With no scope enforced on the developer key, the following request returns the Course object along with the total_students and term information:
/api/v1/courses?include[]=term&include[]=total_students
After enforcing the scope and permitting only url:GET|/api/v1/courses , the Course object returns but does not include the terms or total_student fields.
I cannot find anything in the documentation (https://canvas.instructure.com/doc/api/courses.html#method.courses.index) that would indicate these two fields require additional scope. Does anyone know if that is the case and if so, what scope is required to get these two additional attributes?
There is a setting on the developer key for "Allow Include Parameters". When that option is disabled Canvas will ignore include and includes parameters.
You can read more about it here: https://canvas.instructure.com/doc/api/file.developer_keys.html under "Canvas API Includes"
Related
I have a key in my KV store, let's say /global/test/my-key and I use a token that has the following policy :
key "/global/test/my-key" {
policy = "read"
}
Why, using the UI, I can access the URL http://localhost:8500/v1/kv/global/test/my-key/edit but I have a 403 on the following URLs http://localhost:8500/v1/kv/global/test and http://localhost:8500/v1/kv/global ?
Is there a way for me to access my key from the UI starting at the URL http://localhost:8500/v1/kv ?
NOTE: I have tried the "list" policy, but it gives read access to the other keys, which is not what I want.
EDIT: I just realized I had forgot to mention another condition that I am trying to meet. I have another key called for instance /global/secret/my-other-key and I don't want that key to be viewed from the UI nor the folder /global/secret/.
If you wish to have access to all of the mentioned paths, you should use this policy instead:
key_prefix "global" {
policy = "read"
}
This policy will give you access to global and any "sub-paths" of it.
Consul does not currently support performing recursive reads on paths where your token only has access to a subset of the keys under that parent path.
There's an open GitHub issue requesting this functionality be added https://github.com/hashicorp/consul/issues/4513. I recommend upvoting that issue to indicate your interest, and subscribe to it for updates so that you can track its progress.
If your particular use case is not accurately reflected in the initial description, feel free to leave a comment with additional information.
We were trying to implement a policy in azure to restrict role based assignment. We referenced below github policy, but during testing we observed it's not evaluating the roledefinitionIds defined in the parameter.
https://github.com/Azure/azure-policy/blob/master/samples/Authorization/allowed-role-definitions/azurepolicy.json
Tested with below roleIDs parameter -
b24988ac-6180-42a0-ab88-20f7382dd24c (Contributor Role)
acdd72a7-3385-48ef-bd42-f606fba81ae7 (Reader Role)
Ideally, it should whitelist the role IDs defined in the parameter, and deny the role assignment for other role IDs. But for some reason, during evaluation Azure policy service is not taking into account those role IDs defined in the parameter and instead restricting role based assignment for all the roles.
Need help in troubleshooting this.
I tried with this Role Definition ID and worked for me:
/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c
And if you are assigning the policy from Azure Portal and you want to provide multiple values, you need to put (;) semi-colon between the values.
You may input an invalid id. A valid Role definition id look like:
/subscriptions/%YOUR_SUBSCRIPTION_ID%/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c
Is there a Mediawiki extension or built-in wikitext function that checks if an account with a given name exists?
I'm looking for something like:
{{#ifuserexists: username|wikitext if account exists with that username|wikitext otherwise}}
There doesn't appear to be anything easy to find in that regard (search "mediawiki parser function if user exist" and "mediawiki check if user exists" on Google or Bing for example of how search engines utterly fail to find a relevant extension)
RightFunctions can probably do that.
Found something that works.
Contribution Scores provides a parser function {{#cscore: username}} that produces an activity score if the user in question exists and "Invalid username" if the user doesn't exist.
https://www.mediawiki.org/wiki/Extension:Contribution_Scores
Just a warning: #cscore produces a malformed/corrupted string object that is thoroughly incompatible with standard string processing parser functions (including #ifeq, #sub, #replace), so you can't make a template that implements conditionals based on this. All efforts to parse the output produced unexpected/wrong results or UNIQ-QINUs.
If you merely need to view the created/uncreated status of user accounts via a manually configured dashboard, #cscore is sufficient. However, it doesn't work for any programmatic or automated mechanism in wikitext except if you use a nonstandard or deep wikitext manipulation extension where the standard StringFunctions, ParserFunctions, and RegexFunctions fall flat.
In Box API v1, it was possible to request creation of a shared link for a file or folder, without caring about what kind of sharing was required. In fact, it was not possible to ask for a particular type of share - you just used the public_share method and passed in the target type (file/folder) and target ID, and optionally a share password. In an Enterprise Account, for instance, this might result in the maximum access level being "company" or "collaborators", if public links are disallowed.
