I use xwiki Enterprise 7.4. The official way to install extensions is to use either Import feature or Extension Manager. Both ways require user interaction. I would like to automate extension installation process, so no user interactions for extension installation. Is it possible? I've automated spaces/pages creation via REST API. Maybe it's possible to use REST API to do it, I can't find it in documentation.
Why do I need it? It's simple: I've automated all the steps of deployment/migration process for my application and I would like to automate xwiki extension installation too.
As indicated by Vincent, you can use the extension script service from inside XWiki. This script service is what the UI is using so everything the UI is doing can be done also by any script (as long as the script author has proper rights).
I just wrote a Velocity example on http://extensions.xwiki.org/xwiki/bin/view/Extension/Extension+Script+Module#HNon-interactiveandsynchronousinstall:
{{velocity}}
## Create install request for extension with id org.xwiki.contrib:extension-tweak and version 1.3 on current wiki
#set($installRequest = $services.extension.createInstallRequest('org.xwiki.contrib:extension-tweak', '1.3', "wiki:${xcontext.database}"))
## Disable interactive mode
$installRequest.setInteractive(false)
## Start install
#set($installJob = $services.extension.install($installRequest))
## Wait until install is done
$installJob.join()
{{/velocity}}
All you need is to put the Thomas' script in a page. You can use the REST API for that. See: http://platform.xwiki.org/xwiki/bin/view/Features/XWikiRESTfulAPI#HPageresources
Then you call the URL from your application.
Ex: you put the code in XWiki/AutoInstall with a REST call and then you can call this page with the following url:
http://localhost:8080/xwiki/bin/get/XWiki/AutoInstall
I suggest to use the "get" action from the URL to avoid unnecessary informations.
The XWiki Core dev team is aware of this and it's in the roadmap but it's not done yet. For example you can see that it was planned for the 8.0 roadmap but it slipped (http://www.xwiki.org/xwiki/bin/view/Roadmaps/Archives8xCycle/).
Continue improving upgrade tools: Scriptable upgrades (priority 1), Simulation (priority 2)
It seems there's no issue created for this at the moment. Would be great if you could create a JIRA issue at http://xwiki.org in the XWiki Platform project.
Now regarding extensions, there's some Script Service that can be used to manipulate extensions, see http://extensions.xwiki.org/xwiki/bin/view/Extension/Extension+Script+Module
However this documentation is pretty terse. You could check the java code at https://github.com/xwiki/xwiki-platform/blob/95abd2951123431c1624c124b49ca7a88b41be00/xwiki-platform-core/xwiki-platform-extension/xwiki-platform-extension-script/src/main/java/org/xwiki/extension/script/ExtensionManagerScriptService.java#L84-L84
I've not personally used this script service so I can't give real examples of using this API
Related
My searches have turned up nothing concrete. My extension uses Google's file picker to allow the user to browse their sheets and choose a desired file to write some data to, which manifest v3 breaks because of some GAPI limitations. Unless I've missed something obvious, there does not seem to be a simple workaround or method for this to migrate to v3 -- it just seems to be disallowed.
I'm not asking if there's a way to do something that they intend to not be possible (even though I doubt such a thing would exist with Google) but I'm optimistically hoping that maybe there is some hacky/annoying workaround that still fits within their rules. If I absolutely have to just allow them to set a sheet URL manually I will...I'm just trying to avoid it.
Any tips or suggestions would be appreciated.
You may have to test it yourself to make sure there are no weird behaviors, but Google has some recommendations regarding this in their migration guide:
In Manifest V3, all of your extension's logic must be included in the extension. You can no longer load and execute a remotely hosted file. A number of alternative approaches are available, depending on your use case and the reason for remote hosting. Here are approaches to consider:
Configuration-driven features and logic
In this approach, your extension loads a remote configuration (for example a JSON file) at runtime and caches the configuration locally. The extension then uses this cached configuration to decide which features to enable.
Externalize logic with a remote service
Consider migrating application logic from the extension to a remote web service that your extension can call. (Essentially a form of message passing.) This provides you the ability to keep code private and change the code on demand while avoiding the extra overhead of resubmitting to the Chrome Web Store.
Bundle third-party libraries
If you are using a popular framework like React or Bootstrap, you can download the minified files, add them to your project and import them locally.
