Is it possible to create Smart Rules either using the provided REST interface or c8y.core angular-module on a custom Cumulocity application. I am trying to create a Cumulocity application using the smart app toolkit in which the user should be able to configure thresholds for alarms and define whether an sms/e-mail notification should be activated for this alarm. These things can be done in the cockpit-applications smart rules-section.
You can create and manage CEL rules from your own applications using this REST API: https://cumulocity.com/guides/reference/real-time-statements or this JavaScript API: http://resources.cumulocity.com/documentation/jssdk/latest/#/core/c8y.core.service:c8yCepModule.
There is currently no open API for Smart Rules, but you can get all functionality by using the above APIs (e.g., use SendSms or SendMail channels).
The way SmartRules work is that they have a backed CEL with placeholders. The UI then creates a configuration managed object and replaces the placeholders in the CEL with the ID of this object. Afterwards the CEL gets deployed.
You can use a similar logic to realize something like a SmartRule.
Related
I understand GeneXus has the 'External Object' feature, which I can only assume is used for setting up API calls, however, I can't seem to find any documentation online for doing this. I have an external software and I wish to run a GET API call (ie api.domain.com/example) and input the received data into a transaction in my GeneXus software. Any way of doing this?
For calling HTTP APIs you should use the HttpClient Data Type.
&httpclient.Host = "labs.genexus.com"
&httpclient.BaseUrl = "/mobilecrm/rest/"
&httpclient.Execute('GET','WorkWithDevicesCompany_Company_List_Grid?fmt=json')
&companies.FromJson(&httpclient.ToString() )
Look at this sample
External Objects are used to integrate native objects, such as External Programs packaged as DLLS (.NET) or JARs (JAVA). This seems not to be your case.
I have an enterprise application comprising of EJBs and have some REST apis as well . Also i have some other services which consume my beans e:g ui services . My EJBs are annotated with role based annotations i:e RolesAllowed , DeclareRoles . I have some REST APIs as well in my application where i need to have access control for few resources and have some other APIs with unrestricted access.
In such a scenario where should RBAC be implemented? At the bean level or at the REST API level ?
Here are some elements of response:
First of all try to define your access control layer in configurable, decoupled way. Using a framework such as spring-security, jaas, or xacml is a great way forward. This is called externalized authorization.
Secondly, think of what matters to you most: is it the functionality exposed via REST? Is it the beans? Is it the data? You typically want to protect as close as possible to what matters most to you.
Thirdly, does it make sense to protect in two places at the same time? Often times, it will. For instance, you want to protect your data (e.g. sensitive banking data). At the same time you want to control access to the processes (i.e. the functions exposed via your API, be it REST or something else).
Ultimately, what matters most is that you centralize your autorization logic into a single repository: this could be a set of roles and permissions (as defined in rbac) or a set of policies (as defined in abac). What you then do in your API layer and / or your EJB layer is call out to that centralized location to check for authorization.
Have a look at this diagram (which stems from xacml. It shows that you can apply your authorization checks wherever you deem necessary so long as you call out to the external decision point or so long as you consistently manage your roles across your different systems:
I'm building an Ember application with ember-cli and, as a persistence layer, an HTTP API using rails-api + Grape + ActiveModelSerializer. I am at a very basic stage but I want to setup my front-end and back-end in as much standard and clean way as possible before going on with developing further API and ember models.
I could not find a comprensive guide about serialization and deserialization made by the store but I read the documentation about DS.ActiveModelSerializer and DS.ActiveModelAdapter (which says the same things!) along with their parent classes.
What are the exact roles of adapter and serializer and how are they related?
Considering the tools I am using do I need to implement both of them?
Both Grape/ActiveModelSerializer and EmberData offer customization. As my back-end and front-end are for each other and not for anything else which side is it better to customize?
Hmmm...which side is better is subjective, so this is sort of my thought process:
Generally speaking, one would want an API that is able to "talk to anything" in case a device client is required or in case the API gets to be consumed by other parties in the future, so that would suggest that you'd config your Ember App to talk to your backend. But again, I think this is a subjective question/answer 'cause no one but you and your team can tell what's good for a given scenario you are or might be experiencing while the app gets created.
I think the guides explain the Adapter and Serializer role/usage and customization pretty decently these days.
As for implementing them, it may be necessary to create an adapter for your application to define a global namespace if you have one (if your controllers are behind another area like localhost:3000/api/products, then set namespace: 'api' otherwise this is not necessary), or similarly the host if you're using cors, and if you're doing with cli you might want to set the security policy in the environment to allow connections to other domains for cors and stuff like that. This can be done per model as well. But again, all of this is subjective as it depends on what you want/need to achieve.
I'd read it somewhere that whenever one needs to do data intensive work then Webapi could be used. Ex: autocomplete textbox where we get data from using ajax on key press.
Now someone told me that Webapi shouldn't be used within applications which are not externally accessed. Rather action should be used to the same work as it is capable of returning the data back in a similar fashion to webapi.
I'd like to know your suggestions over it.
Depends on how you look at it. If all you need is ajax-ification of your controller actions, then you really don't need Web-API. Your actions can return a JsonResult and it is very easy to consume that from your client side through an AJAX call.
Web-API makes it easy for you to expose you actions to external clients. It supports HTTP protocol and Json and XML payloads automatically, out of the box, without you writing the code for it. Now, there is nothing preventing you from consuming the same Web-API actions from your own internal clients in an AJAX manner.
So the answer to your question depends on your design. If you don't have external clients, then there is no string need for you to have Web-API. Your standard controller actions can do the job.
We're currently working on a Worklight project using Dojo (more specifically dojox/app). We managed to create a basic example with a store, model, controller and a view. However, now we want to connect this to our Worklight adapter.
What is the best approach in connecting a Dojox/app application to the backend? We were thinking about feeding our store with the data from the Worklight adapter, however, we need to do all CRUD operations and our data should be in sync with the server because multiple users might be working at the same item.
The best general solution I can think about is using a JsonRest store, but we're using the WL.Client.invokeProcedure function that calls our adapter, so we're not directly using the service.
We found a solution by using the WL.JSONStore from WorkLight. The API of it isn't compatible with the dojo/store API (logically since it wasn't meant to be), but we wrote a dojo/store API based proxy class which does nothing more than translating and forwarding calls to the WL.JSONStore.