How to make loggingDebug = "true" for a request scoped component in /dyn/admin ?
You cannot do this via /dyn/admin as the component is by its nature request scoped. What you can do is edit the component's properties file and it will pick this up for the next request.
yes you can actually do that.
go the dyn/admin/nucleus/ and add the path after the nucleus.
check this link
https://community.oracle.com/thread/2444056
so basically say I have the properties file in atg/userprofiling/myPropertiesFile.properties then just type
http://localhost:port/dyn/admin/nucleus/atg/userprofiling/myPropertiesFile
HIH
First you have to define a global component with a loggingDebug property.
Example:
LoggingConfiguration.properties
$class=com.example.configuration.LoggingConfiguration
$scope=global
loggingDebug=false
Now in your request scoped component, link the loggingDebug property to LoggingConfiguration.loggingDebug as follows:
loggingDebug^=/path/LoggingConfiguration.loggingDebug
So you can control the loggingDebug configuration from the dyn/admin using the property in global scoped component LoggingConfiguration.
Once the LoggingConfiguration.loggingDebug is set to true, you will have logging enabled in further requests.
Related
I want to custom client properties, "health-url","management-url","service-url". Here is properties in application.properties.
spring.boot.admin.client.health-url= http://localhost:8080/registry/health
spring.boot.admin.client.management-url= http://localhost:8080/registry
spring.boot.admin.client.service-url= http://localhost:8080/registry
The default properties is
managementUrl=http://localhost:8080,
healthUrl=http://localhost:8080/health,
serviceUrl=http://localhost:8080,
But the properties are ignored.
I find the issue Admin Starter Client ignoring Service,
However the properties is not useful
spring.boot.admin.client.ignoreUnknownFields=true
How can I change the properties?
I have an OData service which is made in manifest.json
In some services I need to pass some url parameters like ?$expand=XYZ
SO the question is how can I set serviceUrlParams in the run time and not inside of the manifest.json while the OData model has been created by component class.
There seems to be a misunderstanding that parameters such as $expand belong to the serviceUrlParams. No, we need to distinguish between
Metadata URL parameters: metadataUrlParams in model definition. Those parameters will be only attached to the $metadata request which is at the model instantiation.
Service URL parameters: serviceUrlParams in model definition. Those parameters will be attached to all requests.
Data URL parameters:
parameters in binding definition (usually in the view) as mentioned here, or
urlParameters in model APIs such as read as mentioned here.
For $expand, data request parameter is what you have to define in each binding definition whereever it's needed. Then, the respective data will be loaded on-demand.
API Reference: ui5.sap.com/#/api/sap.ui.model.odata.v2.ODataModel
Documentation: ui5.sap.com/#/topic/6c47b2b39db9404582994070ec3d57a2
Hope this will helps.
var oModel = sap.ui.getCore().getModel();
oModel.read("/entityset?$expand=" + dynamicValue,mParameters);
for expand url data use the second parameter of the read function.
oDataModel.read("/yourEntitySet", {
success:jQuery.proxy(this._yourSuccessCallback, this),
urlParameters: {
"$expand": "YourExpandData"
},
error: jQuery.proxy(this._yourErrorCallback, this)
});
Which Identity does CodeFluent.Runtime.CodeFluentUser.Current use?
Does it use HttpContext.Current.User.Identity or Thread.CurrentPrincipal.Identity?
Or does it use a fallback mechanism?
CodeFluentUser.Current calls CodeFluentUser.Get(CodeFluentUserIdentityType.CurrentOrWindows). If you use CodeFluentContext.User, the identity type can be set in the configuration file (by default userIdentityType="AspNetOrWindows")
Here's the documentation for each CodeFluentUserIdentityType:
Windows: WindowsIdentity.GetCurrent()
AspNet: HttpContext.Current.User when http context is available; CodeFluentUserIdentityType.Windows otherwise
AspNetOrWindows: HttpContext.Current.User when http context is available and user is authenticated; CodeFluentUserIdentityType.Windows otherwise
Current: Thread.CurrentPrincipal.Identity
CurrentOrWindows: Thread.CurrentPrincipal.Identity when authenticated; CodeFluentUserIdentityType.Windows otherwise
According to your answer AspNet means:
HttpContext.Current.User when http context is available; CodeFluentUserIdentityType.Windows otherwise
However, according to the documentation AspNet means:
If the context is ASP.NET, HttpContext.Current.User.Identity will be
used. Otherwise, Thread.CurrentPrincipal.Identity will be used.
I assume the documentation is right about this?
if you have a REST API that is hypermedia-driven (HATEOAS) you can easily change a client's behavior by including or omitting links in the response (_links). That enables a client to completely forget about testing permissions for the operations that are possible in the current state of a resource (the link to the operation is present or not).
Additionally you can leave out properties in the response if the current user doesn't have permission to see it.
That way authorization is done entirely on the server (and controls actions and properties that are eligible to execute/view).
But what if I want to a have a read-only property? It is no problem for the REST API to ignore the property if it is present in the request (_POST_ OR _PUT_). it just won't get saved. But how can a client distinguish between write and read-only properties to present the user appropriate controls (like a disabled input field in HTML)?
The goal is to never ever have the client request a user's permissions, but to have a completely resource driven client/frontend.
Any help is greatly appreciated :-)
If I misunderstood your question, I apologize upfront. With that being said...
But how can a client distinguish between write and read-only
properties to present the user appropriate controls (like a disabled
input field in HTML)
Well, there are multiple solutions to this. The simplest one I can personally think of is to make each property an object having a simple structure of something like:
...
someProperty: {
value: 'some value',
access: 'read-only'
},
someOtherProperty: {
value: 'some value',
access: 'write'
}
...
You can obviously get as creative as you want with how you represent the "access" level of the property (using enums, booleans, changing access to be isReadOnly or whatever).
After that, the person using the API now knows they are read-only or not. If they submit a "write" value for a "read-only" property as part of the POST payload, then they should expect nothing less than a 403 response.
Edit:
In case you can't alter the properties in this manner, there are a number of other ways you can still achieve this:
write documentation that explains what access each property has
create a route that the user can submit 1 or more properties to in order to receive a response that indicates the access level of each property (response: { propName: 'read-only', propName2: 'write', etc.)
Return a propertyAccess map as part of the response (mapping properties to access levels).
end of the day, you just need a way to map a property with an access level. however that's done depends on what your restrictions and requirements are for the api, what changes you can make, and what is acceptable to both your client(s) and the business requirements.
I have a policy which checks whether a request has complete and valid body. I want to send a value to the controller to determine whether the result is passed or failed. Is there anyway to achieve that?
Why pass control to the controller at all if the policy fails? Usually the point of a policy like the one you described is to divert program flow if the policy fails, perhaps to an error page. In any case, what you're looking for is best done using req.options:
req.options allows altering of (or providing defaults for) request parameters without modifying the original object.
You can set a value in req.options in your policy, then read it back in your controller without having to modify the actual request.
Policy gets the request object as input and you can modify that object before sending it to the controller, ie piggyback your data over the request object.
You can do something like this in the policy :
req.body.paramname = 'newval';
And in the controller, you can get the value
var paramFromPoliy = req.body.paramname;