I use the Clockify API to sync objects to and from our other databases.
I try to update the user image from our LDAP user repo; works fine on my own account, but when I try to update the image for someone else I get a 403.
That leads me to the conclusion that everything under /users is only available for the current user (even if the current user is admin of the workspace). If so, can that be clarified in the documentation?
https://clockify.github.io/clockify_api_docs/#tag-User
Is there a way to update user settings/profile for someone else?
That's right. By design, you can't edit other people's User Settings.
This is because the person in your workspace might have other workspaces (be it their own or someone else's). You're only someone's admin in your particular workspace, and they're free to have other workspaces beside yours.
Looks like you are right, I can't GET users/{userId} except for my own user ID. Attempting to get it for other user IDs, even those users on my team and I'm the owner/admin, gives the 403 Forbidden.
I would recommend reaching out to support#clockify.me, they may be able to fix it - or at least they can be made aware of the issue. I've had success in contacting them and they respond relatively quickly.
Related
I authorized the group of a user to the cockpit-application. I gave the group full access to the Process Definition and Process Instance authorizations. (so pretty much as described in the documentation)
When I try to log the user in, I see the Welcome screen and in the application overview the option to navigate to the cockpit-application.
However, when I click this, I get the Login screen again.
For a fraction of a second I see the cockpit application, but then it immidiatly redirects to the login page. When I try to log in again, it keeps redirecting me to this login screen.
I configured another group to use the Tasklist application and that is working as expected.
I tried to give the authorization on user-level instead of group-level but the same problems occurs.
(n.b.: I am using the Spring-Camunda-Starter for this application.)
I found the problem, I accidentally removed one of the authorizations the system automatically creates when the user is created. I think I might have removed this, as I thought it was not necessary.
It is in the User Authorizations, every user has an authorization from it's own user to that user. When I added this, it fixed the problem.
I found the solution when another user logged in and had no problems. And the found this to be the only difference between the two accounts.
Hopefully this will help someone in the future!
We are using AEM 6.4.8 version.
Tried to lock a page through AEM interface as an admin and that was successfull
Tried to unlock the same page as an admin and it is not working. Unable to unlock the page eventhough I am part of admin group.
This is happening in all our environment across al projects. So seems like a instance wide issue.
Can anyone shed some light whats happening here?
Have read in many threads that admin should be able to unloack in any case. But in this scenario, thats also not working
Any specific permissions or so we need to check ?
As far as I know, an admin account won't cut it. You need the built-in admin account. As per Adobe's help pages.
The original user holding the lock does have permission to unlock the page. However, other users, even if a member of the administrators group, DO NOT have the right to unlock pages that have been locked. Only the "admin" account has this right.
Emphasis mine.
I have looked at many posts on this issue, but for me all the proposed solutions didnt work. I am trying to access a database with a remote user, so I am setting the connection credentials as needed. I get the error as shown in the subject of this post. I have checked all the permissions, things like that, windows/sql authentication, etc. Any quick ideas of another potential problem?
Presuming the user has the permission, and you have entered the password correctly as you say, then another thing to look at would be to ensure the user is authorized to access the database remotely.
Hard to find a meaningful title. I hope I get clearer now.
I'm building a service which is similar to doodle regarding the authentication model. The user can "create" something (using a form). There will be two different views. One for the creator where he can modify his settings and another one for public access.
I don't want to force users to register / log in. So I came up with a URL structure like doodle has:
/{some-id} -> public access
/{some-id}/admin/{some-token} -> settings page for the owner
The question now is how I can deal with this best. Currently I pass the token to all admin related Methods. But I don't feel comfortable with that.
I also thought about some server side session. I found two meteor packages but they are both not actively maintained anymore.
Another idea was to misuse the built in user management but without the user to recognize it. But I don't think that's feasible.
So now I'm asking you if you have a nice way of dealing with this. I hope I made clear what I want to do.
There are many ways of doing it. One way is to reuse Accounts package.
You user id is {some-id} and the password is {some-token}.
When you create new page. You create new user on server side using Account.createUser.
When you enter url /{some-id}/admin/{some-token}Meteor.loginWithPassword.
As far as permissions are concerned, I'm asking for email only (apart from the basic info).
Now, I can use an application access token to query https://graph.facebook.com/FB-USER-ID/movies and get the list of movies the user likes, but this only works for some users and not others.
You're supposed to have to ask for the user_likes and/or friends_likes permission to be able to see this info. Because I can see it for some users, my first guess was they have that information public, and others don't. But I can't find such a setting on Facebook.
Anyone knows what's going on here?
The settings are in the gear cog on this page http://www.facebook.com/editprofile.php?sk=activities so you can set who can view what.
What you want to do is ask for your user_likes permission so that you can get that access to private profiles too.