I have created an app on Podio. Items are attached to that particular app. In the items there is an option to upload an image. Now I am authenticated with the App ID and App Token from Podio PHP API. I get the file object and grab the thumbnail link. The thumbnail link is working on the browser where I am already logged into to Podio. But it does not working on private window. It redirects me to login page.
So my question is how could I get public access to the thumbnail link?
Short answer: you cannot.
Long answer: when Podio hosts a file, it checks if you're authorized to view it. So if you're logged in and viewing the url through your browser, it will show, otherwise not.
You would need to copy the image to a publicly accessible location. For example, on your web server:
$file = PodioFile::get($file_id);
$raw = $file->get_raw();
file_put_contents("/var/www/html/image_path/".$file->name, $raw);
Then you could view the file:
http://my_domain.com/image_path/image_name.png
You can get a "public url" for a file stored in image field using Globiflow (it is now available with a premium plan). I guess it adds some kind of a proxy layer for private files. So you may add a special field to store this public URL, set/update this field value with Globiflow workflow and use this URL for public pages.
Have not found public documentation for this, but the value "Public URL" is currently available for image fields, I've specially checked.
Related
I have configured Hippo CMS and I am using content (simpleDocument i guess) to show content on my site. I want to get the logged in user as the content author and show it in the website with the content. Currently I am using content blocks and added a text field (author) and i am accessing it with ${document.author?html} and I saw in cms console that there is a property named createdBy in this path /hippo:namespaces/hippostdpubwf/document/hipposysedit:nodetype/hipposysedit:nodetype/CreatedByI want to know how to access this property through freemarker.
Thanks !
you can do this by creating a method in your bean and use getProperty("hippostdpubwf:createdBy")
hth!
I am trying to create a web page which will allow my user to upload a file to my S3 storage. For choosing the file user can use Google Drive, Dropbox and also local system. Am facing issues while implementing the Dropbox part of this.
Am using this technique for integration(using core API and OAuth 2).
First when user chooses Dropbox i am opening an HTML page in an IFrame. Here I have an authorize button which will open the authorize endpoint mentioned in the above link. This link shows me X-FRAME-Options error inside the Iframe so i had to open this link as a popup to work.
Is there a way around this? I'd like the authorize URL to open in the same iframe by using location.href.
Also when i open it as a popup, after the user logs in successfully the redirect_uri which i pass i getting opened in the popup. I had to do some unconventional setInterval coding to go around this. Can someone suggest a solution for this as well?
I also tried using CSRF tokens as mentioned in Smarx's blog but this also gives me the same error.
EDIT :
#smarx i tried using dropbox.js and it works fine. Stuck at one place
I used the OAuth popup driver and have a button which says sign-in.
First on load i create the client and then the popup driver as below
client = new Dropbox.Client({ key: client_id });
client.authDriver(new Dropbox.AuthDriver.Popup({
receiverUrl: "http://localhost/uploadCare/dbcallback.html"
});
);
And in the call back html i am writing
Dropbox.AuthDriver.Popup.oauthReceiver()
as mentioned in the docs.
But this does not take me back to the original page and show me the list of files.
I particularly did not understand this part of the explanation
"To use the popup driver, create a page on your site that contains the receiver code, change the code to reflect the location of dropbox.js on your site, and point the Dropbox.AuthDriver.Popup constructor to it."
Could you please help me out here.
You definitely can't put dropbox.com into an iframe, for security reasons (e.g. clickjacking).
A few suggestions:
Can you just use the Chooser for your use case? That would certainly be easier for you and your users.
If you can't use the Chooser, is there a reason you're not using dropbox.js? It has a popup auth driver that will pretty much just take care of all this for you. The redirect will definitely happen in the same window as auth, so communication between the windows (usually via localStorage) is generally necessary. This is already done in dropbox.js.
I have a mobile XPages application which uses the single page application control (xe:singlePageApp) of the XPages extension library. The application also uses a workflow engine which sends out emails with links to documents to users so they can approve requests.
The link URL is composed like
http://hostname/app.nsf/m_page.xsp?action=openDocument&documentId=2A2A#requestForm
where requestForm is the name of the appPage containing the form to display a single request document.
If the user is already logged in, the browser opens and displays the document as intended.
However, if the user is not already logged in, the Domino login form is displayed (session based authentication). When the user then logs in, the same XPage is opened, but to the default page (selectedPageName attribute of the singlePageApp) instead of the appPage with the pageName requestForm. The reason for this behavior is that after submitting the login form the anchor part (#requestForm) is no longer present in the URL the browser is redirected to because the #requestForm-part is never sent to the server where the redirect URL is computed in the first place.
Possible solutions I can think of are
put the intended pageName in a real URL parameter (like documentId), parse the URL and modify the browser location (from ...&documentId=2A2A&pageName=requestForm to ...&documentId=2A2A#requestForm)
check the URL for the existence of the documentId parameter and modify the browser location (add #requestForm) if it is present
modify the Domino login form as per Jake Howlett's Suggestion (which is a not always permitted)
I was wondering now if there are more elegant solutions to this.
I would take the first option in your case. But instead of handling the url change at the client-side, I would handle this on the server-side. Otherwise, client will load the initial page once and submit an additional request to the server.
On the beforePageLoad event:
var url:XSPUrl=context.getUrl();
if(url.hasParameter("pageName")) {
var pageName=url.getParameter("pageName");
url.removeParameter("pageName");
facesContext.getExternalContext().redirect(url.toString()+"#"+pageName)
}
This will do the redirection before loading the page.
I created a custom action and object.
The only problem I have is when publishing to FB, clicking on the icon or on the title redirect the user to a blank page instead of my application.
Where can I set the redirect link?
The only url I see is the one in the opengrap html but this one is suppose to be the adress of the og wright? (
This link might help.
Basically, when the opengraph action is executed by your app, it sets the url that represents the object (which provides all the metadata for the object) and is also the URL that a user is sent to when they click the action in facebook.
E.g. https://graph.facebook.com/me/[YOUR_APP_NAMESPACE]:cook
?recipe=OBJECT_URL&access_token=ACCESS_TOKEN
In this case, the cook action is being called, with a recipe object with the given OBJECT_URL. At that url, a page should exists (generated by you), with all the facebook metadata in the head tag so that the object can be correctly created, but also with actual web page data for the user to view.
Another link worth looking at for a working example is here
I am trying to use https://plus.google.com/share?url=<URL> to programmatically share a site to a private circle on Google Plus. It's not a problem when I use an externally visible website, but I would like to share a private URL (host on an internal network).
When I use a private URL, the plus sharing page shows a spinning icon, as though it's trying to access the internal URL for content, and the 'share' button remains dim - I cannot move forward.
I tried adding noverify=true or verify=false, etc to the GET line, but that didn't change the behavior. I suspect it can be done, because I can post private URLs via the taberareloo plugin on chrome.
Is there a way to skip probing the provided URL link, or otherwise post a private URL when posting to Google plus circles using the https://plus.google.com/share?url=<URL> mechanism?
Thanks.
No, there's no way to skip the fetch of the target page when you use the share link.
The fetch is how the snippet of your page, that is shared to Google+, is created. Without this fetch there would not actually be anything to share.
Kind of a funky workaround, but you could have a public page which is just a redirector (not a 301, but rather a javascript or meta redirect), and provide that link to G+. It would understand it to be a normal public page, while the user experience would be to get redirected to your internal link.