I'm cleaning up some config files to remove sensitive information from source control. Do I need to secure the form IDs that i'm sending data to?
No you do not need to hide them, the form IDs are meant to be exposed and even Portal IDs as well.
You can navigate to any website that is hosting an HS form and view the embed code to reveal either of those 2 attributes at any time.
Related
In my Sitefinity back-end there is a user section that I would like to add some setting. Something like DisplayLink where it would be a boolean value that I can set on Login of the user. Is there a way I can do that? I am using sf 14 and can't find anyway to add some setting for the user.
I believe this is what you need ...map the view externally and modify.
However keep in mind these views pull in the XHR JSON and you just expose it to the grid... Open your console and view the XHR network traffic to see the JSON object per user. There's a "Comment" field you might be able to leverage, but man the best way would be to just use a ROLE... because they can be filtered, and already come across in that JSON.
Another thing to note, is this is an OLD UI screen and likely will get revamped in the next few releases of Sitefinity rendering everything you're doing pointless... (have to re-do it with likely the new AdminApp Extensions)
So (for example) if a user selects their gender and pant size while searching on Shopify store, could those selections be saved and be in place when they visit again?
I'm open to switching to a new Shopify search app that would support this feature.
There a few approaches that you can achieve this.
Using cookies
You can save their choices as cookies and refer to them once they search modifying the search URL before redirecting or appending hidden files in the form so that they submit them as well.
Creating a custom app
You can create a custom app with only one purpose to save the information to the customer metafields or tags.
Once you have this information you will be able to use the same logic as the cookie one but instead of relying on a cookie you will have access to the metafields directly.
App
I don't think that there is an App that meets these criteria, but you can look it up. Yet it may be possible to hack up the Apps in a such way that you may be able to pass this information.
I'm creating tables via the Big Query command-line utility, but occasionally ad-hoc querying with the new web UI. After creating a table via the CLI, how do I refresh the datasets/resources section in the new Google BigQuery Web UI so that I can see the newly-created table? The old UI had a "refresh" drop-down menu item next to the dataset name.
I do not want to reload the entire webpage because it removes the text I have in the query editor and requires me to search for the tables again. I would ideally like to just refresh the list of datasets in the "Resources" section.
The BigQuery team is already considering the possibility to add the "Refresh" button that was available in the Classic UI, to the New UI, in order to be able to reload the datasets and tables on a project without the need of reloading the entire page, as is needed now in order to see all the changes in the BigQuery project.
There are already several public Feature Requests available in the Public Issue Tracker, but let me share with you the one which is receiving more attention from other users. Feel free to "star" this issue in order to highlight its importance and leave a comment if you feel like there is anything relevant you want to add to the discussion.
Rest assured that this topic is already being discussed internally and the BigQuery team will update the public Feature Request whenever there is any relevant information to be shared with the users.
I have found a workaround for anyone still waiting.
If you click the search box in the project/dataset "Explorer" sidebar, then press enter, it will refresh the list.
This one... https://i.stack.imgur.com/Uce18.png
This is now possible. From the release notes:
Cloud console updates: In the Explorer pane, you can now refresh the contents of a resource (project or dataset). To refresh the contents of a resource, click more_vert View actions, and then click Refresh contents.
I have 10 qlikview app in AccessPoint and for specific user i want to show only 7 app.
I don't wont to use Section Access.
I use NTFS authorization
And on folder Production (where save qvw app for browser) in Properties Security i remove specific user but he still see app...
How can I handle this?
By your description it sounds like you are using publisher.
If you want to display certain QVW's to certain users, then you need to setup the distribution to "Named Users", that way you can only add users to the relevant apps and the people that are not named will not see the QVW on the accesspoint.
Also make sure on the actual QVW (right click on it, properties, security) that only the relevant people have security rights on the file.
I am building a Javascript Web application with a Domino back end, using the Domino DDS REST api to do POST, PUT, and GET operations against the database. I want to use Authors and Readers fields in documents to control which users can see which documents and to give users with Author access in the ACL the ability to edit documents they have created. When doing a POST of a new document (implemented by the save() method of a new Backbone model) is there a way to designate one or more fields as Readers or Authors?
Doing a GET on an existing document returns a JSON object with an attribute named '#authors' containing the names and roles in the Authors fields. Is this attribute read/write?
Can I populate #authors with the desired values before doing a POST to have these values control author access?
My colleague says the Domino REST api makes no provision for setting Authors and Readers fields, and that this functionality can only be done through Java servlets. Is this right?
I'm not familiar with the Domino DDS REST API, but from what I gather it is doubtfull that when POSTing a document, you get to chose the type of the fields. I suspect they all end up as text.
What you could do however is to link the action of your form to a Domino agent which, using the backend Java or LotusScript API, will be able to control precisely the final shape of your document, hereby allowing you to fully utilize the powerfull security model of Domino.
Nevertheless, keep in mind that at some point, your users will have to authenticate against the Domino Directory. Depending where your users originally log in, you may need to talk to your Domino administrator to sort out a Single Sing-On scheme linked to your other directory.
Alternatively, you could take advantage of the fact that Domino is also a web server and an application server : you can build your HTML form in there, starting with a Domino form (simple) or an xPage (a bit more complex).
You may want to have a look here.
Some would say that you could even build your whole application in Domino, as using it as a mere back-end data repository is akin to using a Rolls-Royce to ferry potatoes, but I suppose that you and your organization have good reasons to do so.
Finally you could also completely ditch Domino and use another nosql database like MongoDB, but that would only displace your access control problem.
You can post data back to Domino and nominate a form to use. If you use the 'computewithform=true' parameter and the form design includes the authors/reader fields you need, this will set the field flags correctly and automatically.