Groups not working in Google API console - permissions

It appears that I can add a group to a Google Developers Console project.
Project owners can share a project with an email address that represents a group, but every project must have at least one project member that is an individual, not a group.
To add a team member or group, select Add Member. You must provide an email address that is associated with a Google account. If the email address belongs to an individual, an invitation flow is triggered, and the new project member must accept the invitation before they can access the project. If the email address belongs to a group, the group is added right away, with no invitation step.
However, when I add a group, the project does not appear for members of the that group, and when they go to the URL, they see
Error The project you requested is unavailable.
Is the documentation out-of-date, is there a bug, or am I missing something?

Started working (more than 5 minutes later, not sure how much more).
Likely, the only inaccuracy is
If the email address belongs to a group, the group is added right away

Related

How to determine the exact number of users of a web application?

The company I am working at offers a web based calculation tool which has to be paid monthly (a fixed price for a license).
Normally, users go to our website and authenticate themselves with their credentials and then can use the application. When they cancel their subscription they are not able to use the tool anymore, obviously.
Now another company called us because they want to provide our application for their own clients. We have already fixed that they have to pay a license fee for every of their clients. But there is also a restriction: their users should not have to log in on any of our websites (only on the website of our client). But the web application is hosted on our server and is loaded as an iframe.
Now there is that problem that we are not sure whether our client tells us the correct number of people who use our application wherefore we would like to verify that in some way.
One of my ideas is the following:
Our client has to call an API for every users who would like to use our application in order to submit some information like name or an unique ID of that user
When the user would like to access our application, an ID parameter is appended to the iFrame URL
I think that this is not a very good solution because our client could use the same ID for every access and pretend that only one users uses the application. By saving the ip address and id of the accesses it is possible to determine fraud in some cases because ip address will not change frequently.
We even do not have to know WHICH user accesses the application but only the NUMBER of users per month.
I am interested if there is a cryptographic solution where it is hard to cheat. Something like an authentication method which does not require any interaction of the user.
Well you can't. You should require the partner to issue a token for each user so you know they came from the partner.
You could have the partner call an api you expose to issue a one time token for a user and specify user id and IP. You could alternatively have the partner digitally sign such a login request.
If you bill the partner per user, and the partner decitfull he could claim less users.
You can fingerprint the users, you can give long term coockies, you can check IP and fonts installed etc. These will allow you to detect most types of fraud.
If you give a declared userId a cookie and then see him again without it, you assign him a new cookie and then later see the first cookie again while the partner is always declaring same id that is a very strong indicator of fraud.
If I was the decietfull partner I would pair up geographicly close users and merge their IDs. it would look no different from a user with two devices. But this still limits the extent of fraud possible. Two devices per user is plausible. 10 less so.
Find business partners you trust.

PayFort Integration in swift

Not able to create PAYFORT Sandbox test account.Where I get merchant identifier number.
How to register PAYFORT test account
How to get the merchant_identifier
How to get the access_code
How to get the service_command
I do not have any Idea about PayPort.Please share any Example program related to Swift.From PAYFORT where I create the sandbox test account
"https://www.payfort.com/get-started/".From this link, I entered the personal details once complete the details try to login to PAYFORT, not able to log in.
I've been facing similar questions and so emailed the PayFort support team. Here is the response I got:
Good afternoon and thank you for contacting PayFort.
Please be advised that in order for you to have the account created
in the SANDBOX (https://testfort.payfort.com) environment, the first
contact has to be initiated by one of our Pre-Qualifications team
members after receiving a documented request in a form of registration
from our website. (www.payfort.com)
The pre-qualification stage entails knowing the company/
organization's business and requirements. Qualifications are as
follows:
The company has a legal setup in the countries mentioned on our
website. The company's business module is supported by PayFort.
For more information about the businesses we support and countries,
please click on this link: http://www.payfort.com/payfort-faqs/
After the qualification stage, one of our Sales Representative will
get in touch with you to get a deeper view of the business so as to
suggest the payment solution that would suit your requirements.
Then only the TEST/SANDBOX account is created by our team to start the
Integration process.
If you wish to proceed, please kindly register on the above link or
send a direct email to sales-uae#payfort.com.
Register your self on https://www.payfort.com/get-started/ by giving your company info and wait for the email from PayFort. they'll send you the info about your test account.
you can login your test account on https://testfort.payfort.com and find your access code and merchant identifier from "Integeration Settings" menu and "Security Settings" option. you can also see the attached image so you can easily find the access code and merchant identifier.
the service_command is a static value "PURCHASE" in capital letters.

Accessing Bigcommerce' s %%GLOBAL_CustomerId%% variable

How can I have access to bigcommerce's %%GLOBAL_CustomerId%% variable?
I create a sample template and logged in with as a user. That variable doesn't show up. Isn't it suppose to be a Global variable?
Background: I want to create an app for bigcommerce that can identify a user base on their customerID. If I can't grab that variable, you guys see any other way to work around this?
It's not immediately clear in the docs, but you can use %%GLOBAL_CurrentCustomerEmail%% anywhere on the template to get the email address of the currently logged in user.
If you need the customer's ID, then you can query the API with the email as a parameter.
Personally, I'd rather "trust" the customer's email as a point of identification, because you never know if the Bigcommerce ID's may get changed or not (example: Customers are deleted and then reimported, now having brand new ID's).
On a subject of security though, you cannot trust client side data, and should attempt to mitigate fraudulent requests through the use of a CSRF token or some similar measure. Otherwise, anyone can send you an email address and receive back a list of that person's favorite products -- golden information for say, a targeted advertising company, or just your suspicious next-door neighbor Joe who seems to always be conveniently checking his mail right when you get home from work, but never says anything when you walk by, not even a wave or a smile, despite the fact that you all have been neighbors for quite some time now. Like, should I say something? Hahaha, I kid I kid.

