I am trying to create a chat application exactly like WhatsApp using Ejabberd server. I successfully create groups using admin APIs. But I can't add members to it. below is the request format.
http://ejabberd.mysite.com:5281/api/create_room
{
"name": "roomAndroidTest3",
"service": "conference.mysite.com",
"host": "ejabberd.mysite.com",
"options": [
{
"name": "members_only",
"value": "true"
},
{
"name": "allow_subscription",
"value": "true"
}
]
}
How can I add/delete members to this group? I don't find any rest API for this. I know how to add using subscription methods. But I want my server admin to handle all this functionality.
If this is not the right way, Please tell me how WhatsApp handling this functionality?
Already read these docs muc-pub, but not helped me
How can I add/delete members to this group?
You can grant "member" affiliation with:
https://docs.ejabberd.im/developer/ejabberd-api/admin-api/#set-room-affiliation
For example, grant member:
$ ejabberdctl set_room_affiliation sala1 conference.localhost user881#localhost member
Revoke member:
$ ejabberdctl set_room_affiliation sala1 conference.localhost user881#localhost none
Related
I have 2 AWS accounts.The Front end along with cognito is hosted in Account 1 and the backend with the API GW is hosted in Account 2. I want to setup RBAC to prevent the users in the Cognito group to 'DELETE' API's using cognito groups. I have created a permission policy as below and attached it to a Role and then attached the Role to the Cognito group. I have then created a Authoriser for the API GW in Account 2 using the Cognito user pool available in Account 1 and then attached the Authoriser to the API's Delete Method Request.
Deny Policy, where I have replaced the resource parameters with my account/API details:
{
"Version": "2012-10-17",
"Statement": [
{
"Effect": "Deny",
"Action": [
"execute-api:Invoke"
],
"Resource": [
"arn:aws:execute-api:region:account-id:api-id/stage/METHOD_HTTP_VERB/Resource-path"
]
}
]
}
But when I try to delete the API, I am still able to successfully delete it. But I expect to get unauthorised as per the setup. I am able to see the Cognito user group details when I decode the token response, so my guess is the Cognito call is happening properly with API GW, but the Role/Deny Policy attached is not being enforced. Can someone please help me know what I am doing wrong, since this is cross account do I have to do something else with the IAM Role I have attached to the Cognito group or is there a issue with the Policy I am using?
Is it possible to add the owner to the Azure AD group from any REST API?
I think I should have one service principal and I have to generate an access token to do that.
I tried to generate access token and used below query to add owner via Postman.
https://graph.microsoft.com/v1.0/groups/groupid/owners/$ref
But I am facing 403 Forbidden error like below:
{ "error": { "code": "Authorization_RequestDenied", "message":
"Insufficient privileges to complete the operation.", "innerError": {
"date": "2022-06-29T05:42:38", "request-id":
"ebd01257-b890-4b3d-8c22-a1b34738e5a6", "client-request-id":
"ebd01257-b890-4b3d-8c22-a1b34738e5a6" } }
I have granted API permissions like below:
What else permissions are needed? Is there any other way instead of Postman?
You can make use of Microsoft Graph Explorer instead of Postman that doesn't require you to generate access token separately.
You can call the same query by granting below permissions based on your account type:
I tried to reproduce the same in my environment and added the owner to the Azure AD group like below:
After running the above query, owner added successfully like below:
To confirm the above, check the portal whether the owner is added or not like below:
Reference:
Add owners - Microsoft Graph v1.0 | Microsoft Docs
Following this documentation I try to make a user following a work item but I receive the following error:
{
"$id": "1",
"innerException": null,
"message": "You are not authorized to create a subscription.",
"typeName": "System.UnauthorizedAccessException, mscorlib",
"typeKey": "UnauthorizedAccessException",
"errorCode": 0,
"eventId": 0
}
The user which tries to create the subscription is an Admin of the project. Both users have access level Basic on organization level. The request uses Basic Auth with PAT with Full Access privileges. The same request succеeds in a different (test) organization but I don't see where is the difference between.
If your users want to set up Global notification, you need to make sure they are members of the Project Collection Administrators group of the organization.
I tested it in the UI, if the user is a project admin but not a member of the PCA group, then he has no permission to perform the operation.
Thanks for providing detail on your user role & licensing, those are usually the first two things to check in cases like these.
