I have an app users can create groups with each other, and want to sell (via monthly subscription) premium groups with some extra features.
With in-app-purchase, admin of group can convert it to premium group. And i store that info at database like groupstate: premium or groupstate: free. Depending on that child group becomes premium or stills free.
So when admin cancels the subscription, with check on every app start I can get the subscription info, cancel the subscription and turn group state to free. But if admin never logs in; I cant check the subscription is valid or not and other users will be able to use premium.
What kind of structure do i need to avoid that ? Any suggestions ?
Related
1.What is the major difference between Shopify partner and Shopify admin?
2.How to connect both?
3.Reason behind 2nd question is
only in partner site we can see the status of API health and
I can only see order/customer/product details in Shopify admin not in partner. In my use case I want to see order/customer/product details and also want to test GDPR webhooks. How it is possible?
A partner account can be created on https://en.shopify.hk/partners. When you create a Shopify Partners account, you gain access to a Partners dashboard, and you will become a Shopify Partner. By creating a partner account, you would become an admin of the partner account will be able to:
Create Development Stores: those are stores that you can create for free and use them to develop new Shopify themes, apps etc. Development stores do not have a monthly recurring hosting fees. However, they are password protected, and cannot accept any form of payments as the purpose is to either develop and/or test themes and apps. After setting up a development store, you can also change it to a Managed Store by transferring ownership of the store to a client who will then pay for the hosting, and make the store functional. This client will then become the admin of the store.
Create Managed Stores: those are stores that you create to sell; you pay a monthly hosting fees depending on the pricing plan you select, and users will be able to make payments through those stores.
Develop public/custom/private apps.
Link to specific stores: if you want to update the code on another merchant's store, which you did not create, you can click link the store by adding a Managed Store, then input their store URL, and send them a Collaborator Access Request. Upon accepting your request, their store would appear in your partner dashboard and you can access their store dashboard to see orders, customers etc. On the list of stores in the partner dashboard, you will see a Log In link to login to the dashboard of each store individually.
Add members: you can add members to your Partner Dashboard and give them different roles, and access to specific stores linked to your partner account. This way, if you want multiple developers to work on a store you have access to, they can access those stores (although the store owner will not know who is accessing, they would only know that it's being accessed by your partner account specifically).
For each store linked to your partner account, you will see whether it is a Development Store, or if it's a Managed Store, you will see the plan chosen. For Managed Stores, you can also click on Actions and completely Remove access for yourself by unlinking your partner account from the store.
On the other hand, a Shopify admin account refers to an administrator account specific to a store. For example, if you own a store, you would be the store admin. Each store can only have one admin, and a selected number of staffs. The Basic Shopify plan can only have two staffs. However, each store can have unlimited collaborators which mean, each store can be linked to multiple Partner accounts. Partner accounts only gain access to what the store administrator provides them access with. When you send them a collaborator request, it asks you if you would like to request access to everything, or only specific parts of the store, such as themes/apps only.
The company I am working at offers a web based calculation tool which has to be paid monthly (a fixed price for a license).
Normally, users go to our website and authenticate themselves with their credentials and then can use the application. When they cancel their subscription they are not able to use the tool anymore, obviously.
Now another company called us because they want to provide our application for their own clients. We have already fixed that they have to pay a license fee for every of their clients. But there is also a restriction: their users should not have to log in on any of our websites (only on the website of our client). But the web application is hosted on our server and is loaded as an iframe.
Now there is that problem that we are not sure whether our client tells us the correct number of people who use our application wherefore we would like to verify that in some way.
One of my ideas is the following:
Our client has to call an API for every users who would like to use our application in order to submit some information like name or an unique ID of that user
When the user would like to access our application, an ID parameter is appended to the iFrame URL
I think that this is not a very good solution because our client could use the same ID for every access and pretend that only one users uses the application. By saving the ip address and id of the accesses it is possible to determine fraud in some cases because ip address will not change frequently.
We even do not have to know WHICH user accesses the application but only the NUMBER of users per month.
I am interested if there is a cryptographic solution where it is hard to cheat. Something like an authentication method which does not require any interaction of the user.
Well you can't. You should require the partner to issue a token for each user so you know they came from the partner.
You could have the partner call an api you expose to issue a one time token for a user and specify user id and IP. You could alternatively have the partner digitally sign such a login request.
If you bill the partner per user, and the partner decitfull he could claim less users.
You can fingerprint the users, you can give long term coockies, you can check IP and fonts installed etc. These will allow you to detect most types of fraud.
If you give a declared userId a cookie and then see him again without it, you assign him a new cookie and then later see the first cookie again while the partner is always declaring same id that is a very strong indicator of fraud.
If I was the decietfull partner I would pair up geographicly close users and merge their IDs. it would look no different from a user with two devices. But this still limits the extent of fraud possible. Two devices per user is plausible. 10 less so.
Find business partners you trust.
The issue I'm having in Dynamics CRM 2013 is the ability to assign activities or appointments to a team and have those cascade downward into individual users. The end goal here would be after assigning a lead or activity to a team, the users within that team would receive notifications, emails, etc. and those records would integrate with their 'my' sections of CRM.
