From Node, I am attempting to use Google Cloud Vision API to analyze an image stored in Google Storage. I have successfully base64 encoded an image and uploaded it but would like to speed up the process by executing against files I have in Google Storage. My Request is so,
{ "requests":[ { "image":{ "source": { "gcsImageUri" : "gs://mybucket/10001.jpg" } }, "features":[ { "type":"LABEL_DETECTION", "maxResults":10 } ] } ] }
but I receive this error from my call,
{ "responses": [ { "error": { "code": 7, "message": "image-annotator::User lacks permission.: ACCESS_DENIED: Anonymous callers do not have storage.objects.get access to object mybucket/10001.jpg." } } ] }
I am not using any google SDK or node_modules for this request, just a Browser API Key and the http module. Is there some permissions I have to set within Cloud Storage to allow Vision API access to the objects in the bucket? If so what would that be, I am new to Google Cloud Platform but have extensive experience with AWS IAM roles.
Thanks,
VIPER
You are probably invoking the Cloud Vision API anonymously with a GCS image that is not publicly readable. You are likely providing an API key, but API keys do not authenticate request. You can fix this problem in one of two ways:
Make an authenticated request to the Cloud Vision API, authenticating as a particular user that has authorization to read the GCS file, or
Set the GCS file to allow anonymous read access. You can do this from the console by checking the "publicly readable" checkbox by the object or by using the command-line client like this: gsutil acl ch -g AllUsers:R gs://mybucket/10001.jpg.
Actually there are two ways.First way is
1)Open the bucket of your google cloud vision and there will be a option called "share publicly" and mark it yes for the document you would like to test.Then run the code and you will get the required result
Related
I'm trying to create new DropboxPaper document in my account [email address redacted],
I'm use official Api and try to create file by "https://api.dropboxapi.com/2/paper/docs/create", the returned result is:
{
"error_summary": "insufficient_permissions/.",
"error": {
".tag": "insufficient_permissions"
}
}
Somebody know what's is wrong? Please help me)
[Cross-linking for reference: https://www.dropboxforum.com/t5/API-Support-Feedback/Paper-API-Create-Paper-Document/m-p/375961/highlight/true#M21093 ]
It sounds like you're probably using a new Dropbox account, so the Dropbox Paper functionality is only available in the Dropbox filesystem, and not via the legacy Paper API endpoints. You can find more information here:
https://www.dropbox.com/lp/developers/reference/paper-migration-guide
I have created a Webhook (https://moviebotdf.herokuapp.com/get-movie-details), it is tested with postman and dialogflow and working properly.
I want to integrate it with IBM Watson Assistant via programmatic call, but this is not returning anything (i.e. the output is "").
I checked the IBM support (https://cloud.ibm.com/docs/services/assistant?topic=assistant-dialog-actions&locale=en) and also other solutions as calling a function that could call the webhook but I am having even less succcess there. As I understand from the support, a direct call from the Assistant to the Webhook should be possible (and easier for newbies like me), hence is the solution I seek. Code in the Assistant is as follows:
{
"context": {
"skip_user_input": true,
"prodname": "$prodname"
},
"output": {
"text": {
"values": [
"$dataToSend"
],
"selection_policy": "sequential"
}
},
"actions": [
{
"name": "https://moviebotdf.herokuapp.com/get-movie-details",
"type": "client",
"parameters": {
"prodname": "$prodname"
},
"result_variable": "context.dataToSend"
}
]
}
So "prodname" is captured by Watson Assistant in the previous node (I checked that and it is working correctly) and sent to the Webhook. The variable used in the Webhook is also called "prodname". The expected output from the Webhook is stored in the variable "dataToSend", but as said above the answer in Watson is only "" as "$dataToSend" is "".
I tried also with "result_variable": "dataToSend" and "result_variable": "$dataToSend" without success, so what I guess is that the webhook is not being called...
I am new in the topic, so please do not hesitate to correct any problems in my post.
Thanks in any case in advance!
Adrià
IBM Watson Assistant lists three different options of making a programmatic call from within a dialog node:
client: your app is in charge of calling out to the action
server or cloud_function: IBM Cloud Functions action is invoked from Watson Assistant
web_action: The web action of an IBM Cloud Functions action is invoked from Watson Assistant
If you host your webhook on IBM Cloud Functions, then Watson Assistant can directly call it. With your current hosting and client specified, your app is in charge. In that case your app needs to check that the context includes the information about a client action, extract that related metadata, invoke the webhook and send the data back to Watson Assistant.
I have written an example for such a client action for my Watson conversation tool. See that repo for instructions.
I want to know whether IBM Watson Assistant has the feature of calling webhook.
It means when an intent of workspace is matched Watson Assistant need to send a post request to an external server including the intent in the request body.
Example for a webhook:
https://123.456.789.12:7788/myWebhook/testMethod
IBM Watson Assistant need to send a Post request to this service and that service will return a text string. Watson Assistant should get that text and show it to the user.
