I want a teacher capability to check the whether the login user is a teacher?
If teacher, I want a different Home Page i.e, my custom page
If student, a different page
Could anyone help ?
What you want to do is use the has_capabilty() function. That is the way you should pose the question. Does the user i am looking at have the capability to see this page. Moodle is all about context and in one context the user may have a different capability than another. Hence, to ask "if a user is a teacher" is the wrong question.
Example of implementation (using moodle 1.9)
if(has_capability('block/my_history:userview', get_context_instance(CONTEXT_USER)) ){
$this->content->footer = 'Manager View';
}else{
$this->content->footer = 'Non Manager View';
}
See this forum discussion for more understanding http://moodle.org/mod/forum/discuss.php?d=70739
Notice the comments by Tim Hunt in this post http://moodle.org/mod/forum/discuss.php?d=126223
It takes a bit of learning, but it works well once you get your head around it.
Good luck
Related
I'm doing a project where the Google Assistant generates a list of cards about information on research articles. Each card on the list would have the title and URL to the research article. The Google Assistant would ask what subject you wants to research about and the user would reply with the subject matter in one or two words. I have the following questions
I understand that the app.buildList() command requires an alias and key variable. Could I level them as blank or null in my code because I don't think I need them
If the user clicks on the URL in a card, will the browser automatically open the link? I remember reading that Google must filter and approve URLs in Google assistant apps
Any help would be appreciated
You should probably populate the relevant fields for each API call in order to handle various types of user inputs. The key is used to identify the item that is being said. If a list is shown, you will need to use the key to identify which is clicked. The user may click on the list item to select it. However, they could also say the thing they want. That is where the aliases are useful.
Let's say you were grabbing a list of scholarly articles. While long articles may not lend themselves well to voice, it could be designed like:
function list () {
const app = new DialogflowApp({request, response});
app.askWithList('Alright! Here are some articles about memristors! Which do you want?',
// Build a list
app.buildList('Memristor Research')
// Add the first item to the list
.addItems(app.buildOptionItem('TITLE_OF_FIRST_PAPER',
['title of first paper', 'first'])
.setTitle('Title of First Paper')
.setDescription('S. Smith, Ph. D')
// Add the second item to the list
.addItems(app.buildOptionItem('TITLE_OF_SECOND_PAPER',
['title of second paper', 'second'])
.setTitle('Title of Second Paper')
.setDescription('H. Paul, Ph. D')
)
);
}
In this snippet, if I say I want the first article, it will give me that one without me having to give the full title while still keeping the interaction hands-free. The key will let me identify the article that should be read.
You can use the title of the paper or perhaps the link URL in order to handle it and present a card with more information including the URL.
You do not need to have each URL manually approved. The documentation states:
Links to sites outside the developer's domain are allowed.
Link text cannot be misleading. This is checked in the approval process.
As long as you are being straightforward about it, users will be able to directly open the paper in a browser by clicking on the link in the card.
More information is available in the documentation
You can create list in action on google should have minimum of two values and maximum of 30 values.
For sample code here :
https://developers.google.com/actions/assistant/responses#sample_code_2
Considering a Unity project from ~3 years ago, and using Facebook graph I'm pretty sure it was 1.0,
You could post to a user's wall like this:
private byte[] imageAsBytes;
Texture2D im = ... your image
imageAsBytes = im.EncodeToPNG();
Dictionary<string, object> dct = new Dictionary<string, object>
{
{ "message", "Marketing message here" },
{ "picture", imageAsBytes }
};
Facebook.instance.graphRequest(
"me/photos", HTTPVerb.POST, dct, completionHandler );
As has been made known for many months now, there is a change to this coming.
With Facebook 2.1 being required as of this Aug 8, I'm rather confused about, simply, whether this still works in 2.1?
in short, how to post an image to the user's wall, in 2.1?
Note - here's where to find the important resource CBRoe mentions below...
Note that the only problem with the alternative, FB.FeedShare() is that, as far as I understand, you can not actually post an image (sure, you can link to an image at a URL).
This isn’t deprecated in any way. But since API v2.0 you need to get the necessary permission reviewed and approved by Facebook, before you can ask normal users for it.
And yes, this is a rather major change - but that's why it was announced way ahead of time, via a lot of channels. We all know how fast the IT world moves and changes- so I think you can not put the blame on Facebook here. If you were "out of the game" (this particular one) for over three years, you just have to go and find the resources that a) list what's changed, and b) what the current state of things is. And the developer section does both. The changelog has already been mentioned, and for example the need to get permissions reviewed now is also mentioned on the starting page for Facebook login, right at the top under Essential Guides.
Plus, Facebook actively informs you about changes - if you let them. Go to https://developers.facebook.com/settings/developer/contact/ where you'll find several options to get informed about specific stuff via e-mail.
