have an administrator role in my app (obviously) and an admin role on the page desginated by my_id.
I suspect I will have to alter some config somewhere. What am I missing?
You need read_insights permission from the page admin (you in this case), before you can access these metrics.
Any more common permissions I need to include, so I won't stumble upon some more rejections?
Nah, don’t ask for permissions “just to be on the safe side” – that will only give problems in review (if the app is supposed to be used by the general public at one point?), if they see you asking for permissions without actually using them.
I’d rather suggest you use Graph API Explorer first to test out the request you want to make; its debug feature usually displays a message in such cases as to what permission is missing to get the requested data.