How to build a jabber client using libstrophe

I'm trying to make a simple Jabber client using the libstrophe library.
It's going fairly well so far, except for one thing for which I need some clarification.
Namely, how am I supposed to (continuously) know the status (i.e., Online/Offline) of contacts, so that I can display it to the user of my program? Similarly, how am I supposed to request the roster of the user?
I've looked at the roster.c example provided by libstrophe, but that only prints out the roster once. In a real application, I'll need to request/update this continuously, in order to show any new contacts the user added, etc., in the application.
So basically, I'm unclear on how to make sure that I always display the most current roster and most current statuses of people in my user's contact list.
Am I just supposed to request the roster at some predefined time interval, for example?
roster and presence are 2 different topics.
When you login you normally request the roster which you are doing already. When your contact lists changes during your session you get a roster push with the updated contact. This is an stanza. It doesn't matter if another logged in client manipulated the roster our your client.
The online state called presence of all your subscribed contact comes in with stanzas.
You have to setup handlers with xmpp_handler_add for
Online state, presence stanzas
Roster pushes, iq stanzas with query of namespace jabber:iq:roster

iTunes connect will not let me add myself as a user

I am working on an app in iTunes connect for a client, under their iTunes connect account. I want to add myself as a user so that I can get email notifications of updates in app status. When I try to add myself as a user I get the following message:
The email address you entered already belongs to an iTunes Connect account. To continue, enter a different email address
I am using this email address on my own company's iTunes connect account, but not on my client's account. How can I add myself as a user?
#sarnold Turning your comment into an answer because it worked for me.
Two Separate Websites
Apparently for historical and organizational reasons, Apple operates their developer and app store business in a bifurcated manner.
developer.apple.com
The web site for all the technical resources, including documentation, WWDC videos and such.
itunesconnect.apple.com
This completely separate web site handles the business end:
Contracts, banking, payments.
Uploading your finished app.
Defining your In-App Purchase products.
Problem: Different Handling Of Accounts
The developer.apple.com site is slick in that a programmer can have a single Apple ID used to join multiple developer accounts. She may work for three different companies, and be assigned a role on each of those companies’ Developer accounts all on the same Apple ID. When she logs in to the Developer site, she is presented with a popup menu asking which of the three companies’ Developer accounts she wants to access during this work session. Nice.
The problem: in iTunesConnect, not so nice. In iTunesConnect, the "admin" person cannot assign existing Apple IDs as members with a role. Very strange. The admin is forced to create a new ID for each person being adding to the team. That means the person joining must have multiple email address. If an admin tries to add you to their iTunesConnect with an email address already used on some other company's iTunesAccount, an error message reports that email address / Apple ID is already in use. Obviously the programming team running the iTunesConnect site could use some help from the Developer site's team. ☹
Workaround: Email Address Trick
The workaround cited by sarnold involves a feature of email addresses. The spec for email servers has a feature where you can extend your email address. You can add a suffix to the first part of your email name by appending a "+" PLUS SIGN. From what I could figure out, the email software first looks for the extended name. If no such name is found, it drops the extension and looks again. If found, the shorter version of the email address is actually used.
So if the programmer Susan wants to use her email address susan#example.com for a second or third iTunesAccount, she tells her client's admin person at Acme Corporation to use something like this as her email address: susan+acme.com#example.com. Apple will still create a needless extra Apple ID for Susan, but at least Susan does not have to bother with creating and accessing extra email accounts. The emails sent by Apple will arrive at her susan#example.com address.
Susan double-checked this would work before talking to the admin person. She sent herself an email to susan+acme.com#example.com to make sure it arrived at the susan#example.com account.
Effectively, the email servers are not fooled by the extended email address, but iTunesConnect is fooled into creating an new Apple ID using an old email account.
Basically, you can't invite other iOS devs to review your efforts seems to be the result of this policy.
I had (and have) the exact same problem... what makes me kinda like FlavorScape's suggestion ;)
What I did is something similar to sarnold's comment: I used an alternative email address (_#gmail.com instead of _#googlemail.com) and this actually created a new AppleID with this email address.
It works fine, but it would be so much better to just connect my actual Developer account to my client's.
The way it's like at the moment, I can not even access the developer resources and (most importantly) the provisioning center with the new Apple ID, so my client has to do create new provisioning profiles and stuff, which is pretty frustrating and complicated.
Additionally, it is a pain to let him test the Apps on his own devices, because of the developer certificate is installed on my Mac, not his, and I am therefore the only one (or better, my Mac is the only computer) that can install new provisioning profiles on his devices.
Is there a better way to connect the accounts and solve these problems?
Cheers,
Nils
Apple now will allow the same email address to be invited to multiple itunes connect accounts and no longer allows new emails to be added with the +. Just a word of warning to others who were doing this the original post is now out of date with Apples new policy it seems.
#knl: The problem in the original question is specifically with iTunes Connect. If you want to be able to manage the Provisioning center -- to make profiles etc -- ask your client to add you to that account. Here are the steps:
Go to "Member Center"
Select the "People" tab
Click on invitations
Select "Invite person"
in the next screen they can select your role including "Member" (limited access) and "Admin" (full access)
From apple documentation:
You can only create test user accounts using an iTunes Connect
accounts with the Admin or Technical role assigned to it. Test users
do not have access to iTunes Connect, but will be able to test in-app
purchases in a development environment on a registered test device.
Link here