You can check the changelog to see what changes happened https://developers.facebook.com/docs/apps/changelog. There are no changes for /me/photos as far as I can tell.
It is possible to use image data or a URL.
See https://developers.facebook.com/docs/graph-api/reference/user/photos#Creating for more info
Is there a way to get the numeric company ID from the URL of a company page on Linkedin? This ID is the one I'll use to query the Linkedin API and get more information on the company.
I need to get the ID from the information provided with the URL, to use it to get the rest of the information related to the company page.
It seems unusual to me that you need to dig in the HTML code to get the company ID you need to use to interact using the Linkedin API, so correct me if I'm wrong.
I know there have been similar request handlers, but I'm wondering why there isn't a handler available to get the company ID like there is to get the profile id from its url:
https://api.linkedin.com/v1/people/url=xxxx
I know there is the search company handler, but that is a text based research and I found myself with some inconsistent results from time to time.
I don't want to crawl the company page for the ID since I get blacklisted by Linkedin if I do it too many times from the same IP address.
I am aware of these answers:
how to get companies id from linkedin jsapi
How to get the company id from Linkedin Company URL in PHP?
LinkedIn API for Company Directory
But they seem outdated or marginally related to what I ask and since LI API has changed much over the past year, if there was any development on this.
EDIT: added more info on the kind of ID I am looking for. I had erroneously marked #display's answer as correct but unfortunately it's not what I am looking for. I am referring to the companyId that I'd use to query the Linkedin API concerning that company.
June 2020 Update
Most of the above methods no longer work, including using the jobs page URL and hovering over search results. The 2019 update by #rinogo almost works. To make it easier, paste this script into the console. Of course, updates from LinkedIn may case this to fail eventually.
(() => {
const name = document.location.pathname.replace(/^\/[^\/]*\/([^\/]*)\/?/, '$1');
for (let json of Array.from(document.querySelectorAll('code'))) {
try {json = JSON.parse(json.innerText);} catch (e) {json = null;}
if (json && json.included) {
for (let incl of json.included) {
if (incl.universalName === name && incl.objectUrn) {
return 'Company ID for [' + incl.universalName + '] is [' + incl.objectUrn.substr('urn:li:company:'.length) + ']';
}
}
}
}
return 'Company ID not found';
})();
2020 update
Please see Whatabrain's answer.
2019 update
Arbitrary Pages
The solutions provided previously are outdated. The following is not the best solution, but it will work in a pinch. It does require "crawling", unfortunately. (I know this doesn't answer OP's question, but it should help others who arrive here since this is the top Google result)
View the HTML source for the "home page" of the company whose ID you are trying to discover. Search for the string, https://www.linkedin.com/company/. The first instance of this string on the page is followed immediately by the company ID.
You can verify that you have the right company ID by visiting the entire link (including the Company ID), e.g. https://www.linkedin.com/company/123456.
If this approach stops working at some point, please comment below and I'll update this answer.
UPDATE: I'm using the strategy today (7/2/2019) and am finding that the last instance is currently more reliable due to some changes made by LinkedIn. Ultimately, the overall strategy remains sound. View the source and find some repeatable way to search for the company ID. It may take some experimentation to find a reliable approach.
Pages with admin rights
If you have admin rights to the Page, finding the Company ID is trivial. While signed in, visit your Company Page. The Company ID is used right within the URL.
For example:
Admin URL for Company Page: https://www.linkedin.com/company/123123123/admin/
Company ID: 123123123
Or, you can of course use the API to find the Company ID for any Company Page of which you are an admin.
We can obtain the company id from the url of a company page. For this we must have a valid linkedin account.
Once you are in the company page, just check the url
https://www.linkedin.com/company/123456
The numbers given as 123456 is the respective company id.
Hope that you meant this company id.
The way I got the ID is by going to the page, and clicking "View Jobs" (as long as they have some).
Then the URL will have the ID on it:
https://www.linkedin.com/jobs/search?locationId=OTHERS.worldwide&f_C=12345678
To find your LinkedIn company ID:
Open LinkedIn in a new tab
In your search results, select your company page.
Navigate to the URL at the top of your company page.
Copy the number immediately following 'www.linkedin.com/company/' but before the question mark.
Solution provided by: https://support.klipfolio.com/hc/en-us/articles/216181827-Use-LinkedIn-as-a-data-source
Anyone still looking a solution, please follow:
Go to https://developer.linkedin.com/plugins/company-profile
Type the name of the company in the Company Name box and it will suggest the name.
Once you select the Company page, click on Get Code button.
You will get the company page id with data-id.
Screenshot:
Successfully used this method 2/27/2019.
Search for the company in LinkedIn.com
When located in search window, HOVER over the company name.
