I'm using the Google Drive API to get data about a drive file with its fileID in order to tell if I can edit the file with the account that I set the credentials on the API.
However, I don't know which parameter should I use for this, the documentation for the API states that:
capabilities.canEdit: (boolean) Whether the current user can edit this file.
capabilities.canModifyContent: (boolean) Whether the current user can modify the content of this file
Are editing and modifying content the very same thing?
Related
Is there any way to overwrite permission to share drive item to specific users only?
e.g.
Case 1:
File1 is shared with User1. I want to share File1 to User2 only using graph api which can also remove User1 from share list.
Currently, Graph APIs are available to add the permission and to delete permission separately.
But, I need to deal with a lot of files to update the permissions and for each file I need to take difference of permissions (User list already shared and User list needs to be updated to share item) for drive item to delete the permission to remove User from share list.
Case 2:
Another case is to make File private to the user. Is there any way to make file private directly(possibly single api call)?. Currently, I have to delete each user permission from shared list(5 calls to delete permissions if file is shared with 5 users). Again, I am dealing with a lot of files.
[Edited]
More info: My use case is for Direct Access permission and Not link-based permission.
According to your scenario, I think you can create a sharelink for a file by using the following API: /sites/{siteId}/drive/items/{itemId}/createLink and grant access to sharelink accordingly.
Refer to the documentation here on accessing shared drive items.
If this doesn't help, consider raising user voice for your specific scenario so that it goes into our backlog.
I am using the Slack API to upload files. https://api.slack.com/methods/files.upload
If you include a channel when you upload a file to it becomes accessible to everyone in that channel, otherwise it is only available to the person who created the API key. Also, when a file is posted to a channel it displays as the user who created the API key.
Questions
Is a way to share with everyone on a team without posting the file in a public channel?
Is there a way to upload a file as another user or as a bot?
I tried files.sharedPublicURL, but these links allow anyone to view files. I want to make file accessible only to a slack team.
There is an option when on the channel info pane when you click "View all file in #channel" to "Include files from integrations & bots". This seems to indicate that it is possible to upload files as a bot.
Sure, by choosing in which channels you share the file, you can control who can see it. That also works with private channels.
No, a file must always belong to a user, a bot would not be sufficient. Also the file is always owned by the user linked to the access token used. If you want to rather use a generic user, A workaround is to create a generic user fort you Slack that is only used for bot-related tasks. (Mine is called slackadmin)
Friends,
I need some help on Word API Authentication.
Scenario:
Our articles has meta data which contains who can work on the articles (User1, User2), we need to know user_name (window's id) who logged into the machine so that we can authenticate the users against article metadata without asking them to log-in each time.
Workflow:
Article Creator Process is responsible for creating the document. This process will create word document and will be transferred to the user.
Article processor is adding custom xml part into document such as User Name, Document ID etc.
Authentication Rule is simple here. If article metadata contains your name then only you can work else not.
We need to match article meta data name with user who is opening the document. So here we need to know who log-ed into the machine.
How we can get this information for Online and Offline ?
We don't want our desktop users to enter the credentials again and again. For desktop which is (90% users will use desktop) is should be pretty straight forward, get user name and match it with article metadata.
Appreciate any help on this, any alternative solutions to handle this are most welcome.
There is no way to find out the current user's username. You can get the unique ID of the user in terms of a GUID-like entity, though, so I suppose you could store the user GUID into the custom XML part instead. The GUID corresponds to the Microsoft account or OrgID identity of the user.
See https://msdn.microsoft.com/en-us/library/office/jj164035.aspx for more info, particularly the "To load a test license from your Visual Studio project" section that describes the structure of the validation token.
Alternatively, if you can trust your users (i.e., it's just identification, not authentication), have them type in their name once, and then store it in the browser's localStorage.
How can I tell which paths have been granted access by the user? I know that with NSOpenPanel, the sandbox is automatically expanded to allow access to the directory the user chooses. Is this information stored anywhere so I can know whether I need to throw up an NSOpenPanel or not?
Or do I need to track it locally in NSUserDefaults or something?
You are responsible to store already-granted paths using the Secure Bookmarks, read NSURL documentation.
If you need to access to a path check if you have it on secured bookmarks (stored for example inside NSUserDefaults) if you have reuse it otherwise show the open panel
If you need to know whether the current execution of your app can access a particular path you can call access - see the unix man pages section 2. You can test for read, write and execute access, and the result reflects the current sandbox.
If you want to preserve access between executions of your app then you need to create security scoped bookmarks and stored them in user defaults or some other file.
My goal is to be able to generate a special URL that would allow someone to view a normally "protected" view temporarily. In fact, if they leave the page, any temporary authentication that was granted should be taken away.
Basically the problem is that I have content on my website that I NORMALLY want to be protected by requiring a login. However, I'd like to be able to give temporary access to a specific asset and not require a login.
Should I somehow use a URL with a query string that automatically authenticates the user? Or should I instead generate a separate page with that asset that does not require authentication at all?
edit: I forgot to mention that the generated link should be accessable for more than one person. In other words, it can't limit by the number of times accessed, but rather a time period or until we manually force it to expire.
You can create a database table like tokens, where you store unique access tokens which are valid only for 1 single request. In your action, this token could be a URL parameter. If no token is present in URL or if the token was not found in the DB table, access is denied. If a token was found, you delete it from DB and perform the action.
Now whenever you want to give someone this kind of one-off access, you create such a token and store it to DB. The token could be a random MD5 hash, that you generate e.g. through md5(mt_rand().mt_rand()). Then you can create a URL with that token as parameter and hand it out to the user.
You can also enhance the system and add an expiration time to your tokens table. Then you'd only grant access if the expiration time is in the future.
vyce: "It should first be for a rendered view that also contains PDF files."
If you have PDF files (or any other files) accessible under your webroot, anyone can access them at any time. So even if you will only serve a view to your user once, he/she could still get to the PDF file if they have kept the PDF's URL. The user can also share that URL with others.
This problem can be resolved by:
Storing the PDF file under the document root (or in another location that is made inaccessible with .htaccess)
Once you have determined that your user is allowed a one-time peek at the PDF, you serve it as described here