I have a problem when I want to display users that have mentioned the searched user on my application.
I'll explain:
At first when I launch the program I need to allow the application to use my account to allow me doing some search.
After that, I can search twitter users on my application and display some information about him.
The problem is the following,
when I want to display the users that have mentioned the searched user, it fails!
It just display :
*the users that mentioned me (when I search myself)
*I appear in users that have mentioned the searched user list if I mentioned him recently,
So, the application search mentioned list not with the searched user but with the logged user!
I don't want it.
I m developing the application on c#/XAML and I am using linqToTwitter.
Can someone help me please?
The Twitter API for user mentions only operates on behalf of the authenticated user. Therefore, if you wanted the mentions of a user, you would need to have that user's permission to operate on their behalf. i.e. if that user authenticated with Twitter through your application. Then you would have their OAuth tokens, authenticate on their behalf, and perform the query.
Another approach that isn't as reliable is to use the Search API, adding their ScreenName as the Query. You can verify that a Status returned by the search is a valid mention by examining the Status.Entities.UserMentions collection property.
Related
I'm currently using a SharePoint account as a Service account to get files and share them in an application I'm working on using CSOM. I filter the files according to the logged-in user to check if the user has no access to the file, then I hide it, to prevent him from trying to access it and get "Permission Denied" error.
So, I used ListItem.GetUserEffectivePermissions for this issue, but I need to grant the user only the permissions he needs to access and make that check.
I checked the official documentation of ListItem.GetUserEffectivePermissions here but unfortunately, I found no direct clue which permission does the job.
So to recap what this service account needs to do is :
1- Execute Search across all sharepoint files [SearchExecutor].
2- Get Login Name by Email using Utility.ResolvePrincipal (to be used in GetUserEffectivePermissions function).
3- Use GetUserEffectivePermissions to check if the logged-in User has permission to view the file.
I'd really appreciate your help as I'm kind of new to SharePoint and I searched a lot but found no clue about what I need.
I would recommend that you change your architectural approach. Instead of trying to manage what permissions a user has in SharePoint, let SharePoint take care of it like it already does. Instead, have your app use an OBO (On Behalf Of) token which will honor the logged on user's permissions in SharePoint and only return items that the user has access to. For a detailed overview of the OBO flow in MSAL, please refer to this article.
I need an advise. I'm building a Web API for my app and I need to auth users who use it. The user will have access to his data, but may have access to others users data as well. In my database I manage the users and what other users they have access to (you might think of it like in Facebook where a user has access to his profile and his friends profiles, but not to other people profiles).
In my app, the user enters a username and password, and those are saved encrypted on the devise. They are later sent (via SSL) to the API on each call - what I've done is implement a Basic Authentication. If there is a better "best practice" to work please feel free to suggest - I'm new to this.
So far it works - but the problem is that working like this
the user once authenticated also has access to other profiles - what I would like to do is have him only get the profile (http://myaddress.com/Users/{id}) that belongs to him and the items that he owns (http://myaddress.com/Users/{id}/items) - and not for profiles and items by other users.
If the user is trying to access a profile or items of another user that he is connected to - allow that access.
What I thought about is passing the requested URI to my login method, and then check what user / resource the user is trying to access and than check the database - but that seems like a lot of work and a lot of IF statements.
So before I start writing, I thought I'd ask to see if there's a better way to do this. I have the HttpActionContext, I just don't know how to use it to my advantage.
Hope I was clear about my question. If not, feel free to ask for clarifications.
So you identify the user from his/her credentials that are sent on every API request. Could be switched some token based flow, that user authenticates just once and gets token(acts like user credentials) which is then sent to back-end API on every resource request. Then you can control the token, revoke access etc. What you could is make some kind of permission service, that all resources/objects have permissions attached to it and then just assign needed persmission to users read/write to this object maybe. Might be a massive task to implement. My opinions.
I created a website using HTML/CSS to display a SQL reports index. This has worked fine up till now because users needed access to a security group and something inside SQL to view the report and the data fields. We are now getting to the stage where there are too many reports and some have sensitive names so we need to limit access based on Active Directory security groups. Thing is that I have no clue at all how to manage access via AD Groups. I have managed to get basic AD authentication working for another project that I deployed for the company, but that didn't require access beyond Domain Users.
Could anyone please point me in the right direction to authenticate via AD, check a user for groups and then display info based on their access. The last bit should be really easy, the hardest part will be checking group info and then filling a variable that I can then use to create a loop that will display all the reports the user has access to.
I have found a partial answer. The below link is a guide on how to pull all AD groups a user belongs to and then checking to see if they are a member of a certain group. This is largely what I was looking for and if I can meld it into what I want, I think I can use this to do what I need.
http://www.c-sharpcorner.com/UploadFile/scottlysle/test-for-user-group-membership-in-Asp-Net-C-Sharp/
Alternatively Microsoft windows server can also run LDAP which has an unbelievable number of compatible libraries to code with.
tutorial linked, its just another server role/feature you can install (like ad itself)
http://osqa.sjsoft.com/questions/248/how-do-i-install-minimal-active-directoryldap-services-on-windows-server-2008
also here is a Q.A.D SO answer to querying user-groups are you using windows framework like asp? whats your server technology?