Locate ID at the bottom showing where the URL will direct.
Hovered over company name in top arrow, gathered ID in displayed URL at bottom arrow
I have a much easier solution that works! (15/01/2019)
Go to the company's page e.g. https://www.linkedin.com/company/something
Then view the source (CTRL+U in Chrome). Search for the expression "company/". The second match contains the ID! Have fun.
I am working with GWT / RequestFactory and a set of customer requirements regarding permissions. Let me explain a basic example:
Every user is assigned to a company. Every user should be able to edit company's core data - but only e.g contact information, website etc. Security-relevant ones like BIC/SWIFT, IBAN, Company name and so on can only be changed if the user has a certain permission XY.
So far so good, on the client side I can check the permissions and disable those fields the user is not allowed to edit. But what would be the most elegant way to ensure on the server side that those fields have not been set without permission?
My problem is that I cannot track changes on the server side. Having #PreAuthorize on every setter is not an option too, because it would end in an authorization-massacre in each and every entity.
At the moment I am following a workaround: every field that is secured / depends on a given permission is passed as an argument to the entity-method and is excluded from the proxy. That way, values cannot be set using the proxy and I can check in my server code if the user has permissions. If not, nothing happens. If user has permissions, I set the values manually. But that produces a lot of boilerplate-code and ugly method signatures because the number of values passed to the method could get large.
I hope you understand my issue. I'm looking forward for your opinions and tips. Thank you in advance.
Well, you can receive many answers (different each other), and all of them could be right, so, at the end is your call. Wait for others answers. I am going to give you the approach that I followed (and it worked pretty well). :D.
Under my opinion, the server should do less as possible, so keep the logic for allowing modify each param on the server I think it is not a scalable solution (if your system has 1M users modifying everything at the same time, will your server work fluent?). I prefer let the client do the job (like Roomba :D).
For solving that problem, in our system we implemented an Access Control List solution. You can store in your db, on each user entity, a list with granted permissions. So, when that information arrives to the client (after user's log in, for example), you can get them, and show the fields that he/she is allow to modify.
Something like:
if (canModifyPersonalDetails(user.getAcls(), ...) ) {
//show labels ...
}
if (canModifyBankDetails(user.getAcls(), ...) ) {
//show labels
}
You can not avoid server call for log in, so it is not a big deal send the extra information (think about the ACLs could be simple list of integers 0 means personal details, 1 bank details....).
If you are dealing with very compromised information and you prefer do some stuff on the server, in that case probably I'd set up a security level, when you are persisting/updating your proxy, I'd do something like:
if (isAllowForPersonalDetails(user.getSecurityCode()) {
//update the modified personal details
}
if (isAllowForBankDetails(user.getSecurityCode()) {
//update the modified bank details
}
user.update();
I am a big fan of clear User GUI's, and a very big fan of let the server free as much as possible, so I prefer the first option. But if you have constraints for modifying user entity in db, or you prefer do not modify your views, or any constraint with security, maybe the second option is the best one for you.
Hope that helps!
Background: Completely new to MVC2. Has C# experience, but limited web experience.
I need more fine grained access than simply assigning a Role to a user. The user may have the role at 0+ points in a tree.
/
/Europe
/England
/France
/USA
For example, a user might be moderator of all forums under "Europe" and have access to posting news in France.
The two example controllers have actions as these:
ForumController:
public ActionResult DeletePost(int id) { ... }
NewsController:
[HttpPost]
public ActionResult Post(int treeID, ...) { ... }
How should I approach this? From what I gather Membership+RoleProvider cannot do this level of fine-grained control.
Previously I have written custom user/role/auth system which supported all this, but it was incompatible with "the standard" controls such as LoginView.
The goal would be to have roles allowing access like so:
NewsAdmin
Add news
Edit news
Delete news
NewsPoster
Add news
Therefore, the Post action of News controler should check: Does user have "Add news"-access where he is trying to post?
I would really like to somehow specify this using attributes, so the actual action code could be cleaner and just assume that the caller has appropirate access.
Hope the question makes sense, and I can get some pointers on where to read.
(Oh, and I'm sure this question has been answered in some variant before. I just can't seem to find it. I won't mind single-link replies, if you feel they might be helpful to read)
I think you're being too quick to dismiss the role provider. If a user had a role called NewsAdmin_Europe_AddNews that would pretty much answer the question, wouldn't it?
Once you've made your authentication scheme work with the role provider, you need to tie that into MVC. Subtype AuthorizeAttribute and override AuthorizeCore. Warning: Your code here must be thread-safe and re-entrant. Call base.AuthorizeCore and then test for the specific role based on the URI/query (you won't get route values since this can be served from cache, bypassing MVC altogether).
This is some work, but will be more secure in the end than trying to reinvent membership.