Limit User Access To Particular Group/Device , Alarms , Events , Measurements - cumulocity

I want a user to only access a specific device in a group and alarms , measurements , events , related to that only.Kindly check and respond.

To limit acceess the access of a user to a group of devices, assign inventory roles to that user.
For more details, please see the Administration App user guide here: https://cumulocity.com/guides/users-guide/administration#inventory, see chapter "Assigning inventory roles to users".

Related

Bigquery - (GA4 data) - why the number of user ID's do not match Unique Users Metrics?

I do have my GA4 property connected to Bigquery. I use my own user_id for tracking - its available once someone logs into my app.
For some reason, when I'm trying to build a report User ID string vs Unique Users, some ID's have more than 1 Unique User reported. Showing an example on the attached image.
Why is that and how I can fix that situation? I'd expect that one ID = One User
User ID vs Number of Users

Firebase / Google Analytics

I am using firebase sdk with Expo. In order to link users accross sessions and different devices we use the following setUserId(user._id).
This occurs after a user logs in and authenticates.
On logout I call setUserId(null).
My questions is: does setting the user id to null erase the previous user tracking data from GA. Should I be setting to null at logout? I can't find any concrete documentation on how setting to null impacts the data collection.
The goal is to track unique users across months, years etc. Is the above configured correctly or is there some issue with setting to null on logout.
You can remove the User ID by setting it to null or replace it with a new user ID. userID is just a user property that goes with all events after it is set so you need to set it to null when user logs out and set a new user ID when a different user logs in.
From documentation:
The value of the user property. Values can be up to 36 characters long. Setting the value to null removes the user property.
https://firebase.google.com/docs/reference/android/com/google/firebase/analytics/FirebaseAnalytics#setUserId(java.lang.String)

Implementing custom user permissions in GraphQL and Hasura

I am creating a webapp that allows users to communicate in several different rooms and am hoping that I can use GraphQL and Hasura for this project. There will be admins which can create/delete rooms (wow-room, lol-Room, pubg-room), create/delete users, and create/delete permissions (admin, wow, lol, pubg) along with assigning roles to users. Users will be able to see any the rooms which they have the permisions to.
The problem is, I want to be sure that only the admins can create/delete these rooms/users/permisions and that only the correct users can see these rooms. Is there a way I can get Hasura to check the permissions of the given user and return the appropriate data? I believe that I need to write a custom resolver but am not sure how that is done or if it is the correct solution.
While Hasura can handle dynamic roles (you can use the API to create new roles and new permission rules on the fly) with Hasura, I think in this case that's not required.
The problem is, I want to be sure that only the admins can
create/delete these rooms/users/permisions and that only the correct
users can see these rooms. Is there a way I can get Hasura to check
the permissions of the given user and return the appropriate data?
Hasura allows you to set a permission rule that traverse relationships which makes this possible. Check out the article-collaborators example in the Hasura docs.
Assuming that your models are rooms, users and room_users and you have the relationships set up so that room.users returns the list of users for a particular room, the permission for a user role on the rooms table can be expressed as follows:
Allow SELECT on a row in rooms if
rooms.users.id: _eq: x-hasura-user-id
This translates to: if a room's users list contains atleast one user_id that is equal to x-hasura-user-id then grant access to that room.
I've set this up on a heroku app: https://multiple-roles-hasura.herokuapp.com/console/api-explorer
Try the following queries out in GraphiQL:
Set the headers to:
x-hasura-role: user
x-hasura-user-id: 1
Run the following query:
query {
rooms {
id
name
}
}
You'll see that the response only contains the rooms that user1 has access to
Switch x-hasura-user-id through different values 1, 2, 3, 4, 5, 6 and you'll see different results for the same query. Basically the right rooms that the only the current user has access to.
Checkout the models and the permissions for the models on:
User & Room mappings: https://multiple-roles-hasura.herokuapp.com/console/data/schema/public/tables/room_users/browse
Room permissions: https://multiple-roles-hasura.herokuapp.com/console/data/schema/public/tables/rooms/permissions

Reduce Active Directory users in Jira using LDAP Query

I am retrieving users for Active directory in Jira 7 by using LDAP. I am trying to reduce the number of users brought from LDAP to a particular group that we have created. So in order to do that i put (objectCategory=group)(cn=WebAgileDevs) in the group object filter along with the default settings. The only thing i change is the Base DN and credentials required. When i save and test it does show me that it is testing 1 group and 15 users which is what i want!(See the screenshot). BUT, when i go and sync it, it brings in 43000 users!! What am i missing???
Test Remote Directory Screenshot
The group filter is used to filter the list of groups that are imported to JIRA, and the user filter is used to filter the list of users that are imported to JIRA. The two need not necessarily correspond. Your group filter would be instructing JIRA to bring in only that one group (into the list of groups), but without further refinement, your user filter will still be pulling in all users, as you noticed. This means that you need to adjust the user filter too.
From your question, you want to import only those users who are a member of a specific group. Atlassian provides some general guidance here.
The last example on that page is particularly relevant for you:
(&(objectCategory=Person)(sAMAccountName=*)(memberOf=cn=CaptainPlanet,ou=users,dc=company,dc=com))
This tells JIRA to pull in only those user objects that are a member of the group cn=CaptainPlanet,ou=users,dc=company,dc=com. You would want to replace this with your cn=WebAgileDevs (plus whatever trailing qualifiers you need to fully qualify the group name).

Limit users to see only their group / product bugs in Bugzilla 3.4.4

In my Bugzilla 3.4.4 (maybe others too) it seems that newly created user without any rights assigned can search thru all bugs. Is it possible to block it so that users can only see them when they are assigned to the right groups?
Yes , this is possible.
Administration/Products/choose the product you want to hide/press "Edit Group Access Controls"
If you set the options of the product group to Mandatory/Mandatory without marking any of the check-boxes ,
any user that is not part of that group , will not see the bugs related to it at all.
This will work in case of new users , due to the fact that new users don't get that permission automatically (by default).
TIP: instead of manually creating group for each product , you can set Administration/Parameters/Group Security/makeproductgroups to ON
NOTE: this is true for Bugzilla 4.2.1