Query From LDAP for User Groups
I know there are a lot of questions out there for facebook integration, and a lot can be read of off developers.facebook.com - which I did. But I'm missing some clear and precise answers as to what I can actually do in terms of my project.
So I know I can connect my website with a facebook account, and as far as I can read it's possible to "attach" a facebook account to a user in my own custom user-database. Correct?
I'm looking primarily to be able to do this, but not necessarily require the user to have a facebook account to use my app. And as far as I've understood, this is possible too.
To provide context I'm building a specialized photo sharing app.
Where it gets iffy for me, is if I choose to have the ability to comment on a picture on my app. I know there is the social plugin "Comments" for facebook, but how exactly would this work? It would store the comments in facebook would it not? And if a user with no facebook account registers at my site, he won't be able to use the comment feature? Can he even see the comments? Is it at all possible 'hook up' facebook comments to a custom comment-feature on my site? So the user without facebook can still comment?
And this whole integration - would it require the user to 'install' a facebook app (mine) on facebook?
"So I know I can connect my website with a facebook account, and as far as I can read it's possible to "attach" a facebook account to a user in my own custom user-database. Correct?"
Correct, you use the userid that Facebook provides to identify the user.
"I'm looking primarily to be able to do this, but not necessarily require the user to have a facebook account to use my app. And as far as I've understood, this is possible too."
Yes, you just need to built the extra functionality into your app (allow for registrations coming from FB or a regular form from your website). You might want to have a look at Facebook's registration plugin.
"The plugin also allows users who do not have a Facebook account, or do not wish to sign up for your site using Facebook to use the same form as those who are connecting with Facebook. This eliminates the need to provide two separate login experiences."
"I know there is the social plugin "Comments" for facebook, but how exactly would this work? It would store the comments in facebook would it not?"
Yes, it stores them on FB, but you can access them and replicate them into your database via the Graph API. Read this for details.
"And if a user with no facebook account registers at my site, he won't be able to use the comment feature? Can he even see the comments? Is it at all possible 'hook up' facebook comments to a custom comment-feature on my site? So the user without facebook can still comment?"
The comments feature will not be tied to your site's registration, since it does a separate auth check. Unfortunately, the comment plugin does not support anonymous comments, or pushing comments into it from another app, so a user will have to have an account in Facebook, Yahoo, AOL or Hotmail to post a comment. But all users will be able to see the comments, regardless of account status (you can control that from your code of course - e.g. hide the comment plugin for a user group).
Besides FB's plugin you can have a look at other solutions like Disqus (http://disqus.com/), which supports multiple login sources AND allows for anonymous comments if you want.
I've an InfoPath form that the filler needs to specify people. A workflow later assigns tasks to these people. What I'm looking for is a people picker like what SharePoint has for user fields, but that I can use in InfoPath. I've already designed a form to do this where the filler can put in a name or email and the form will list results from the site.allusers group.
The problem is, what if the person that needs to be added into the form has never accessed this particular site collection before. Their account isn't going to be listed in the AllUsers list.
Where in the object model can I search for a user that is able to authenticate with SharePoint?
Why not just use the OTB one in InfoPath and configure it to point to your SharePoint environment?
http://www.sharepointassist.com/2009/02/27/adding-a-contact-selectorpeople-picker-to-an-infopath-form/
If your running MOSS with AD integration, then it should automatically retrieve everyone that's in your domain if AD synch is enabled.
I think that the problem here is that even if you do find a list of users, the workflows won't trigger any actions if the users don't exist in the User Information List.
If the users don't exist in the User Information List, then you won't be able to find them via the SharePoint object model because they don't exist in SharePoint. You will have to find them some other way.
So basically, it depends on how the authentication is configured on your SharePoint server :
If you are using FBA, then the users who can authenticate with SharePoint must exist in a SQL database somewhere. Membership.Provider will give you a hook on your FBA membership provider (whether it's a SqlMembershipProvider or something else). You can then use methods like
Membership.Provider.GetUser(username)
to see if a user exists. You can also loop through your users or find all the existing usernames which you could then display in your people picker.
If you are using windows authentication, you will have to look in your AD to find the potential users. The DirectoryEntry object is what you'll need. I imagine that only users from a certain AD group can access SharePoint? If so, then isolate that group with the DirectoryEntry object, loop through the users and you will have your data source for the people picker.
As I said above though, either method will give you the possible users, but it won't make the workflow work if the users have not logged in. Workflows will only work properly with users that do exist in the User Information List.
When someone picks a user that doesn't exist in SharePoint, you will probably have to create it via code. A safe way to do this is with the SPWeb.EnsureUser.
Checks whether the specified login
name belongs to a valid user of the
Web site, and if the login name does
not already exist, adds it to the Web
site.site.
So really, to answer your question, nowhere. You need to look for them where they could be coming from.