In OM API as we used to fetch user identities and we can put search on multiple values for example:
when we set IdentitySearchFilter = IdentitySearchFilter.DisplayName we were able to give multiple user display names to fetch multiple users, how can we achieve this in C# REST API, because it is accepting only one display name to fetch its user?
IdentitiesCollection identities =
identityHttpClient.ReadIdentitiesAsync(IdentitySearchFilter.DisplayName, displayName[0]).Result;
I have a list of displayNames to fetch users in one call to TFS.
Below code will help you to fetch all the user list:
foreach(var displayName in displayNames)
{
var result = await client.ReadIdentitiesAsync(IdentitySearchFilter.DisplayName, displayName).Result;
}
OR
foreach(var displayName in displayNames)
{
IdentitiesCollection identities = identityHttpClient.ReadIdentitiesAsync(IdentitySearchFilter.DisplayName, displayName).Result;
}
Refer this similar SO Thread and MSFT documentation to get all the users in a given scope and this is for getting direct members in a group.
Related
I am only getting the Ids of contacts, owners, createdby and updatedby fields. Which API to use to get the corresponding names?
"contacts":{"Expert": [{"id": "aa874e20-85bd-4e63-a11d-ce715e2a85bb"}],"Steward": [{"id":aa874e20-85bd-4e63-a11d-ce715e2a85bb"}]}
i am only getting the Ids of contacts, owners, createdby and updatedby
fields. Which API to use to get the corresponding names?
Thank you #Sindhuja Laxmipuram posting your suggestion here as community wiki to beneficial for other community members for similar issue.
You can use the below command to list the contact or owner name for
the above.
GET {Endpoint}/catalog/api/atlas/v2/entity/guid/{guid}?minExtInfo={minExtInfo}&ignoreRelationships={ignoreRelationships}
For more information please refer this SO THREAD | How to use REST API to extract role assignment information from a Azure Purview account .
At first I want to mentioned I did search for the answer but I did not get the concrete answer. So here I am asking again.
I am using MVC.net project and using Microsoft graph to get informaiton from Azure AD. I am trying to get EmployeeId along with DisplayName. For the scope I am using 'user.readbasic.all
With below query I am getting DiplayName for all the users but for EmployeeID I am getting null. Except for myself.
"https://graph.microsoft.com/v1.0/users?$select=DisplayName,EmployeeId";
When I use "me" then again get the EmployeeID.
"https://graph.microsoft.com/v1.0/me?$select=DisplayName,EmployeeId";
So using the user.readbasic.all I do get employee id but for myself but why not for others
This is due to for others Employee ID has not been set.
Example: Employee ID has not been set for a user ,so it is showing null.
Let me Set an employee ID for a user.
Now I am testing for with same API I am getting my EmployeeID value.
In below Picture you can see as I have set EID for Rahul Only and for others it is showing null.
Is possible to have user in one realm to manage another realm in keycloak?
My goal is to have 2 realms - adminRealm & userRalm. In adminRealm should be users, which will be able to log in to our admin app and there they could create via Keycloak rest api "ordinary user" which will be placed into userRealm.
Currently my solution working over one realm, where I have admin user which is able to log into my admin app and there he can create users in the same realm. But if I want create users to another realm, I get 403 error. So is there any way how to allow admin user to manage another realm (eg create users etc.)?
You should use master realm for storing admin accounts. Non master realms are isolated from each other. If you look to the clients list in master realm you should see that every realm represented by client with OIDC id like "foo-realm". This clients represents administration REST API for corresponding realms, and users with granted roles from this clients could perform admin requests to corresponding apis.
For example you have foo realm which will contain ordinary application users. To achieve your goal to introduce admin accounts that will be able to manage users from foo you have to create foo-admin user in master realm and grant him foo-realm.realm-admin role. Now this user has total control over foo realm and no control over master realm. You also can map foo-realm.realm-admin role to some group in master realm and add users to it (so if any changes appears in future you will have to change only group role settings)
In case you use terraform your solution would look like this:
data "keycloak_realm" "master" {
realm = "master"
}
data "keycloak_openid_client" "realm_management" {
realm_id = data.keycloak_realm.master.id
client_id = "foo-realm"
}
data "keycloak_role" "query_users" {
realm_id = data.keycloak_realm.master.id
client_id = data.keycloak_openid_client.realm_management.id
name = "query-users"
}
data "keycloak_role" "manage_users" {
realm_id = data.keycloak_realm.master.id
client_id = data.keycloak_openid_client.realm_management.id
name = "manage-users"
}
resource "keycloak_user_roles" "user_admin_roles" {
realm_id = data.keycloak_realm.master.id
user_id = keycloak_user.users_admin.id
role_ids = [
data.keycloak_role.query_users.id,
data.keycloak_role.manage_users.id,
]
}
I have two tables in my database.
Users
id,name
Posts
id,user_id,name
// user_id is the id who has created the post.
How do i get list of all users that have created the posts.
Relation in users table is like this.
=> user HasMany posts.
The relation in Post Class
=> post belongsTo users.
What i have tried so far
$uses = User::with('posts')->get();
This returns list of all users,that has not even created the post
Do i need to update or create new relation for this?
You need to dig into Laravel Eloquent.Have a look into this URL
By the way you can try this.
$users = User::has('posts')->get();
It will return list of all users with posts.
In geometrix site if I need to get the results for page which has only user X has access
Following query pulls all the records, but I need to restrict for only X user
http://myserver.com:4502/bin/querybuilder.feed?orderby=%40jcr%3acontent%2fjcr%3acreated&orderby.index=true&orderby.sort=desc&path=%2fcontent%2fgeometrixx%2fen&type=cq%3aPage
What are the parameters that need to be included in the url
ACL mechanism, responsible for authorization (deciding if a user has access to a resource) is quite complicated. Privileges are inherited from ancestor nodes, there are groups (and a group may be member of another group), etc. That's why it is not possible to write a query that will list nodes available for a particular user.
However, you may create a resource resolver working on behalf of any user and use it to query the repository - you'll get only resources available to the resource resolver "owner". Example:
final String user = "my-user";
final String query = "SELECT * FROM [cq:Page] AS s WHERE ISDESCENDANTNODE([/content/geometrixx/en]) ORDER BY [jcr:created]";
Map<String, Object> authInfo = new HashMap<String, Object>();
authInfo.put(ResourceResolverFactory.USER_IMPERSONATION, user);
ResourceResolver resolver = resourceResolverFactory.getAdministrativeResourceResolver(authInfo);
Iterator<Resource> result = resolver.findResources(query, "JCR-SQL2");