With Box API v2, according to the docs here, you need to specify an access parameter that has to be "open", "company", or "collaborators".
The problem is, using the wrong type may cause the share to fail. For instance, in a folder/account that only allows collaborators, I get a 400 error if I ask for a "open" share.
What I really want is to get exactly the same result as if the user clicked the "Share" link in the Box web site. Which is, it should enable sharing for the file but default the level appropriately.
Is there a way to do this with v2, without the admin having to tell us their "preferred" access level for shared links we create? I'm using the Java SDK, like this:
BoxItemRequestObject req = BoxItemRequestObject.createSharedLinkRequestObject(BoxSharedLinkRequestObject.createSharedLinkRequestObject("open"));
BoxItem item = itemsManager.createSharedLink(<ID>, req, BoxResourceType.FILE);
Thanks,
Ben Gilbert
Smartsheet.com
Just set the access to the empty set {}
So your request would look like this:
{"shared_link": {}}
I figured out how to make this work. I need to set access to null when creating the BoxSharedLinkRequestObject, like this:**
BoxItemRequestObject req = BoxItemRequestObject.createSharedLinkRequestObject(BoxSharedLinkRequestObject.createSharedLinkRequestObject(null));
This doesn't produce quite the same JSON as was recommended (shared_link: {}), but it does produce JSON that is apparently equivalent: shared_link: { access: null }. I couldn't figure out any way to produce an empty shared_link object using the SDK -- I either had to have a null shared_link (which didn't work at all) or some value for the access field.
I am currently adding a REST API over http to an online service and I am confronted with a very simple problem for which I cannot find an answer that satisfies me:
I have mainly 2 resources: 'user' and 'reports', as you would have guessed reports are associated to users (to one and only one, = foreign key in my db)
Anyway I have this url mapping for GET :
mywebsite/api/users/{id} : returns a user and related information, or a list of users if id is not present
mywebsite/api/report/{id} : returns a report and related information, or a list of reports if id is not present
Now I would like to get the reports for a specific user, my way of doing it now is to add an optional parameter to the GET method for reports: ?username={username} and if it is present, I am filtering the results to return only the reports for this user.
I can't help but think something is wrong... if I start doing things like this I will have my methods handling GET full of if/else looking for missing parameters...
Other solutions I I thought of are:
incorporate the reports in the resulting GET on mywebsite/api/users/{id} but I have many many reports so in the end it will become really bad...
map another url just for this function, but it just doesn't feel right...
I am just getting the grips of this REST thing, I like the concept but a little explanation on this matter would really help me understand it better.
Thanks
Edit:
It seems I have hit a common problem in the REST world, I have tied my resources to a model. If you tie a resource to a model you end up having trouble with aggregate attributes.
Some guy describes this error here http://jacobian.org/writing/rest-worst-practices/ but I have yet to understand how to manage that as he said...
fyi I am using django/piston but this question should be answerable regardless of any language.
I can't help but think something is wrong...
The only thing you're doing wrong is thinking that your URI structure makes your application more or less RESTful. The original REST literature never says that query strings are bad. People tend to get hung up on URI structure and seem to think that your URIs must be structured a certain way to be considered RESTful. There is nothing wrong with using ?username=<username>. A URI is just an ID (though some can be more human friendly than others).
Bottom line: don't get hung up on how your URIs look. There are much more important things to focus on (promoting hyperlinking/hypermedia, sticking to a uniform interface - typically HTTP, cacheability, etc.).
This may be a big of a digression but, as for your comment about the coupling of resources to models, you're still okay. If you do go the /reports/ID/user route, just think of 'user' as a relationship name on your reports model. Surely your model defines the relationship between a report and a user. You can just parse the last part of your URI so that it matches the name of this relationship. In the case of one to one relationship like you describe its always a good idea to also set the Content-Location header to match the canonical URI of the user.
For example. Say report 123 belongs to user 1. You now have two ways of referring this user:
http://example.com/reports/123/user
http://example.com/user/1
For the first URI, it would also be a good idea to set Content-Location: http://example.com/user/1 header
Here's how I would implement this:
mywebsite/api/users : returns a list of users
mywebsite/api/users/{id} : returns a user and related information if user exists, otherwise 404
mywebsite/api/users/{id}/reports : returns reports for a specific user if exists, otherwise 404
mywebsite/api/users/{id}/reports/{id} : returns specific report for a specific user if exists, otherwise 404
mywebsite/api/reports : returns a list of reports
mywebsite/api/reports/{id} : returns a report and related information if exists, otherwise 404
HTH,
-aj