I have looked at many posts on this issue, but for me all the proposed solutions didnt work. I am trying to access a database with a remote user, so I am setting the connection credentials as needed. I get the error as shown in the subject of this post. I have checked all the permissions, things like that, windows/sql authentication, etc. Any quick ideas of another potential problem?
Presuming the user has the permission, and you have entered the password correctly as you say, then another thing to look at would be to ensure the user is authorized to access the database remotely.
Related
I authorized the group of a user to the cockpit-application. I gave the group full access to the Process Definition and Process Instance authorizations. (so pretty much as described in the documentation)
When I try to log the user in, I see the Welcome screen and in the application overview the option to navigate to the cockpit-application.
However, when I click this, I get the Login screen again.
For a fraction of a second I see the cockpit application, but then it immidiatly redirects to the login page. When I try to log in again, it keeps redirecting me to this login screen.
I configured another group to use the Tasklist application and that is working as expected.
I tried to give the authorization on user-level instead of group-level but the same problems occurs.
(n.b.: I am using the Spring-Camunda-Starter for this application.)
I found the problem, I accidentally removed one of the authorizations the system automatically creates when the user is created. I think I might have removed this, as I thought it was not necessary.
It is in the User Authorizations, every user has an authorization from it's own user to that user. When I added this, it fixed the problem.
I found the solution when another user logged in and had no problems. And the found this to be the only difference between the two accounts.
Hopefully this will help someone in the future!
I use the Clockify API to sync objects to and from our other databases.
I try to update the user image from our LDAP user repo; works fine on my own account, but when I try to update the image for someone else I get a 403.
That leads me to the conclusion that everything under /users is only available for the current user (even if the current user is admin of the workspace). If so, can that be clarified in the documentation?
https://clockify.github.io/clockify_api_docs/#tag-User
Is there a way to update user settings/profile for someone else?
That's right. By design, you can't edit other people's User Settings.
This is because the person in your workspace might have other workspaces (be it their own or someone else's). You're only someone's admin in your particular workspace, and they're free to have other workspaces beside yours.
Looks like you are right, I can't GET users/{userId} except for my own user ID. Attempting to get it for other user IDs, even those users on my team and I'm the owner/admin, gives the 403 Forbidden.
I would recommend reaching out to support#clockify.me, they may be able to fix it - or at least they can be made aware of the issue. I've had success in contacting them and they respond relatively quickly.
I'm working on a project to pull information from a SharePoint calendar and and post it into the atTask Time Off calendar. This should be pretty simple, but nothing in the AtTask API works the way I would expect. I've already asked about the "POST" action deleting existing records. Now I'm running into some strange rights issues.
I have administrator rights in our AtTask sandbox. I am able to access the Time Off records (RESVY) for all users on the system. I am able to delete them without issue. However, I am only able to create new records (POST) for myself. When attempting to create a new record for another user, I'm plugging in the sessionID from my login as the administrator and the other users userID.
The result is an error message: "You do not have sufficient access to edit this User".
It seems odd that the API would allow me to delete the RESVT records for another user, but no create new records.
We are using Active Directory for authentication into AtTask, so I don't have access to the passwords of the other users. This is really getting to be a headache.
Thanks in advance,
Mark
To update another users Time-Off the following 3 scenarios will allow you to mark time-off for another user. This is using the new access module.
You are a system admin
You have User Admin setting enabled in your access level settings (Located under the Fine Tuning option through the Edit Rights at the user level)
You have users who report to you (you are a manager) you will be able to edit users Time-off for users who report to you.
I've followed through the InteractiveConsole and FriendsSmash example in Unity and learnt how to request permissions during login and get the friend list of the user.
But there's one little problem bothering me a lot.
When FB.Login("email,user_birthday", LoginCallback) is called for an authorized user. The user will be redirected to the Facebook page saying "You have already authorized App-Name".
I'm thinking to only call FB.Login("",LoginCallback) to every user, and then use the FB.API to check if the correct permissions exist, and after that call the original FB.Login method. However, this doesn't seem a very wise way to do this to me.
I did a bit of research but still can't seem to find a nice way to solve this. Can anyone please help me out on this?
Thanks.
If you have status=true in your FB.Init(), it should come back with login info if the user is logged in. You can then use FB.API() and do your permissions check.
I had PlayerPrefs.DeleteAll being called for testing purposes. I found that it was removing the Facebook data so it wasn't authorising on initialisation.
Make sure you don't call PlayerPrefs.DeleteAll()
Is it because of portability? I think that it'd be better if they did, permission and group management would be safer in my opinion.
What I generally saw and did was to create a user account in the DBMS for the system, store that user name and password in a configuration file and accessed the database through it. The authentication module/plugin [always!] works independently the DBMS's user table.
Is there a reason for it?
Am I doing it wrong? :/
If I understand your question correctly, the reason is that if the plugin did that, then the user would be able to get access to your table using the user credentials, which is gigantic potential security hole. You want to give the user access to your app, not to the system running the app.