I was trying to use LDAP authorization manner to login and looks like the Reader could edit the entire Note Permission which supposed to be read only.
For example I am UserA, I am the owner and writer of the Notebook, and set UserB as the reader. However, once UserB logged in, s/he could remove the owner (UserA) and becomes as the Owner of the Notebook.
Would you please help resolve?
Thank you!
Looks like this is an known issue (in meantime). Looks like this is planned to be solved with version 0.9 (see comment in ZEPPELIN-3096).
Related Jira tasks in Zeppelin project:
https://issues.apache.org/jira/browse/ZEPPELIN-3096
https://issues.apache.org/jira/browse/ZEPPELIN-3396
Until then the only known "workaround" might be to only set trustful persons as readers (not a really good option...).
Related
Well I thought I had resolved the issues I had with the owner of a Project in Cloud Storage.
I was able to add my main email as owner and was able to access IAM ... and the 3rd party backup program worked.
Then I had the not so bright idea to remove the other owner ... now backup will not work because it was set to use the deleted owner for access (which is still a surprise to me).
So I went in to the IAM and added the owner back with the same email, quickbooksrus#gmail.com ...
However even though the email is correct when I save, it changes to quickbooks.rus#gmail.com in the permissions list, and because of this I never get the activation email ...
Why does this keep changing ? Because I deleted it in the first place ?
Thanks
I was able to figure this out, but it was simply the old email that I never used had a typo in it and was misspelled ... didn't notice it ...
No issues now ... Thank you to the Google Billing Support ...
At the moment I am adding the user to one group at a time using this endpoint:
PUT /{realm}/users/{id}/groups/{groupId}
In my use case it would be beneficial to perform the affectations in bulk, so far I haven't found a documented way of doing so, is there a way to do it?
Thanks
PUT /{realm}/users/{id}
It's in the documentation, but it doesn't work.
I started discussion on github
You could try to update the full user data
PUT /{realm}/users/{id}
with a partial UserRepresentation containing a minimal json with "groups" array only ?
I see that nearly all fields are marked as optional:
cfr https://www.keycloak.org/docs-api/12.0/rest-api/index.html#_userrepresentation
i need help in developing pretty simple plugin for miencraft version 1.15.2
Plugin is made to check if user has allready logged for a first time if not:
i adds him to a hashmap (so it wont check him twice) and executes a command on a player to add give him permission from plugin LuckPerms.
I've found out that there is PluginCommand:
https://hub.spigotmc.org/javadocs/spigot/org/bukkit/command/PluginCommand.html
But im not quite sure how to use it to make it perform (as server):
/lp user playerName group add groupname
EDIT:
I just can't find how to execute a command so the player will get the permission.
Thanks for your time.
Get luckperms or permissions ex to manage permissions
in your use case the LuckPerms API would make sense to me.
You could use the API to set the Rank of the player loggin in.
LuckPerms api = LuckPermsProvider.get();
api.getUserManager().getUser(uuid).setPrimaryGroup("groupname");
For more info check the Wiki
The API documented here - http://developer.yammer.com/restapi/#rest-users clearly states:
"4) Alias to /api/v1/users/current user’s id.format. Supports include_followed_users, include_followed_tags, and include_group_memberships parameters.
GET https://www.yammer.com/api/v1/users/by_email.json?email=user#domain.com`
Yet, when we try this, it does not return any followed user information at all! The request we're using is like so:
https://www.yammer.com/api/v1/users/by_email.json?email=me#company.com&include_followed_users=true
However, this request DOES return followed users, but only for the current user:
https://www.yammer.com/api/v1/users/current.json?include_followed_users=true
Am I missing something completely obvious and being stupid or is there a real issue here? If this was taken out for whatever reason, then you'd have thought that the API documentation would have been updated.
The Yammer Team did eventually get back to me on this. Their response below:
(I've removed https://www.yammer.com from URLs because I don't have enough rep' to post more links)
Hey Jason Dunbar looks like the documentation here is wrong.
I looked in to this and had some conversations with a few engineers this week and have the following (albeit more arduous workaround):
1) Call get user by email endpoint and retrieve the id attribute from here: /api/v1/users/by_email.json?email=user…
2) To grab following users, take that id and:
GET /api/v1/users/following/[:id].json
3) To grab group memberships for that user you'll need to impersonate him/her (verified admin only) and
GET /api/v1/users/current.json
We'll get the documentation updated ASAP with this. Also happy to keep the conversation going to help if needed.
Make sure you are setting the email parameter to the user's email that they are registered with.
E.G. if your company has multiple domains but the Yammer network is under bigco.com and the user is registered with an email under bigcosubsidiary.com you'll need to make a request to the API with user#bigcosubsidiary.com.
-as mentioned - it looks like its only for current.json - you can check it here http://yammer-dev.herokuapp.com/endpoints/4 - hope it helps.
Rich
I have configured request tracker4 to be an interdepartmental helpdesk solution. The current setup is that users will login to RT using LDAP. Once logged in there account is automatically created. However, their account is created with no privileges.
To fix this I have been having to go to Tools-->Configuration-->Select then put in the users DN name and clicking add I then have to check the box "Let this user be granted rights (Privileged)" I have also tried setting Set($AutoCreate, Privileged); but no luck.
I looked at the user accounts in the sqlite database and noticed that when new user logs in they are indeed created in the database. But with no privileges.
709|tuser3|*NO-PASSWORD*|||||||tuser3|||||||tuser3||tuser3|||||||||||||1|2013-03-08 13:47:38|1|2013-03-08 13:47:38
791|Mayra|*NO-PASSWORD*||||Mayra#**************||Main Office|Mayra Hernandez|||||||Mayra||Mayra||**************|||||||||||1|2013-04-03 21:46:36|1|2013-04-03 21:46:36
797|sdrakeford|*NO-PASSWORD*||Autocreated when added as a watcher||sdrakeford#**************|||Sophia C. Drakeford|||||||sdrakeford||sdrakeford|||||||||||||1|2013-04-04 13:18:58|1|2013-04-04 13:18:58
827|Robert.Troy|*NO-PASSWORD*||||Robert.Troy#*******************||Main Office|Robert Troy|||||||Robert.Troy||Robert.Troy||***************|||||||||||1|2013-04-04 16:11:58|1|2013-04-04 16:11:59
Am I missing something, because usually these things are quite obvious.
The $AutoCreate option takes a hashref with all of the default options you want to pass to the User Create method. Try something like:
Set($AutoCreate, {
Privileged => 1
});
(As an aside, it's generally not recommended to run a production instance on sqlite. You might want to consider converting to MySQL or Postgres.)