Since you're a Project Administrator and have at least a Basic license, I'd recommend checking two things:
If you're using the same PAT when issuing both calls between organizations, make sure that you've chosen "All accessible organizations" when configuring your PAT:
Within your project, head to Project Settings > Service Connections > Security, verify that the user you're attempting to create a service connection with has access. If they don't, add them to the Endpoint Administrators group.
Is it possible to manage security ACL of Variable Group via API in Azure DevOps?
Couldn't find anything in documentation
Is it possible to manage security ACL of Variable Group via API in
Azure DevOps?
Of course sure!
In azure devops, the namespace name of Variable group is library. And the namespace id is B7E84409-6553-448A-BBB2-AF228E07CBEB.
Though we did not document this, but you can catch this by F12. Just click on Security, then you would see this in the Network. token of variable group are also listed in it.
After know the namespace id and the token (library/{project id}) of Variable group, now you could make use of this ACL management doc: Set Access Control Lists.
POST https://dev.azure.com/{organization}/_apis/accesscontrollists/{securityNamespaceId}?api-version=5.1
"value": [
{
"inheritPermissions": true,
"token": "Library/{project id}",
"acesDictionary": {
"Microsoft.TeamFoundation.Identity;S-1-9-1551374245-1204400969-2402986413-2179408616-0-0-0-0-1": {
"descriptor": "Microsoft.TeamFoundation.Identity;S-1-9-1551374245-1204400969-2402986413-2179408616-0-0-0-0-1",
"allow": 31,
"deny": 0
}
}
}
]
I'm trying to get all users from JIRA REST API. I need to save all users to my Database from my own java client. Is it possible to do that ?
If so how we going to do that?
At present time:
for Jira Cloud:
to get all (active + inactive) users:
GET /rest/api/2/users/search?query
to get all active users:
GET /rest/api/2/user/search?query
for Jira Server:
to get all (active + inactive) users:
GET /rest/api/2/user/search?username=.&includeInactive=true
to get all active users:
GET /rest/api/2/user/search?username=.
There seems to be an undocumented way:
Use the "Find user" api
https://docs.atlassian.com/jira/REST/latest/#api/2/user-findUsers
For the username query use %
EG:
/rest/api/2/user/search?username=%
You can get all users that are assignable to a specific project. If everyone is assignable you will get all users.
/rest/api/2/user/assignable/search?project=PROJECT
Curl:
curl -D -u USERNAME:PASSWORD -X GET -H "Content-Type: application/json" https://company.atlassian.net/rest/api/2/user/assignable/search?project=PROJECT
This worked for me:
https://company_name.altassian.net/rest/api/3/users/search?
It will return something like this:
[
{
"accountId": "id",
"accountType": "app",
"avatarUrls": {},
"displayName": "Slack",
"active": true
},
{
"self": "profile_link of ther user",
"accountId": "id",
"accountType": "atlassian",
"avatarUrls": {},
"displayName": "**Real user**",
"active": true,
"locale": "en_US"
}
]
Before saving to DB you'll have to check the accountType:
if (accountType == 'altassian') {
then do push; // or whatever
}
I know it's an old thread but if anyone is searching for this now, this works for me at the moment:
GET /rest/api/latest/user/search?query=+&maxResults=1000
Thanks ;)
One possible way to get all of the users in your JIRA instance is to use the Crowd API's /rest/usermanagement/1/search endpoint:
curl -X GET \
'https://jira.url/rest/usermanagement/1/search?entity-type=user&start-index=0&max-results=1000&expand=user' \
-H 'Accept: application/json' -u username:password
Do note that you'll need to create a new JIRA User Server entry to create Crowd credentials (the username:password parameter above) for your application to use in its REST API calls:
Go to User Management.
Select JIRA User Server.
Add an application.
Enter the application name and password that the application will use when accessing your JIRA server application.
Enter the IP address, addresses, or IP CIDR block of the application, and click Save.
There is no direct method to get all users in Jira Rest API. You might have to use Search function(Which requires passing in atleast one letter to search) or Groups functions, if you have users readily grouped in Jira application.
Go through their documentation for better reference.
https://docs.atlassian.com/jira/REST/latest/#d2e2
https://docs.atlassian.com/jira/REST/latest/#d2e808
You can use simple JDBC scripts to some advanced ones for writing users list to database, through your java client.
Hope this helps!
I also suffered with this problem for a long time. I had a task search by project completed tasks by user. Answer:
https://developer.atlassian.com/rest/api/2/search?jql = project = yourProject + AND + status = done + AND + assignee= yourUser