The issue I see with this is that only 1 'Owner' can be set for a new record in all areas of CRM, and the 'my' sections are based off of the Owner. Therefore the users within the team won't be notified.
We are currently using a service to pull from an existing database and populate CRM, assigning new leads to a Team which contains multiple users.
Does anyone have a recommended method to do this?
Thanks for your time.
Either give the users a view of "Leads owned by Teams of which I am a member" or possibly use Queues, which are pretty much designed for the scenario you describe.
New items assigned to a Team will be added to the Team's Queue. Users can see all Queue Items not yet being worked on (from all Queues they have access to, including all Teams they are members of). A user can "work on" an item to show they are dealing with it so it no longer appears in this list of items to be worked on, and instead appears in their own list of items they are working on. A user can either complete the item or 'release' it back into the queue.
Queues can contain items of different types, eg Leads, Tasks, Cases etc.
Background
My iOS app supports multiple user accounts, but the user can only be logged into one account at a time. The app also offers a subscription service ("credits" in the form of a renewable In-App Purchase).
I'm having trouble keeping the in-app subscriptions separated to the specific user account that bought them. If a user buys credits on Account One and then signs out, and another user signs into Account Two (on the same device), the SKPaymentQueue still proceeds with the renewal process for the purchases from Account One (and, consequently, triggers the logic that unlocks those credits).
Question
What is the correct method of handling renewable in-app purchases for an app that supports multiple accounts? Is there any way to keep purchases from "overflowing" into other accounts on the same device? What else should be kept in mind?
I'm pretty sure what you're trying to do isn't possible. In-app purchases are tied to the Apple ID that purchased them. That means that if the user is logged into an Apple ID that has purchased the subscription, you are always going to be told it is available. A single user can't purchase the same subscription multiple times. The only way would be to force an Apple ID change when they change users in your app, which I'm almost certain you can't do.
I have a situation where an office just created a couple of dozen shared meeting room calendars for all of their office meeting rooms. There are about 100 or so employees. The plan right now is to send a document around to all of them explaining how to add all of these shared calendars to their outlooks. We are running a mixed environment with some outlook 2010 and some 2007 clients and the exchange server is 2010. IS there anyway to "push" all those calendars out automatically from exchange or is there a VB script that we could run on each computer to automate the process of all 100 people adding dozens of calendars?
My recommendation is don't!
When you open your copy of Outlook, there is a pause while Outlook synchronises everything. One of the things it has to synchronise is any calendars. This can be a slooooow process particularly with busy calendars which I assume your meeting room calendars will be.
I have experienced slowdowns when utilizing more than 12 calendars in shared mode if the access is higher than reviewer. However, I have created my own workaround. Don't use direct booking. Use an auto-attendant based access.
If you want many people to be able to alter the events, then you can do so by checking out the following:
Situation: When allowing multiple people to access and send the same event, you give them access to one another's account in most cases. This is unacceptable by security standards.
The fix:
Create an equipment calendar that can be used as a Department Calendar. This is essentially the Exchange version of the corkboard calendar. Everybody can add notes and send the updates through from this calendar. How? Follow this paradigm: Everybody is a part of some grouping for security. This security grouping in AD is Universal. In Exchange you tie a Distribution list to the Security Group that's in AD. Now you can email the group. The group is the department.
The calendar you create as an equipment calendar will have some extra functions built in, right out of the box. Using a shared calendar or folder in public listing, you'd have to script it all yourself. Grant the group (not a single user) full access, and send as.
For the delegate, only the managers of the group or calendar (which could be a separate group that you set up to include a receptionist and the manager for scheduling purposes). Allow the boss to auto-book, along with the receptionist. The others do not.
Set the recurring policy and other policy settings. Let nobody book out of policy. This is not a room, it is a cork board. When people don't follow the rules, they can lose access. Grant access to the Distro group to the boss and receptionist. Then, allow them to add anybody on premises that's in the department. Now you have the calendar set up.
When they need to lock an appointment for editing, they go to the receptionist and have them book it, Sending it As their own personal ID, or go to the boss and have that person do it. If it's a team shared meeting that will be noted and continually edited by all, you have anybody book it and send as the cork-board.
Since they all have full access to the cork-board, they can edit the calendar, and since they have send as, they can send the updates to everybody. Now you just add the group as a recipient and they all get an invite. Set them up with sync, and they'll always be able to respond.
Have the responses marked read then autoredirect to the receptionist who can remove those who are busy from the attendees. Now you know who's at the meeting. Anybody can add themselves by clicking Copy to My Calendar, and they'll show up as an attendee, forwarding their response to the receptionist, who can make any other arrangements necessary. And so on.
If you make sure that the Calendar attaches the name of the booking ID to those events that are booked from outside it (receptionist and boss), they'll know which events they shouldn't delete. Want to forgo that ability? Script a change in their access to the calendar, set the Calendar itself to be able to EDIT OWN, DELETE OWN. Set all but manager and reception to Edit OWN, Delete OWN. Set Manager and reception to Owner access.
Now they can all still edit and send using the calendar, but only the manager and Receptionist can actually lock events.