I have been struggling over this for some time now.
What do I need:
I need to open calendar item of a user who has shared his/her calendar with me.
What I have done so far:
So I have a userA who wants to access to UserB's calendar event and edit it.
To access the item, first thing I did is, make UserB share its calendar with User A and give edit permission like below
Now this userA (test1 on pic) have full access. I go ahead and create a new meeting on User B's calendar. Then I open fiddler and grad the event ID from Response:
I am running an add-in on UserA mailbox that has 1 button and onclick it calls
Office.context.mailbox.displayAppointmentForm(itemId)
When I click it, as you may expect I get the event details like below:
Everything is smooth so far. Now I go ahead and click Edit. Since I gave the edit permission , I am expecting to be able to edit it. I go ahead and click edit and this is what I get:
The action could not be completed. Access denied error.
I thought may be it is permission issue, may be giving it edit does not really let it to edit. So I tried giving User A full permission over user B's Mailbox - Not just calendar, whole mailbox- but that did not solve it either.
I have been in contact with Microsoft Dev Chat but unfortunately they could not reproduce my situation, and it seemed to work for them smoothly.
Love to hear some insights and hopefully a solution.
Currently, Outlook add-ins are not fully supported in shared calendars/mailboxes. However, this is a feature that we are currently investigating.
Related
I use the Clockify API to sync objects to and from our other databases.
I try to update the user image from our LDAP user repo; works fine on my own account, but when I try to update the image for someone else I get a 403.
That leads me to the conclusion that everything under /users is only available for the current user (even if the current user is admin of the workspace). If so, can that be clarified in the documentation?
https://clockify.github.io/clockify_api_docs/#tag-User
Is there a way to update user settings/profile for someone else?
That's right. By design, you can't edit other people's User Settings.
This is because the person in your workspace might have other workspaces (be it their own or someone else's). You're only someone's admin in your particular workspace, and they're free to have other workspaces beside yours.
Looks like you are right, I can't GET users/{userId} except for my own user ID. Attempting to get it for other user IDs, even those users on my team and I'm the owner/admin, gives the 403 Forbidden.
I would recommend reaching out to support#clockify.me, they may be able to fix it - or at least they can be made aware of the issue. I've had success in contacting them and they respond relatively quickly.
Creating an outlook add-in for calendar and it will appear when user opens appointment window. In order to authenticate user, we are using magic link.Following is the current flow :
First time user clicks in add-in window ,clicks a button and gets a magic link in email.
User clicks on magic link, IE browser is launched and user gets a token.
User copies this token and paste in outlook-addin, clicks authenticate and it all goes through.
Problem with this approach is horrible user experience as user has to click multiple times and it might require some training to get users used to this part. Best would have been, clicking magic link Add-in would have got auto-launched and read token in email which I don't think is possible.
We even thought of reading email body with a add-in and extract token using regular expression. This seems to have issues such as performance and particularly adding a new add-in for email view or configuring the existing add-in for email as well as calendar.
Is there any better way to provide seamless user experience without changing the magic link?
I'm a little confused as to whether the token is already in the email body or can only be retrieved after clicking on the magic link. It is possible to read and parse the email messages for the token from the calendar add-in using REST API's (https://developer.microsoft.com/en-us/graph/docs/api-reference/v1.0/api/user_list_messages), but I wouldn't recommend that route as it's a bit convoluted. Otherwise, I can't think of a better solution than the ones you've suggested. If magic link is not a hard requirement, I would definitely go with one of these other authentication options.
I have set up a form where when someone presses the "Submit" button it initiates a site workflow to create a list item. It all works well when I (full control permissions) do it, but if someone with contribute permissions tries, it fails. I tried adding an impersonation step, but that doesn't seem to be working either. Also, I am trying to record the person who created the list item, and the impersonation step uses my name (workflow author) for "Created By."
Any suggestions as to what I could've possible done wrong, or what I should try to do/add? Thanks in advance...
Simple answer is No.
As you can see the checkboxes in workflow property, you can set the trigger to be
trigger itself when item added or modified.
manually start by users.
For the read-only user, they are not able to click the "start a workflow" button. Also, these users do not have permission to add or modify list item.
You can configure your workflow with "impersonation step". In this way, the workflow will be running under the account of "workflow creator" instead of the user trigger the workflow. However, even you applied "impersonation step", the read-only user still not able to trigger a workflow
I'm working on a project to pull information from a SharePoint calendar and and post it into the atTask Time Off calendar. This should be pretty simple, but nothing in the AtTask API works the way I would expect. I've already asked about the "POST" action deleting existing records. Now I'm running into some strange rights issues.
I have administrator rights in our AtTask sandbox. I am able to access the Time Off records (RESVY) for all users on the system. I am able to delete them without issue. However, I am only able to create new records (POST) for myself. When attempting to create a new record for another user, I'm plugging in the sessionID from my login as the administrator and the other users userID.
The result is an error message: "You do not have sufficient access to edit this User".
It seems odd that the API would allow me to delete the RESVT records for another user, but no create new records.
We are using Active Directory for authentication into AtTask, so I don't have access to the passwords of the other users. This is really getting to be a headache.
Thanks in advance,
Mark
To update another users Time-Off the following 3 scenarios will allow you to mark time-off for another user. This is using the new access module.
You are a system admin
You have User Admin setting enabled in your access level settings (Located under the Fine Tuning option through the Edit Rights at the user level)
You have users who report to you (you are a manager) you will be able to edit users Time-off for users who report to you.
I visited a remote site the other day where I will be seeing people at in the future. While there I had a user choose "SITEX - CONSULT ROOM 1" Calendar, right click and go into to the Calendar properties --> Permission --> Add .. and add my name as an Owner.
Now returning to my own machine and Outlook it doesn't seem to come up, and I cannot seem to work out the name when searching for it.
Is there any way in VBA to search Exchange server for the Calendar(s) shared to me?
No, you can get a list of mailboxes to which you have delegate access (that information is stored in the AD and is accessible through the Extended MAPI or Redemption), but per-folder access rights are stored on the folder itself. There is no master list.