For your case, option #3 seems like the easiest. Looking at the Google Picker API documentation it only uses two relatively small script files, https://apis.google.com/js/api.js and https://accounts.google.com/gsi/client. You could try to bundle these in your Chrome extension and call the methods locally.
I have a pentaho community server 8.1 already running and i would like to know if this version has a API avaliable? Im using the following code to and getting a 200 but there is no basic so i can authenticate correctly.
import requests
data = {"j_username": "admin","j_password":"password"}
r = requests.post('http://(serverip):8080/pentaho/j_spring_security_check', data = data)
Is the authentication for this api configurable?
The whole idea is that i can use the scheduler since the spoon for the community version doest has access to it BUT i tried using the enterprice client and i was able to schedule so the module is there you just cant reach it.
Thanks!
Yes, and the full API is documented here:
https://help.pentaho.com/Documentation/8.1/Developer_Center/REST_API
Note: If you want to enable username/password authentication on the URL you have to edit security.properties and reboot . (an older insecure approach, but for the purposes of development possibly simpler to get you going)
You're absolutely right - the CORE platform does have the functionality, just not the UI so you're more than welcome to use the API to use the scheduler engine.
I want to install and configure telligent with sitecore 8.1. In Telligent documentation i don't know from where i should start installing the telligent, there are lots of process defined. can any one tell me the process to install telligent with sitecore 8.1.
The first thing to understand is that they are 2 different products so you need to first install both of them separately according to their own system requirements. Generally Sitecore keeps this documentation here : https://dev.sitecore.net/
To install Telligent Community refer to here:
https://community.telligent.com/documentation/w/telligent-community-90/52408.install-telligent-community
Once that is done you have 2 ways to integrate:
REST Apis and Single Sign On Modules. You could use the cookies auth module to do single sign on then you need to gather data from Telligent Community from its REST API.
community.telligent.com/training/w/developer90/52426.cookies-authentication#
community.telligent.com/training/w/developer90/52429.rest-api
The recommend way is the use the Telligent Community REST SDK which is still using REST but makes it easier and has some single sign on capabilities built in. There is also some samples you can refer to.
community.telligent.com/training/w/developer90/52432.rest-sdk
github.com/Telligent/Community-Rest-SDK
github.com/Telligent/Social-SitecoreSDK-Samples
community.telligent.com/training/w/developer90/52432.rest-sdk
forgive the non-links, it will not let me post that many.
I am trying to install a privileged helper tool to perform some elevated work. I am using SMJobBless for the same.
I am able to install the tool fine and also able to communicate with it. I am using Mac OS X 10.8.4 and using NSXPCConnection for the same.
I have added .mach service in the plist which will be installed in /Library/LaunchDaemons. I am using [initWithMachServiceName:options:] in the app as the helper is privileged tool and [– initWithMachServiceName:] in the helper to listen. The communication is working fine.
But the problem is I tried the same communication with another application I created which did not have any codesign at all (the helper tool installer earlier was codesigned). I tried to connect to the mach service of the helper tool and was able to connect easily. This is a problem because anybody can communicate with it then and make it do anything.
I wanted some way to securely communicate between my application and the helper tool.
Thanks a lot.
As you've said that you're not signing the second app, I believe that that is the problem that is allowing a 2nd app from calling the helper application. From the Apple docs and specifically the ReadMe file in SMJobBless, it states: -
The Service Management framework uses code signatures to ensure that the helper tool is the one expected to be run by the main application
This document should be able to assist you in getting the helper app correctly associated with its owner.
Note that it references a python script, which is provided here.
Answering my own question: I had logged a radar bug for the same and Apple said that the behavior was intended:
"It is up to the privileged helper to not expose insecure operations"
I'm in the process of installing an open-source Python based web application to an internal server here at work. The existing code is open - it doesn't require a login to view it - but one of the requirements is that users have to be approved before they can see anything.
Is there a good way (using Apache configuration files for example, but any method would be great) to wrap the application so that any access requires a login? I would like to avoid modifying the open-source code (a maintenance nightmare every time a new release comes out).
Any thoughts or suggestions?
Apache supports Authentication, Authorization and Access Control.
It is a detailed process, and summarising it here would not do it justice. I refer you to the link provided,