As per the https://developer.salesforce.com/docs/atlas.en-us.lightning.meta/lightning/tokens_standard_communities.htm, I want to use community tokens in the Lightning Web Component (LWC).
In the LWC CSS file, I have applied the textTransform token as,
.cssClass{
text-transform: var(--lwc-textTransform);
}
While saving the LWC, an error is occurring No TOKEN named textTransform found.
How can I use the textTransform token in the LWC?
It seems it was available for Aura components only and is not marked as Global within the definition,
As per below link:
Lightning web components can use any Lightning Design System design token marked Global Access. If you get the error: No TOKEN named tokenName found, it's likely that you're using a token that isn't marked Global Access. Either use a global token or use a custom Aura design token.
https://developer.salesforce.com/docs/component-library/documentation/en/lwc/lwc.create_components_css_design_tokens
Related
I have a purchased license at fusion charts. Fusion charts document says here... https://www.fusioncharts.com/dev/upgrading/license-activation that i have to use this function call for applying license...
FusionCharts.options.license({
key: 'KEY_GOES_HERE',
creditLabel: false,
});
if i put my key in that anyone visiting my website can easily take it from view -> source of browser. how do i avoid it ? It is simple HTML website.
You can use either of the followings :
Instead of passing the keys directly in JS code, pass them via the environment, application variables. And add the env file to gitignore
Use Obfuscation for the key and JS code being used for license activation.
You can store the value of the key in your database & and fetch the data value so that the end-user is unable to access it.
If you know the domain/sub-domains where charts will be used, you can restrict the license keys to those domains by sending a request to sales#fusioncharts.com
As far as I know, there is no way to completely hide it from the frontend. The reason for this is that even if the key is hidden in some way when the request is made, the information has to exist and so the key could be found by looking at the request data.
What you wish to protect against determines how you should go about it. If you would just like to hide it from being picked up by webscrapers, then I would imagine encrypting it and then decrypting it before you send would be sufficient.
If you would like to protect against anyone stealing it, then the only way is to have a server act as a proxy. You would make a call to an API which would then use your API key on the backend, away from the prying eyes of users. Your backend API would then just return to the user the response from fusioncharts.
FCC provides a style id from their website which is
https://api.mapbox.com/styles/v1/fcc/ck07351k218h31cp7om3z4bka.html?fresh=true&title=true&access_token=pk.eyJ1IjoiZmNjIiwiYSI6ImNqY2h2MnAxbDJhZjIycXBnN3cxb3FnYzAifQ.-JIKXvGZ-ZI2m7L8f92Lew#3.0/37.000000/-95.000000/0
However, when I tried to embed the style into my website, it is not working.
My code is
mapboxgl.accessToken = 'myowntoken';
var map = new mapboxgl.Map({
container: "map",
style: "mapbox://styles/fcc/ck07351k218h31cp7om3z4bka",
center: [-121.064242, 36.922103], // starting position
zoom: 5
});
I wonder why this happened?
It's likely that FCC only allows using this style with their token. The note on their documentation website says:
Note: In order to access these layers, in the various formats below, you need a Mapbox access token. We are including a public access token in the links below since we want to make it easy for people to access broadband data in whatever format is most useful. However, if we find that the access token is being abused, and in particular being used to access maps unrelated to the broadband map, we will have no choice but to deactivate the token, and require end users to get their own token.
While it implies that you could use your own token, it seems like they didn't actually enable this functionality.
You can use the token they provided for the time being.
I'm developing a basic recruitment-type website.
I have an "Apply" CustomForm attached with a contenttype("Job"), but I can't get access fields outside of the CustomForm widget. I'm trying to add the reference number or the url to the email within the workflow. Orchard shows {Content.Fields.Input-Reference} token, but it returns no value when used.
Should I overwrite the handler when the form is created or how can I access fields of other zones?
As far as I understand the question, you don't actually need to add a custom token to your module. Custom Forms module takes care of that for you and adds the tokens for fields itself. You just need to use them in the email module.
Just look for a tokens named like this:
Content.Fields.[FormContentTypeName].[FieldName]
Not that the tasks of adding custom tokens to the system and accessing them inside the workflow are particularly hard, mind you.
i am using Bing map tiles in my Android application. I download tiles from http://h0.ortho.tiles.virtualearth.net/tiles/h<quadkey>.jpeg?g=131 and it works fine, but i understand that i need to append a token to this URL in order to make this operation legal (and ask some kind of special permission from Microsoft). It is all well explained here: http://blogs.msdn.com/b/virtualearth/archive/2008/04/29/tracking-virtual-earth-tile-usage.aspx. But this post is from 2008 and i found on msdn site that in 2012, token-auth system will be replaced with key auth system.
Does anybody know how can i perform the direct tile access with this new auth system?
Thanks in advance
Accessing tiles directly with key-based authentication can be accomplished like so:
Using the REST ‘Get Imagery Metadata’ service to obtain the tile URL format for the type of tiles you wish to display:
http://msdn.microsoft.com/en-us/library/ff701716.aspx
- For example, if you wish to display Road tiles, the following request could be used (taken from the above documentation): http://dev.virtualearth.net/REST/V1/Imagery/Metadata/Road?mapVersion=v1&output=xml&key=BingMapsKey
Within the response, the URL for tiles is returned, with a placeholder for the tile quadkey.
A new REST request should be issued each time the map viewer in the application is instantiated, or whenever the map type is changed (eg. You wish to switch to aerial or hybrid map style)
Your platform usage can then be tracked based on the calls to the REST service.
I'm wondering if you could suggest me any way to implement "user roles" in GWT applications. I would like to implement a GWT application where users log in and are assigned "roles". Based on their role, they would be able to see and use different application areas.
Here are two possible solution I thought:
1) A possible solution could be to make an RPC call to the server during onModuleLoad. This RPC call would generate the necessary Widgets and/or place them on a panel and then return this panel to the client end.
2) Another possible solution could be to make an RPC call on login retrieving from server users roles and inspecting them to see what the user can do.
What do you think about?
Thank you very much in advance for your help!
Another way is to host your GWT app in a JSP page. Your JSP might contain a snippet of code like this
<script type="text/javascript">
var role = unescape("${role}");
</script>
Where ${role} is expression language expanded from value you computed from the associated servlet / controller and exposed to the JSP.
When your GWT app runs in the browser, the value will be filled out. Your GWT app can easily call out into JS to obtain this value from a native method call, e.g.
public native String getRole() { /*-{ return $wnd.role; }-*/;
So your module could invoke getRole(), test the value and do what it likes to hide / show elements.
Obviously your backend should also enforce the role (e.g. by storing it in the session and testing it where appropriate) since someone could run the page through a JS debugger, setting breakpoint or similar that modifies the value before it is evaluated allowing them to access things they shouldn't be accessing.
Following scenario works for me:
GWT app is behind security constraint.
On module load I make RPC call to retrieve roles from the container. I store them in main GWT module's class as static field, to make it easy for other classes to use it.
Each widget (especially menu) can use roles (e.g. call Main.getRoles()) and construct itself according to roles. I don't pass roles in constructor. Each widget knows how to behave depending on role.
If it's crucial to not only hide things but also enforce them you can use container security and check roles and rights while invoking business methods.
While using GIN you can also create singleton class to store roles retrieved during login and inject it wherever you need it.