That is my usecase. Will it work with Watson Assistant?
i found the below documentation from IBM site.
https://console.bluemix.net/docs/services/conversation/dialog-actions.html
It says to update the json response. i.e. add another key value pair to json object as "action". in the action json array there is "name" parameter. I added above url to name parameter and checked by calling the intent whether a request comes to my web service but it didn't.
following is my json response. i assumed once the intent is matched a post request should go to my web service. but i checked my web service by printing the request body on the console. but no any request came to it. could you please tell me where did i miss?
{
"context": {
"skip_user_input": true
},
"output": {
"text": {
"values": [
"your current outstanding balance is $my_balance ."
],
"selection_policy": "sequential"
}
},
"actions": [
{
"name": "https://123.456.789.12:7788/myWebhook/testMethod",
"type": "client",
"parameters": {
"body": "$body"
},
"result_variable": "context.my_balance"
}
]
}
You found the correct method, i.e. dialog actions, to implement webhooks.
Watson Assistant supports server- or client-side actions:
For the server-side action you would set up an action with IBM Cloud Functions. That action would call the webhook.
For client side, you would pass the information similar to what you show in the question to the app (client). Your app would need to react and to call the webhook.
From what I read about your case I recommend checking out the server-side action. This tutorial about a database-driven bot implements a couple of those actions. Instead of calling the database, you would call out the webhook.
As of August 2019, there is now an integrated webhook feature in Watson Assistant.
Go to "Options" in the Assistant dialog and enable webhook. Paste the url you got after creating an action from cloud functions. Don't forget to add ".json" to the url you paste in the assistant webhook page. See more information here:
https://cloud.ibm.com/docs/assistant?topic=assistant-dialog-webhooks
I am checking the device access API.
There is a API of device access in SoftLayer_User_Customer.
but I can't find a API of "Automatically grant access when new devices are added".
where can I find that? or SoftLayer doesn't suppot that ?
You have to add permission to implement Automatically grant access when new device are added.
This is the rest api to add permission:
POST
https://[username]:[apiKey]#api.softlayer.com/rest/v3.1/SoftLayer_User_Customer/[userId]/addPortalPermission
Body: Json
{
"parameters": [
{
"keyName": "ACCESS_ALL_HARDWARE" // To add the “ACCESS_ALL_GUEST” and “ACCESS_ALL_DEDICATEDHOSTS” permissions you have to run the same request, changing
} // only the “keyName”.
]
}
To get the “keyName” of all the permission, use the following rest api:
GET
https://[username]:[apiKey]#api.softlayer.com/rest/v3.1/SoftLayer_User_Customer_CustomerPermission_Permission/getAllObjects
To verify that the permission were added, use this rest api:
GET
https://[username]:[apiKey]#api.softlayer.com/rest/v3.1/SoftLayer_User_Customer/[userId]/getPermissions
I'm looking for a way to determine who uploaded a file to a Cloud Storage bucket. All of the users with access to write to the bucket are authenticated users in the same G Suite domain.
The object ACL in Cloud Storage shows an owner identifier string which looks like the following:
{
"entity": "user-84fac329bceSAMPLE777d5d22b8SAMPLE77d85ac2SAMPLE2dfcf7c4adf34da46",
"entityId": "84fac329bceSAMPLE777d5d22b8SAMPLE77d85ac2SAMPLE2dfcf7c4adf34da46",
"role": "OWNER"
}
However, it does not appear that there is an easy way to map this ID back to a user's email address (or to determine the Cloud Storage ID for a user whose email I know, except by using that user account to upload a file and querying the object ACL).
Is this true? Or am I just not seeing the way to do this?
Thank you for the help!
Although I can't give you an specific timeline, we're actively working on deprecating canonical ids. This should no longer be a problem in the near future.
In the meanwhile, there are.. options.
First: A user can find their canonical ID on this page (Unfortunately it is going to make you pick a project, since the page also shows the canonical ids for the project roles).
https://console.cloud.google.com/storage/settings
However, if you really need to find out the email address for a random canonical id you should be able to do this somewhat ugly workaround.
1) Add the user to a bucket policy via the ACL API
gsutil acl ch -u <canonical_id>:READ gs://<bucket>
2) Fetch the bucket IAM policy
gsutil iam get gs://<bucket>
The entry should show up as an email address.
{
"bindings": [
{
"members": [
"projectOwner:<project-id>",
"projectEditor:<project-id>",
],
"role": "roles/storage.legacyBucketOwner"
},
{
"members": [
"projectViewer:<project-id>",
"user:<user email here>"
],
"role": "roles/storage.legacyBucketReader"
}
],
"etag": "CAI="
}
Try getting the ACLs again. I just tried today 07/05/2017 and the returned ACLs included email address. It would appear Google has updated the API, replacing the old Google Cloud Storage ID with the user's email address.
{
"email": "email#domain.com",
"entity": "user-email#domain.com",
"role": "OWNER"
}